![[image of the Head of a GNU]](/graphics/gnu-head-sm.jpg)
|
|
PAM-Modules |
A Collection of Modules for PAM |
Sergey Poznyakoff |
PAM-modules Manual (split by node): 
The pamck utility checks if a user can be authenticated using
PAM. The user name is specified in the command line, so the
simplest invocation is:
$ pamck user
When used this way, pamck first authenticates ‘user’,
by calling pam_authenticate, and then performs account
management (pam_acct_mgmt). If both functions return success,
the utility prints ‘OK’ on the standard output and exits with
zero code. In case of failure, it displays diagnostics on standard
error and exits with error code 2.
It exits with code 1 in case of usage error (e.g. wrong command line option).
If password is required, the utility asks about it, and waits for the user input. When reading user input, terminal echo is turned off to prevent password compromising.
Alternatively, the password may be given on the command line, as the second argument:
$ pamck user pass
By default, pamck uses PAM service ‘check’.
Another service name may be supplied using the -s command
line option:
$ pamck -s login user
The -g command line option allows to select the PAM management group to check. It takes the name of the group as an argument. Allowed group names are:
Authentication group. Call pam_authenticate.
Account management. Call pam_acct_mgmt.
Session management. Call pam_open_session.
Session management. Call pam_close_session.
Password management. Call pam_chauthtok.
The following table summarizes available command line options:
Select service name to use.
Select PAM management group to check.
Print short help summary and exit.
Print program version and copyright information and exit.
PAM-modules Manual (split by node):
This document was generated on August 11, 2021 using makeinfo.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.