diff options
Diffstat (limited to 'modules/pam_timestamp/README')
-rw-r--r-- | modules/pam_timestamp/README | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/modules/pam_timestamp/README b/modules/pam_timestamp/README new file mode 100644 index 0000000..e1ed508 --- /dev/null +++ b/modules/pam_timestamp/README @@ -0,0 +1,56 @@ +pam_timestamp — Authenticate using cached successful authentication attempts + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +In a nutshell, pam_timestamp caches successful authentication attempts, and +allows you to use a recent successful attempt as the basis for authentication. +This is similar mechanism which is used in sudo. + +When an application opens a session using pam_timestamp, a timestamp file is +created in the timestampdir directory for the user. When an application +attempts to authenticate the user, a pam_timestamp will treat a sufficiently +recent timestamp file as grounds for succeeding. + +The default encryption hash is taken from the HMAC_CRYPTO_ALGO variable from / +etc/login.defs. + +OPTIONS + +timestampdir=directory + + Specify an alternate directory where pam_timestamp creates timestamp files. + +timestamp_timeout=number + + How long should pam_timestamp treat timestamp as valid after their last + modification date (in seconds). Default is 300 seconds. + +verbose + + Attempt to inform the user when access is granted. + +debug + + Turns on debugging messages sent to syslog(3). + +NOTES + +Users can get confused when they are not always asked for passwords when +running a given program. Some users reflexively begin typing information before +noticing that it is not being asked for. + +EXAMPLES + +auth sufficient pam_timestamp.so verbose +auth required pam_unix.so + +session required pam_unix.so +session optional pam_timestamp.so + + +AUTHOR + +pam_timestamp was written by Nalin Dahyabhai. + |