|
pam_timestamp(8) -- Linux man page
NAME
pam_timestamp - authenticate using cached successful authentication attempts
SYNOPSIS
auth sufficient /lib/security/pam_timestamp.so
session optional /lib/security/pam_timestamp.so
DESCRIPTION
In a nutshell, pam_timestamp caches successful authentication attempts, and
allows you to use a recent successful attempt as the basis for authentication.
When an application opens a session using pam_timestamp, a timestamp file is
created in the timestampdir directory for the user. When an application
attempts to authenticate the user, a pam_timestamp will treat a sufficiently-
recent timestamp file as grounds for succeeding.
ARGUMENTS
- debug
-
turns on debugging via syslog(3).
- timestampdir=name
-
tells pam_timestamp.so where to place and search for timestamp files. This
should match the directory configured for sudo(1) in the sudoers(5) file.
- timestamp_timeout=number
-
tells pam_timestamp.so how long it should treat timestamp files as valid
after their last modification date. This should match the value configured
for sudo(1) in the sudoers(5) file.
- verbose
-
attempt to inform the user when access is granted.
EXAMPLE
/etc/pam.d/some-config-tool:
auth sufficient /lib/security/pam_timestamp.so verbose
auth required /lib/security/pam_unix.so
session required /lib/security/pam_permit.so
session optional /lib/security/pam_timestamp.so
CAVEATS
Users can get confused when they aren't always asked for passwords when running
a given program. Some users reflexively begin typing information before
noticing that it's not being asked for.
SEE ALSO
pam_timestamp_check(8)
BUGS
Let's hope not, but if you find any, please email the author.
AUTHOR
Nalin Dahyabhai <nalin@redhat.com>
|
|
|
|
|
|
