Man Linux: Main Page and Category List


       pam_otpw - verify one-time passwords


       pam_otpw [ arguments ]


       OTPW  is a one-time password authentication system. It compares entered
       passwords with hash values stored in the user’s home directory  in  the
       file ~/.otpw.  Once a password was entered correctly, its hash value in
       ~/.otpw will be overwritten with hyphens, which  disables  its  use  in
       future  authentication. A lock file ~/.otpw.lock prevents that the same
       password challenge  is  issued  on  several  concurrent  authentication
       sessions. This helps to prevent an eavesdropper from copying a one-time
       password as it is entered instantly into a second session, in the  hope
       to  get  access  by sending the final newline character faster than the
       user could.

       Both an authentication management and a session management function are
       offered  by  this  module.  The  authentication  function  asks for and
       verifies one-time passwords. The  session  function  prints  a  message
       after  login  that reminds the user of the remaining number of one-time


       debug  Turn on debugging via syslog(3).

       nolock Disable locking. This option tells the  authentication  function
              of to ignore any existing ~/.otpw.lock lock file and
              not to generate any. With this option,  will  never
              ask for several passwords simultaneously.


       The  OTPW  package,  which  includes  the  otpw-gen  progam,  has  been
       developed by Markus Kuhn. The most recent  version  is  available  from


       otpw-gen(1), pam(8)

                                  2003-09-30                        PAMOTPW(8)