| options/nixos/security.pam.services.<name>.unixAuth | Whether users can log in with passwords defined in
/etc/shadow.
|
| options/nixos/security.pam.services.<name>.mysqlAuth | If set, the pam_mysql module will be used to
authenticate users against a MySQL/MariaDB database.
|
| options/nixos/security.pam.services.<name>.makeHomeDir | Whether to try to create home directories for users
with $HOMEs pointing to nonexistent
locations on session login.
|
| options/nixos/security.pam.services.<name>.yubicoAuth | If set, users listed in
~/.yubico/authorized_yubikeys
are able to log in with the associated Yubikey tokens.
|
| options/nixos/security.pam.services.<name>.u2fAuth | If set, users listed in
$XDG_CONFIG_HOME/Yubico/u2f_keys (or
$HOME/.config/Yubico/u2f_keys if XDG variable is
not set) are able to log in with the associated U2F key
|
| options/nixos/security.pam.services.<name>.usshAuth | If set, users with an SSH certificate containing an authorized principal
in their SSH agent are able to log in
|
| options/nixos/security.pam.services.<name>.googleOsLoginAuthentication | If set, will use the pam_oslogin_login's user
authentication methods to authenticate users using 2FA
|
| options/nixos/security.pam.services.<name>.googleOsLoginAccountVerification | If set, will use the Google OS Login PAM modules
(pam_oslogin_login,
pam_oslogin_admin) to verify possible OS Login
users and set sudoers configuration accordingly
|