Provided by: libpam-otpw_1.5-2_amd64 bug

NAME

       pam_otpw - verify one-time passwords

SYNOPSIS

       pam_otpw [ arguments ]

DESCRIPTION

       OTPW is a one-time password authentication system. It compares entered passwords with hash
       values stored in the user's home directory in the  file  ~/.otpw.   Once  a  password  was
       entered  correctly,  its  hash  value  in  ~/.otpw will be overwritten with hyphens, which
       disables its use in future authentication. A lock file ~/.otpw.lock prevents that the same
       password  challenge is issued on several concurrent authentication sessions. This helps to
       prevent an eavesdropper from copying a one-time password as it is entered instantly into a
       second  session,  in  the hope to get access by sending the final newline character faster
       than the user could.

       Both an authentication management and a session management function are  offered  by  this
       module.  The authentication function asks for and verifies one-time passwords. The session
       function prints a message after login that reminds the user of  the  remaining  number  of
       one-time passwords.

ARGUMENTS

       debug  Turn on debugging via syslog(3).

       nolock Disable  locking.  This  option tells the authentication function of pam_otpw.so to
              ignore any existing ~/.otpw.lock lock file and  not  to  generate  any.  With  this
              option, pam_otpw.so will never ask for several passwords simultaneously.

PSEUDO-USER INSTALLATION

       If  a  system  pseudo  user “otpw” exists in the user database (with UID < 1000), then the
       password hash files will not be stored in the user's home directory.  Instead  of  looking
       for  ~john/.otpw.lock  the file has to be located in the home directory of the pseudo user
       “otpw”, and be named after the user (e.g. “/var/lib/otpw/john”). It will be accessed  with
       the effective UID and GID of that pseudo user.

AUTHOR

       The  OTPW package, which includes the otpw-gen program, has been developed by Markus Kuhn.
       The most recent version is available from <http://www.cl.cam.ac.uk/~mgk25/otpw.html>.

SEE ALSO

       otpw-gen(1), pam(8)

                                            2014-08-07                                 PAMOTPW(8)