|
|
<configuration>
|
|
|
<defaults>
|
|
|
<!-- <option name="hostname">foobar</option> -->
|
|
|
<option name="one_time_pad">true</option>
|
|
|
<option name="probe_timeout">10</option>
|
|
|
<option name="system_pad_directory">/usr/share/pam_usb/pads</option>
|
|
|
<option name="device_pad_directory">.auth</option>
|
|
|
</defaults>
|
|
|
|
|
|
<devices>
|
|
|
<device id="foobar">
|
|
|
<vendor>SanDisk Corp.</vendor>
|
|
|
<model>Cruzer Titanium</model>
|
|
|
<serial>SNDKB882652FC4A03701</serial>
|
|
|
<volume_uuid>3B69-1AFD</volume_uuid>
|
|
|
</device>
|
|
|
</devices>
|
|
|
|
|
|
|
|
|
<users>
|
|
|
<user id="scox">
|
|
|
<device>foobar</device>
|
|
|
<!--<option name="one_time_pad">false</option> -->
|
|
|
</user>
|
|
|
|
|
|
<user id="root">
|
|
|
<device>foobar</device>
|
|
|
<option name="color_log">false</option>
|
|
|
</user>
|
|
|
</users>
|
|
|
|
|
|
<services>
|
|
|
<!-- Disable pam_usb for sshd (nonsense) -->
|
|
|
<service id="ssh">
|
|
|
<option name="enable">false</option>
|
|
|
</service>
|
|
|
|
|
|
<!-- Speed up 'login' authentication by disabling one time pads.
|
|
|
This setting will not affect user 'root' as he/she is
|
|
|
enforcing one time pads (enforce_otp).
|
|
|
-->
|
|
|
<service id="login">
|
|
|
<option name="one_time_pad">false</option>
|
|
|
</service>
|
|
|
</services>
|
|
|
</configuration>
|