xref: /openbsd-src/libexec/login_token/login_token.8 (revision a6f8f73e7f046d72a4df5ca776859d66e61f4b28) 
1.\"	$OpenBSD: login_token.8,v 1.13 2013/07/16 14:09:38 schwarze Exp $
2.\"
3.\" Copyright (c) 1995 Migration Associates Corporation. All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\"    notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\"    notice, this list of conditions and the following disclaimer in the
12.\"    documentation and/or other materials provided with the distribution.
13.\" 3. All advertising materials mentioning features or use of this software
14.\"    must display the following acknowledgement:
15.\"	This product includes software developed by Berkeley Software Design,
16.\"	Inc.
17.\" 4. The name of Berkeley Software Design, Inc.  may not be used to endorse
18.\"    or promote products derived from this software without specific prior
19.\"    written permission.
20.\"
21.\" THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
22.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24.\" ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
25.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31.\" SUCH DAMAGE.
32.\"
33.Dd $Mdocdate: July 16 2013 $
34.Dt LOGIN_TOKEN 8
35.Os
36.Sh NAME
37.Nm login_activ , login_crypto , login_snk
38.Nd provide ActivCard, CRYPTOCard and SNK-004 authentication
39.Sh SYNOPSIS
40.Nm login_token
41.Op Fl s Ar service
42.Op Fl v Ar name Ns = Ns Ar value
43.Ar user
44.Op Ar class
45.Sh DESCRIPTION
46The
47.Nm login_token
48program implements an X9.9 token card challenge response authentication
49mechanism (see
50.Xr login.conf 5 ) .
51It must be invoked by one of the names:
52.Nm login_activ , login_crypto ,
53or
54.Nm login_snk .
55.Pp
56The options are as follows:
57.Bl -tag -width indent
58.It Fl s Ar service
59Specify the service.
60Currently only
61.Li challenge ,
62.Li login ,
63and
64.Li response
65are supported.
66.It Fl v Ar name Ns = Ns Ar value
67This option and its value are ignored.
68.El
69.Pp
70.Nm login_token
71will look up
72.Ar user
73in the appropriate database file, depending on what name it was called as:
74.Pa /etc/activ.db ,
75.Pa /etc/crypto.db ,
76or
77.Pa /etc/snk.db .
78It then will issue a challenge, and if the user
79is able to correctly respond (by using the appropriate token)
80the user will be authenticated.
81The
82.Ar class
83argument is unused.
84.Sh FILES
85.Bl -tag -width xetcxcrypto.db
86.It Pa /etc/activ.db
87data base of information for the ActivCard tokens.
88.It Pa /etc/crypto.db
89data base of information for the CRYPTOCard tokens.
90.It Pa /etc/snk.db
91data base of information for the SNK-004 tokens.
92.El
93.Sh DIAGNOSTICS
94Diagnostic messages are logged via
95.Xr syslog 3
96with the LOG_AUTH facility.
97.Sh SEE ALSO
98.Xr syslog 3 ,
99.Xr login.conf 5 ,
100.Xr tokenadm 8 ,
101.Xr tokeninit 8
102.Sh AUTHORS
103.An Jack Flory Aq Mt jpf@mig.com
104