Pam_p11 is a PAM package that facilitates the use of cryptographic tokens for authentication. It is pluggable and easy to integrate with existing software systems.
Developed primarily using OpenSC, Pam_p11 implements two authentication modules: pam_p11_openssh and pam_p11_opensc. The former authenticates the user using their openssh ~/.ssh/authorized_keys file, while the latter authenticates users using certificates found in ~/.eid/authorized_certificates. Additionally, it is compatible with the older opensc "pam_opensc" authentication module in eid mode.
One of the best things about Pam_p11 is its simplicity. There is no config file, and no options aside from the PKCS#11 module file. Pam_p11 doesn't know about certificate chains, certificate authorities, revocation lists, or OCSP. This makes it ideal for small installations with no frills.
Pam_p11 was written by an international team and is licensed as Open Source software under the LGPL license. The latest release includes a number of build fixes that have been applied, ensuring even better performance and reliability.
Overall, Pam_p11 is an excellent choice for anyone seeking reliable authentication software that is simple and easy to use. So why not give it a try?
Version 0.1.4: N/A