summaryrefslogtreecommitdiffstats
path: root/modules/pam_timestamp/README
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_timestamp/README')
-rw-r--r--modules/pam_timestamp/README56
1 files changed, 56 insertions, 0 deletions
diff --git a/modules/pam_timestamp/README b/modules/pam_timestamp/README
new file mode 100644
index 0000000..e1ed508
--- /dev/null
+++ b/modules/pam_timestamp/README
@@ -0,0 +1,56 @@
+pam_timestamp — Authenticate using cached successful authentication attempts
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+DESCRIPTION
+
+In a nutshell, pam_timestamp caches successful authentication attempts, and
+allows you to use a recent successful attempt as the basis for authentication.
+This is similar mechanism which is used in sudo.
+
+When an application opens a session using pam_timestamp, a timestamp file is
+created in the timestampdir directory for the user. When an application
+attempts to authenticate the user, a pam_timestamp will treat a sufficiently
+recent timestamp file as grounds for succeeding.
+
+The default encryption hash is taken from the HMAC_CRYPTO_ALGO variable from /
+etc/login.defs.
+
+OPTIONS
+
+timestampdir=directory
+
+ Specify an alternate directory where pam_timestamp creates timestamp files.
+
+timestamp_timeout=number
+
+ How long should pam_timestamp treat timestamp as valid after their last
+ modification date (in seconds). Default is 300 seconds.
+
+verbose
+
+ Attempt to inform the user when access is granted.
+
+debug
+
+ Turns on debugging messages sent to syslog(3).
+
+NOTES
+
+Users can get confused when they are not always asked for passwords when
+running a given program. Some users reflexively begin typing information before
+noticing that it is not being asked for.
+
+EXAMPLES
+
+auth sufficient pam_timestamp.so verbose
+auth required pam_unix.so
+
+session required pam_unix.so
+session optional pam_timestamp.so
+
+
+AUTHOR
+
+pam_timestamp was written by Nalin Dahyabhai.
+