From 973f01a739009dd6aeffb3cf737aab7831dcf8f3 Mon Sep 17 00:00:00 2001 From: Simon Josefsson Date: Sat, 3 May 2008 08:31:19 +0000 Subject: [PATCH] Convert to google code wiki markup. --- README | 54 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 31 insertions(+), 23 deletions(-) diff --git a/README b/README index 0f59af9..4112839 100644 --- a/README +++ b/README @@ -1,13 +1,13 @@ -Yubico PAM module -================= +#summary Installation and configuration of the Yubico PAM module + += Yubico PAM module = The Yubico PAM module provides an easy way to integrate the Yubikey into your existing user authentication infrastructure. PAM is used by GNU/Linux, Solaris and Mac OS X for user authentication, and by other -specialized applications such as NCSA MyProxy. +specialized applications such as NCSA !MyProxy. -Status and Roadmap ------------------- +== Status and Roadmap == The module is working for single-user systems. @@ -15,8 +15,11 @@ Several items have been identified that needs to be implemented before it can reach production quality: * Verification of server signature + * Generating signature on request + * HTTPS support + * Multi-user mappings from Yubikey to username. The development community is co-ordinated via Google Code: @@ -27,55 +30,67 @@ The license for pam_yubico is the same as for Linux-PAM, namely a dual-license between 3-clause BSD and the GPL. See the file COPYING for more information. -Building from SVN ------------------ +== Building from SVN == Skip to the next section if you are using an official packaged version. You may check out the sources using SVN with the following command: +{{{ svn checkout http://yubico-pam.googlecode.com/svn/trunk/ yubico-pam +}}} This will create a directory 'yubico-pam'. Enter the directory: +{{{ cd yubico-pam +}}} Autoconf, automake and libtool must be installed. For the documentation, asciidoc and docbook are also required. Generate the build system using: +{{{ autoreconf --install +}}} -Building --------- +== Building == You will need to have libcurl (curl.h, libcurl.so) and libpam-dev (security/pam_appl.h, libpam.so) installed. The build system uses Autoconf, to set up the build system run: +{{{ ./configure +}}} Then build the code, run the self-test and install the binaries: +{{{ make check install +}}} -Configuration -------------- +== Configuration == Install it in your PAM setup by adding a line to an appropriate file in /etc/pam.d/: +{{{ auth sufficient pam_yubico.so id=16 debug +}}} and move pam_yubico.so into /lib/security/: +{{{ mv /usr/local/lib/security/pam_yubico.so /lib/security/ +}}} Supported PAM module parameters are: +{{{ "id": to indicate your client identity, "debug": to enable debug output to stdout, "alwaysok": to enable that all authentication attempts should succeed @@ -85,24 +100,17 @@ Supported PAM module parameters are: Be sure to have only two printf tokens in the string and that %d comes before %s. The %d will be replaced with the "id" value and %s with the user's OTP. +}}} If you are using "debug" you may find it useful to create a world-writable log file: +{{{ touch /var/run/pam-debug.log chmod go+w /var/run/pam-debug.log +}}} -Feedback --------- +== Feedback == If you want to discuss anything related to the Yubico PAM module, -please contact mailto:simon@yubico.com[Simon Josefsson]. - -Legal ------ - -Copyright (C) 2007, 2008 Simon Josefsson - -Copying and distribution of this file, with or without modification, -are permitted in any medium without royalty provided the copyright -notice and this notice are preserved. +please contact .