Installation

Installation

Install the dependencies

sudo apt-get install libcurl4-openssl-dev libpam-dev uuid-dev

Once all the dependencies are installed, run this commands to compline and run:

make
mkdir -p /usr/local/lib/security
mv pam_ironchip_auth.so /usr/local/lib/security/

The previous command will generate a file named pam_ironchip_auth.so.

Usage

Write the sentence below in /etc/pam.d/common-auth to required authentication:

auth required /usr/local/lib/security/pam_ironchip_auth.so <options>

or

auth sufficient /usr/local/lib/security/pam_ironchip_auth.so <options>

Example for Ironchip’s production server:

auth required /usr/local/lib/security/pam_ironchip_auth.so idp=https://api.ironchip.com/authorization   apikey=xxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Make sure to use the absolute path to the pam_ironchip_auth.so file.

Options

• IDP
  • Required.
  • The Identity Provider Server URL : https://api.ironchip.com/authorization .
• API KEY
  • Required.
  • Api Key received during the application creation procedure

Log

By default the log of the pam module outputs to syslog. Such logs can be seen as follows:

tail -f /var/log/syslog | grep gdm-password

or

tail -f /var/log/auth.log