RECENT POSTS
- Introduction to FreeBSD Security Best Practices
- Working with Package Management in FreeBSD
- Understanding FreeBSD Security Advisories and Updates
- Troubleshooting Common System Administration Issues in FreeBSD
- Tips for Hardening FreeBSD to achieve System Protection
- Setting Up DHCP Server in FreeBSD
- Secure User and Group Management in FreeBSD Systems
- Secure Remote Access with SSH in FreeBSD
- Optimizing System Performance in FreeBSD
- Network Packet Capture with tcpdump in FreeBSD
- All posts ...
Do you have GDPR compliance issues ?
Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations
Pam_p11
Jul 20, 2023
PAM module using crypto tokens for auth
Pam_p11 is a plugable authentication module pam package for using crpytographic tokens such as smart cards and usb crypto tokens for authentication.
Pam_p11 uses libp11 to access any PKCS#11 module. It should be compatible with any implementation, but it is primarely developed using OpenSC.
Pam_p11 implements two authentication modules
- pam_p11_openssh authenticates the user using his openssh ~/.ssh/authorized_keys file.
- pam_p11_opensc authenticates the user using certificates found in ~/.eid/authorized_certificates.
Pam_p11 is very simple, it has no config file, no options other than the PKCS#11 module file, does not know about certificate chains, certificate authorities, revocation lists or OCSP. Perfect for the small installation with no frills.
Checkout these related ports:
- Zzuf - Transparent application input fuzzer
- Zlint - X.509 certificate linter
- Zeronet - Decentralized websites using Bitcoin crypto and BitTorrent network
- Zenmap - GUI frontend for the Nmap scanning utility
- Zeek - System for detecting network intruders in real-time
- Zaproxy - The OWASP zed attack proxy
- Yubioath-desktop - GUI for displaying OATH codes with a Yubikey
- Yubikey-personalization-gui - Graphical YubiKey personalization tool
- Yubikey-manager-qt - Cross-platform application for configuring any YubiKey
- Yubikey-agent - Seamless ssh-agent for YubiKeys
- Yubico-piv-tool - Yubico PIV tool
- Ylva - Command line password manager and file encryption program
- Ykpers - Library and tool for personalization of Yubico's YubiKey
- Ykclient - Yubico C client library
- Yersinia - Layer 2 vulnerability scanner (switches, spanning tree, 802.1q ...)