pklogin_finder(1) - Linux man page

Name

pklogin_finder - maps certificates into a user

Syntax

pklogin_finder [debug] [config_file=<filename>]

Description

pklogin_finder uses the pam_pkcs11 library infrastructure to interactively map a PKCS#11 provided certificate to a user.

pklogin_finder uses the the same configuration file and arguments than pam_pkcs11(8) PAM module. Load defined mapper modules, and try to find a map between found certificates and a user login.

Options

debug
Enable debugging output. Default is no debug.
config_file=<configuration file>
Sets the configuration file to use. Default value is /etc/pam_pkcs11/pam_pkcs11.conf.

As it uses the same configuration file than pam_pkcs11, all pam_pkcs11 options are also available. Note that some of them has no sense in a non-PAM environment, so they will be ignored.

Return Value

On success pklogin_finder prints on stdout the login name and exits returns 0.

On user mapping error it returns 1.

On no user match it prints nothing and returns 2.

Files

/etc/pam_pkcs11/pam_pkcs11.conf

Examples

To run this program the standard way, insert a smart card into the reader and type: pklogin_finder

Alternatively you can specify options: pklogin_finder debug config_file=${HOME}/.pam_pkcs11.conf

Authors

Juan Antonio Martinez <jonsito@teleline.es>

See Also

pam_pkcs11(8), pkcs11_inspect(1), PAM-PKCS11 User Manual