What are PAM modules like?
Pam Modules By satish Tiwary Linux Security Specialist
Let me describe somewhat about Pam modules
Installation and configuration Process and many more.
Installing PAM is a step-by-step process. See Resources for installation instructions.
PAM modules are classified into module type. Any given module should implement at least one of the four module type functions:
1. The authentication module is used to authenticate users or set/destroy credentials.
2. The account management modules perform actions related to access, account and credential expiration, password restrictions/rules, etc.
3. The session management module is used for initializing and terminating sessions.
4. The password management module performs actions related to password change/update
s.
PAM provides different functional capabilities, such as single sign-on authentication, access control, and more. The implementation of each are handled by different modules. Here are some of the major modules:
* pam_access delivers log-daemon-style login access control using login/domain names depending on pre-defined rules in /etc/security/access.conf.
* pam_cracklib checks the passwords against the password rules.
* pam_env sets/unsets environment variables from /etc/security/pam_env_conf.
* pam_debug debugs PAM.
* pam_deny locks out PAM modules.
* pam_echo prints messages.
* pam_exec executes an external command.
* pam_ftp is the module for anonymous access.
* pam_localuser requires the user to be listed in /etc/passwd.
* pam_unix provides traditional password authentication from /etc/passwd.
There are many other modules (pam_userdb, pam_warn, pam_xauth), which take a set of values which they return
Let me describe somewhat about Pam modules
Installation and configuration Process and many more.
Installing PAM is a step-by-step process. See Resources for installation instructions.
PAM modules are classified into module type. Any given module should implement at least one of the four module type functions:
1. The authentication module is used to authenticate users or set/destroy credentials.
2. The account management modules perform actions related to access, account and credential expiration, password restrictions/rules, etc.
3. The session management module is used for initializing and terminating sessions.
4. The password management module performs actions related to password change/update
s.
PAM provides different functional capabilities, such as single sign-on authentication, access control, and more. The implementation of each are handled by different modules. Here are some of the major modules:
* pam_access delivers log-daemon-style login access control using login/domain names depending on pre-defined rules in /etc/security/access.conf.
* pam_cracklib checks the passwords against the password rules.
* pam_env sets/unsets environment variables from /etc/security/pam_env_conf.
* pam_debug debugs PAM.
* pam_deny locks out PAM modules.
* pam_echo prints messages.
* pam_exec executes an external command.
* pam_ftp is the module for anonymous access.
* pam_localuser requires the user to be listed in /etc/passwd.
* pam_unix provides traditional password authentication from /etc/passwd.
There are many other modules (pam_userdb, pam_warn, pam_xauth), which take a set of values which they return
.jpg)
No comments:
Post a Comment