pam2control, commonly known as p2c, is the easily configurable PAM-based authentication provider. It makes it possible to manages access for some users (or group of users; LDAP is supported) just by adding one single line to the config file. It can notify you by sending an email if somebody login on server. It uses syslog and also its own logfile for every login-/logout-events.
It supports FreeBSD and GNU/Linux systems.
- Behavior of pam2control is set using config file.
- Possibility to control access for single specific user, groups of users or LDAP groups.
- Email notification for every new login.
- 2FA for SSH login: autogenerated 8 digit one-time PIN via email.
- Syslog messages (supports verbose debug mode).
- Its own logfile for every login/logout events.
- Works with OpenPAM and Linux-PAM.
- p2ctl - console client of pam2control for PAM services management.
- Separated access rules for SSH password and public key authentication.
- GPG encryption for 2FA PIN and notification emails.
- Separated access rules for SSH- and SCP-sessions.
git clone https://github.com/alexander-naumov/pam2control
cd pam2control/src
make
sudo make installThe p2c.conf man page has details on how to configure pam2control.
Copyright (c) 2018-2021 Alexander Naumov (alexander_naumov@opensuse.org).
Licensed under GNU GPLv3 (see LICENSE file).