pam_userdb -- PAM module to authenticate against a db database
     __________________________________________________________________

DESCRIPTION

   The pam_userdb module is used to verify a username/password pair
   against values stored in a Berkeley DB database. The database is
   indexed by the username, and the data fields corresponding to the
   username keys are the passwords.

OPTIONS

   crypt=[crypt|none]
          Indicates whether encrypted or plaintext passwords are stored in
          the database. If it is crypt, passwords should be stored in the
          database in crypt(3) form. If none is selected, passwords should
          be stored in the database as plaintext.

   db=/path/database
          Use the /path/database database for performing lookup. There is
          no default; the module will return PAM_IGNORE if no database is
          provided. Note that the path to the database file should be
          specified without the .db suffix.

   debug
          Print debug information. Note that password hashes, both from db
          and computed, will be printed to syslog.

   dump
          Dump all the entries in the database to the log. Don't do this
          by default!

   icase
          Make the password verification to be case insensitive (ie when
          working with registration numbers and such). Only works with
          plaintext password storage.

   try_first_pass
          Use the authentication token previously obtained by another
          module that did the conversation with the application. If this
          token can not be obtained then the module will try to converse.
          This option can be used for stacking different modules that need
          to deal with the authentication tokens.

   use_first_pass
          Use the authentication token previously obtained by another
          module that did the conversation with the application. If this
          token can not be obtained then the module will fail. This option
          can be used for stacking different modules that need to deal
          with the authentication tokens.

   unknown_ok
          Do not return error when checking for a user that is not in the
          database. This can be used to stack more than one pam_userdb
          module that will check a username/password pair in more than a
          database.

   key_only
          The username and password are concatenated together in the
          database hash as 'username-password' with a random value. if the
          concatenation of the username and password with a dash in the
          middle returns any result, the user is valid. this is useful in
          cases where the username may not be unique but the username and
          password pair are.

EXAMPLES

auth  sufficient pam_userdb.so icase db=/etc/dbtest

AUTHOR

   pam_userdb was written by Cristian Gafton >gafton@redhat.com<.
