diff options
Diffstat (limited to '')
| -rw-r--r-- | modules/pam_pwhistory/README | 66 | ||||
| -rw-r--r-- | modules/pam_pwhistory/README.xml | 41 |
2 files changed, 107 insertions, 0 deletions
diff --git a/modules/pam_pwhistory/README b/modules/pam_pwhistory/README new file mode 100644 index 0000000..161bebc --- /dev/null +++ b/modules/pam_pwhistory/README @@ -0,0 +1,66 @@ +pam_pwhistory — PAM module to remember last passwords + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +This module saves the last passwords for each user in order to force password +change history and keep the user from alternating between the same password too +frequently. + +This module does not work together with kerberos. In general, it does not make +much sense to use this module in conjunction with NIS or LDAP, since the old +passwords are stored on the local machine and are not available on another +machine for password history checking. + +OPTIONS + +debug + + Turns on debugging via syslog(3). + +use_authtok + + When password changing enforce the module to use the new password provided + by a previously stacked password module (this is used in the example of the + stacking of the pam_passwdqc module documented below). + +enforce_for_root + + If this option is set, the check is enforced for root, too. + +remember=N + + The last N passwords for each user are saved in /etc/security/opasswd. The + default is 10. Value of 0 makes the module to keep the existing contents of + the opasswd file unchanged. + +retry=N + + Prompt user at most N times before returning with error. The default is 1. + +authtok_type=STRING + + See pam_get_authtok(3) for more details. + +EXAMPLES + +An example password section would be: + +#%PAM-1.0 +password required pam_pwhistory.so +password required pam_unix.so use_authtok + + +In combination with pam_passwdqc: + +#%PAM-1.0 +password required pam_passwdqc.so config=/etc/passwdqc.conf +password required pam_pwhistory.so use_authtok +password required pam_unix.so use_authtok + + +AUTHOR + +pam_pwhistory was written by Thorsten Kukuk <kukuk@thkukuk.de> + diff --git a/modules/pam_pwhistory/README.xml b/modules/pam_pwhistory/README.xml new file mode 100644 index 0000000..f048e32 --- /dev/null +++ b/modules/pam_pwhistory/README.xml @@ -0,0 +1,41 @@ +<?xml version="1.0" encoding='UTF-8'?> +<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" +"http://www.docbook.org/xml/4.3/docbookx.dtd" +[ +<!-- +<!ENTITY pamaccess SYSTEM "pam_pwhistory.8.xml"> +--> +]> + +<article> + + <articleinfo> + + <title> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_pwhistory.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_pwhistory-name"]/*)'/> + </title> + + </articleinfo> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_pwhistory.8.xml" xpointer='xpointer(//refsect1[@id = "pam_pwhistory-description"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_pwhistory.8.xml" xpointer='xpointer(//refsect1[@id = "pam_pwhistory-options"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_pwhistory.8.xml" xpointer='xpointer(//refsect1[@id = "pam_pwhistory-examples"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_pwhistory.8.xml" xpointer='xpointer(//refsect1[@id = "pam_pwhistory-author"]/*)'/> + </section> + +</article> |