Linux @ CERN

CERN > IT > Linux

"SLC6X: system environment/base: pam_pkcs11

pam_pkcs11 - PKCS #11/NSS PAM login module

Website: http://www.opensc-project.org/pam_pkcs11
License: LGPLv2+
Vendor: Scientific Linux CERN, http://cern.ch/linux
Description:
This Linux-PAM login module allows a X.509 certificate based user
authentication. The certificate and its dedicated private key are thereby
accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA
certificates as well as either online or locally accessible CRLs and
OCSP are used. This version uses NSS to validate the Certificates and manage
the PKCS #11 smartCards.
Additional included pam_pkcs11 related tools
- pkcs11_eventmgr: Generate actions on card insert/removal/timeout events
- pklogin_finder: Get the loginname that maps to a certificate
- pkcs11_inspect: Inspect the contents of a certificate

Packages

pam_pkcs11-0.6.2-17.el6.i686 [189 KiB] Changelog by Bob Relyea (2018-02-08):
- Fix crash when using certs with UPNs
- Fix crash when using the generic mapper
pam_pkcs11-0.6.2-15.el6.i686 [188 KiB] Changelog by Bob Relyea (2016-01-11):
- Use PKIX for path validation.
- Fix cert_policy parameter in default pam_pkcs11.conf file.
pam_pkcs11-0.6.2-14.el6.i686 [188 KiB] Changelog by Bob Relyea (2014-05-13):
- Handle PKCS #11 modules when NSS or pam_pkcs11 only specify a partial path
- Fix coverity issues (found in 7.0 coverity scan)
pam_pkcs11-0.6.2-12.1.el6.i686 [185 KiB] Changelog by Bob Relyea (2012-02-29):
- Silence unexpected error messages when logged in remotely console
pam_pkcs11-0.6.2-11.1.el6.i686 [186 KiB] Changelog by Bob Relyea (2011-01-18):
- Silence expected errors from the console
- make sure change log has correct dates and email
  Resolves: #654460, #586149

Listing created by repoview