Red Hat ENTERPRISE LINUX 3 Reference Manual page 251
Hide thumbs
Also See for ENTERPRISE LINUX 3:
- Manual (410 pages) ,
- System administration manual (348 pages) ,
- Administration manual (200 pages)
Table of Contents
Advertisement
Chapter 15. Pluggable Authentication Modules (PAM)
If a password has expired, the password component of the
new password. It then tests the newly created password to see whether it can easily be determined by
a dictionary-based password cracking program. If it fails this test the first time, it gives the user two
more chances to create a strong password, as specified in the
password
required
This line specifies that if the program changes the user's password, it should use the
component of the
pam_unix.so
module has determined that the password needs to be changed.
pam_unix.so
The argument
shadow
The argument
nullok
password, otherwise a null password is treated as an account lock.
The final argument on this line,
der when stacking PAM modules. This argument tells the module not to prompt the user for a new
password. Instead, it accepts any password that was recorded by a previous password module. In this
way all, new passwords must pass the
accepted.
session required pam_unix.so
The final line specifies that the session component of the
sion. This module logs the username and the service type to
and end of each session. It can be supplemented by stacking it with other session modules for more
functionality.
The next sample configuration file illustrates
#%PAM-1.0
auth
required
auth
required
auth
required
auth
sufficient
auth
required
First,
pam_nologin.so
for root.
auth
required
The
pam_securetty.so
effectively disallows all root
Tip
To log in remotely as the root user, use OpenSSH instead. For more information on the SSH protocol,
see Chapter 19 SSH Protocol.
auth
required
This line loads the
/etc/security/pam_env.conf
auth
sufficient
pam_unix.so shadow nullok use_authtok
module to do so. This only happens if the
tells the module to create shadow passwords when updating a user's password.
instructs the module to allow the user to change their password from a blank
use_authtok
pam_cracklib.so
pam_nologin.so
pam_securetty.so
pam_env.so
pam_rhosts_auth.so
pam_stack.so service=system-auth
checks to see if
/etc/nologin
pam_securetty.so
module prevents the root user from logging in on insecure terminals. This
attempts due to the application's limited security safeguards.
rlogin
pam_env.so
module, which sets the environmental variables specified in
pam_env.so
.
pam_rhosts_auth.so
pam_cracklib.so
retry=3
, provides a good example of the importance of or-
test for secure passwords before being
pam_unix.so
/var/log/messages
module stacking for the
auth
exists. If it does, no one can log in except
module prompts for a
argument.
password
portion of the
auth
module manages the ses-
at the beginning
program.
rlogin
233
Advertisement
Table of Contents
Related Manuals for Red Hat ENTERPRISE LINUX 3
Related Products for Red Hat ENTERPRISE LINUX 3
- Red Hat ENTERPRISE LINUX 3 - FOR IBM ESERVER ISERIES AND IBM ESERVER PSERIES
- Red Hat ENTERPRISE LINUX 3 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.5
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.7
- Red Hat ENTERPRISE LINUX 4 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4.5.0 -
- Red Hat ENTERPRISE LINUX 5.1 DM MULTIPATH
- Red Hat LINUX 7.2 - OFFICIAL LINUX CUSTOMIZATION GUIDE
- Red Hat LINUX 7.1 - ISERIES
- Red Hat Enterprise Linux 2.1
- Red Hat ENTERPRISE LINUX 5 - VIRTUAL SERVER ADMINISTRATION
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.2
- Red Hat ENTERPRISE LINUX 5.5 - S 2010
- Red Hat ENTERPRISE LINUX 5.3 - RELEASE MANIFEST
- Red Hat ENTERPRISE LINUX 5.1 - LINUX ORACLE