pam_keyring

Langue: en

Version: 174886 (fedora - 06/07/09)

Section: 8 (Commandes administrateur)

NAME

pam_keyring - A PAM module that execute gnome-keyring-daemon and unlock the default keyring

OVERVIEW

The pam_keyring module allows GNOME users to automatically unlock their default keyring using their system password when they log in. This allows the data in the default keyring to be used more transparently. Ideally, users should only every have to enter one password (or physical token, etc.): the password they use to authenticate themselves to the system when they log in.

NASTY DETAILS

This module does the following:


 1. Executes gnome-keyring-daemon


 2. Sets the GNOME_KEYRING_SOCKET and GNOME_KEYRING_PID environment variables


 3. Unlocks the default GNOME keyring using the user's system password

PAM can be a difficult and dangerous beast to configure. Misconfiguring PAM can result in it being very difficult to log in to your computer.

Here is a portion of an example service configuration that demonstrates the use of pam_keyring:

 
 [...]
 auth     sufficient  /lib/security/$ISA/pam_unix.so likeauth nullok
 auth     optional    /lib/security/$ISA/pam_keyring.so try_first_pass
 session  optional    /lib/security/$ISA/pam_keyring.so
 [...]
 

PAM's service configuration files are generally found in /etc/pam.d.

AUTHORS

W. Michael Petullo <mike@flyn.org>