GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
PAM_OPIEACCESS(8) FreeBSD System Manager's Manual PAM_OPIEACCESS(8)

pam_opieaccess
OPIEAccess PAM module

[service-name] module-type control-flag pam_opieaccess [options]

The pam_opieaccess module is used in conjunction with the pam_opie(8) PAM module to ascertain that authentication can proceed by other means (such as the pam_unix(8) module) even if OPIE authentication failed. To properly use this module, pam_opie(8) should be marked “sufficient”, and pam_opieaccess should be listed right below it and marked “requisite”.

The pam_opieaccess module provides functionality for only one PAM category: authentication. In terms of the module-type parameter, this is the “auth” feature. It also provides null functions for the remaining module types.

The authentication component (pam_sm_authenticate()), returns PAM_SUCCESS in two cases:
  1. The user does not have OPIE enabled.
  2. The user has OPIE enabled, and the remote host is listed as a trusted host in /etc/opieaccess, and the user does not have a file named .opiealways in his home directory.

Otherwise, it returns PAM_AUTH_ERR.

The following options may be passed to the authentication module:

Normally, local logins are subjected to the same restrictions as remote logins from “localhost”. This option causes pam_opieaccess to always allow local logins.
syslog(3) debugging information at LOG_DEBUG level.
suppress warning messages to the user. These messages include reasons why the user's authentication attempt was declined.

/etc/opieaccess
List of trusted hosts or networks. See opieaccess(5) for a description of its syntax.
$HOME/.opiealways
The presence of this file makes OPIE mandatory for the user.

opie(4), opieaccess(5), pam.conf(5), pam(8), pam_opie(8)

The pam_opieaccess module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.
October 26, 2007 FreeBSD 13.1-RELEASE

Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.