PAM_SSS(8) SSSD PAM_SSS(8) NAME pam_sss - PAM SSSD SYNOPSIS pam_sss.so [quiet] [forward_pass] [use_first_pass] [use_authtok] [retry=N] [ignore_unknown_user] [ignore_authinfo_unavail] [domains=X] [allow_missing_name] [prompt_always] [try_cert_auth] [require_cert_auth] pam_sss.so -- PAM SSSD. syslog(3) LOG_AUTHPRIV. quiet . forward_pass forward_pass , PAM. use_first_pass use_first_pass -- , . use_authtok , , . retry=N , N . -- 0. , , , PAM, . : sshd PasswordAuthentication. ignore_unknown_user , PAM PAM_IGNORE. PAM . ignore_authinfo_unavail , PAM PAM_IGNORE, SSSD. PAM . domains , PAM. : SSSD, , sssd.conf. : , root (, -), "pam_trusted_users" "pam_public_domains". PAM sssd.conf(5). allow_missing_name -- SSSD (, -). , -. - PAM, auth sufficient pam_sss.so allow_missing_name SSSD -, pam_sss, PAM. prompt_always . , , PAM ( ), pam_sss . , SSSD, pam_sss , PIN- - . try_cert_auth , - . - -, PIN-, - , PAM_AUTHINFO_UNAVAIL. require_cert_auth , - . - , . SSSD - -, p11_wait_for_card_timeout, sssd.conf(5). - - , PAM_AUTHINFO_UNAVAIL. (account, auth, password session). PAM SSSD (, PAM), pam_sss PAM_USER_UNKNOWN account, . PAM_SUCCESS PAM . PAM_USER_UNKNOWN PAM SSSD. PAM_AUTH_ERR . , . PAM_PERM_DENIED . SSSD . PAM_IGNORE ignore_unknown_user ignore_authinfo_unavail. PAM_AUTHTOK_ERR . , , , GDM . PAM_AUTHINFO_UNAVAIL . . PAM_BUF_ERR . , , use_first_pass use_authtok, , PAM. PAM_SYSTEM_ERR . SSSD . PAM_CRED_ERR . PAM_CRED_INSUFFICIENT , . , PIN- - . PAM_SERVICE_ERR . PAM_NEW_AUTHTOK_REQD . PAM_ACCT_EXPIRED . PAM_SESSION_ERR IPA . PAM_CRED_UNAVAIL Kerberos. PAM_NO_MODULE_DATA Kerberos . , -, pkint. PAM_CONV_ERR . PAM_AUTHTOK_LOCK_BUSY KDC, . PAM_ABORT PAM. PAM_MODULE_UNKNOWN PAM. PAM_BAD_ITEM -. root - , SSSD , . , , . pam_sss_pw_reset_message.LOC, LOC , setlocale(3). , pam_sss_pw_reset_message.txt. root, root, . /etc/sssd/customize/DOMAIN_NAME/. , . . sssd(8), sssd.conf(5), sssd-ldap(5), sssd-ldap-attributes(5), sssd- krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd- sudo(5), sssd-session-recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8). sss_rpcidmapd(5) AUTHORS (<<>>) SSSD -- https://github.com/SSSD/sssd/ SSSD 04/09/2024 PAM_SSS(8)