pam_timestamp - authenticate using cached successful authentication attempts
Synopsis
Description
Arguments
Example
Caveats
See Also
Bugs
Author
auth sufficient /lib/security/pam_timestamp.so
session optional /lib/security/pam_timestamp.so
In a nutshell, pam_timestamp caches successful authentication attempts, and allows you to use a recent successful attempt as the basis for authentication.When an application opens a session using pam_timestamp, a timestamp file is created in the timestampdir directory for the user. When an application attempts to authenticate the user, a pam_timestamp will treat a sufficiently- recent timestamp file as grounds for succeeding.
debug turns on debugging via syslog(3). timestampdir=name tells pam_timestamp.so where to place and search for timestamp files. This should match the directory configured for sudo(1) in the sudoers(5) file. timestamp_timeout=number tells pam_timestamp.so how long it should treat timestamp files as valid after their last modification date. This should match the value configured for sudo(1) in the sudoers(5) file. verbose attempt to inform the user when access is granted.
/etc/pam.d/some-config-tool:
auth sufficient /lib/security/pam_timestamp.so verbose auth required /lib/security/pam_unix.so
session required /lib/security/pam_permit.so session optional /lib/security/pam_timestamp.so
Users can get confused when they aren’t always asked for passwords when running a given program. Some users reflexively begin typing information before noticing that it’s not being asked for.
pam_timestamp_check(8)
Let’s hope not, but if you find any, please email the author.
Nalin Dahyabhai <nalin@redhat.com>
| Red Hat Linux | pam_timestamp (8) | 2002/02/07 |