How To Install pam_pkcs11.x86_64 on Amazon Linux 2

In this tutorial we learn how to install pam_pkcs11.x86_64 in Amazon Linux 2. pam_pkcs11.x86_64 is PKCS #11/NSS PAM login module

Introduction

In this tutorial we learn how to install pam_pkcs11.x86_64 on Amazon Linux 2.

What is `pam_pkcs11.x86_64`

This Linux-PAM login module allows a X.509 certificate based user authentication. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users’ certificates, locally stored CA certificates as well as either online or locally accessible CRLs and OCSP are used. This version uses NSS to validate the Certificates and manage the PKCS #11 smartCards. Additional included pam_pkcs11 related tools - pkcs11_eventmgr events - pklogin_finder - pkcs11_inspect

We can use yum to install pam_pkcs11.x86_64 on Amazon Linux 2. In this tutorial we discuss both methods but you only need to choose one of method to install pam_pkcs11.x86_64.

Install pam_pkcs11.x86_64 on Amazon Linux 2 Using yum

Update yum database with yum using the following command.

sudo yum makecache --refresh

After updating yum database, We can install pam_pkcs11.x86_64 using yum by running the following command:

sudo yum -y install pam_pkcs11.x86_64

How To Uninstall pam_pkcs11.x86_64 on Amazon Linux 2

To uninstall only the pam_pkcs11.x86_64 package we can use the following command:

sudo yum remove pam_pkcs11.x86_64

pam_pkcs11.x86_64 Package Contents on Amazon Linux 2

/etc/pam_pkcs11
/etc/pam_pkcs11/pam_pkcs11.conf
/etc/pam_pkcs11/pkcs11_eventmgr.conf
/usr/bin/card_eventmgr
/usr/bin/pkcs11_eventmgr
/usr/bin/pkcs11_inspect
/usr/bin/pkcs11_listcerts
/usr/bin/pkcs11_setup
/usr/bin/pklogin_finder
/usr/lib64/pam_pkcs11
/usr/lib64/pam_pkcs11/ldap_mapper.so
/usr/lib64/pam_pkcs11/opensc_mapper.so
/usr/lib64/pam_pkcs11/openssh_mapper.so
/usr/lib64/security/pam_pkcs11.so
/usr/share/doc/pam_pkcs11-0.6.2
/usr/share/doc/pam_pkcs11-0.6.2/AUTHORS
/usr/share/doc/pam_pkcs11-0.6.2/COPYING
/usr/share/doc/pam_pkcs11-0.6.2/ChangeLog
/usr/share/doc/pam_pkcs11-0.6.2/NEWS
/usr/share/doc/pam_pkcs11-0.6.2/README
/usr/share/doc/pam_pkcs11-0.6.2/README.autologin
/usr/share/doc/pam_pkcs11-0.6.2/README.mappers
/usr/share/doc/pam_pkcs11-0.6.2/TODO
/usr/share/doc/pam_pkcs11-0.6.2/card_eventmgr.conf.example
/usr/share/doc/pam_pkcs11-0.6.2/digest_mapping.example
/usr/share/doc/pam_pkcs11-0.6.2/mail_mapping.example
/usr/share/doc/pam_pkcs11-0.6.2/mappers_api.html
/usr/share/doc/pam_pkcs11-0.6.2/pam.d_login.example
/usr/share/doc/pam_pkcs11-0.6.2/pam_pkcs11.conf.example
/usr/share/doc/pam_pkcs11-0.6.2/pam_pkcs11.html
/usr/share/doc/pam_pkcs11-0.6.2/pkcs11_eventmgr.conf.example
/usr/share/doc/pam_pkcs11-0.6.2/subject_mapping.example
/usr/share/locale/de/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/fr/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/pl/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/ru/LC_MESSAGES/pam_pkcs11.mo
/usr/share/man/man1/card_eventmgr.1.gz
/usr/share/man/man1/pkcs11_eventmgr.1.gz
/usr/share/man/man1/pkcs11_inspect.1.gz
/usr/share/man/man1/pkcs11_listcerts.1.gz
/usr/share/man/man1/pkcs11_setup.1.gz
/usr/share/man/man1/pklogin_finder.1.gz
/usr/share/man/man8/pam_pkcs11.8.gz

References

pam_pkcs11.x86_64 website

Summary

In this tutorial we learn how to install pam_pkcs11.x86_64 on Amazon Linux 2 using yum.