How To Install pam_pkcs11 on CentOS 7

In this tutorial we learn how to install pam_pkcs11 on CentOS 7. pam_pkcs11 is PKCS #11/NSS PAM login module

Introduction

In this tutorial we learn how to install pam_pkcs11 on CentOS 7.

What is `pam_pkcs11`

This Linux-PAM login module allows a X.509 certificate based user authentication. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users’ certificates, locally stored CA certificates as well as either online or locally accessible CRLs and OCSP are used. This version uses NSS to validate the Certificates and manage the PKCS #11 smartCards. Additional included pam_pkcs11 related tools - pkcs11_eventmgr events - pklogin_finder - pkcs11_inspect This Linux-PAM login module allows a X.509 certificate based user authentication. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users’ certificates, locally stored CA certificates as well as either online or locally accessible CRLs and OCSP are used. This version uses NSS to validate the Certificates and manage the PKCS #11 smartCards. Additional included pam_pkcs11 related tools - pkcs11_eventmgr events - pklogin_finder - pkcs11_inspect

We can use yum or dnf to install pam_pkcs11 on CentOS 7. In this tutorial we discuss both methods but you only need to choose one of method to install pam_pkcs11.

Install pam_pkcs11 on CentOS 7 Using yum

Update yum database with yum using the following command.

sudo yum makecache

After updating yum database, We can install pam_pkcs11 using yum by running the following command:

sudo yum -y install pam_pkcs11

Install pam_pkcs11 on CentOS 7 Using dnf

If you don’t have dnf installed you can install DNF on CentOS 7 first. Update yum database with dnf using the following command.

sudo dnf makecache

After updating yum database, We can install pam_pkcs11 using dnf by running the following command:

sudo dnf -y install pam_pkcs11

How To Uninstall pam_pkcs11 on CentOS 7

To uninstall only the pam_pkcs11 package we can use the following command:

sudo dnf remove pam_pkcs11

References

pam_pkcs11 website

Summary

In this tutorial we learn how to install pam_pkcs11 on CentOS 7 using yum and dnf.