pam_pkcs11 - PAM Authentication Module for PKCS#11 token libraries
pam_pkcs11.so [debug] [configfile=<configfile>]
This Linux-PAM login module allows a X.509 certificate based user
login. The certificate and its dedicated private key are thereby
accessed by means of an appropriate PKCS #11 module. For the
verification of the users’ certificates, locally stored CA certificates
as well as either online or locally accessible CRLs are used.
The program that needs a PAM service should be configured in
/etc/pam.conf or /etc/pam.d/<servicename>.
pam_pkcs11 can be used in the <auth> PAM chain.
For details on how to configure PAM services, see the PAM documentation
for your system. This manual does not cover PAM configuration details.
The existing PAM service definitions for other applications on your
system is also a good source for examples on how to configure a PAM
Original PAM-pkcs11 was written by Mario Strasser <firstname.lastname@example.org>.
Newer versions are from Juan Antonio Martinez <email@example.com>.
Report bugs ideas, comments, bug-fixes and so to: Juan Antonio Martinez
pam(8), pam_pkcs11.conf(5), PAM Systems Administrator Guide,
README.mappers file, PAM-PKCS#11 User Manual.