Linux PAM: Difference between revisions
Content deleted Content added
Citation bot (talk | contribs) Altered url. URLs might have been anonymized. Add: archive-date, archive-url. | Use this bot. Report bugs. | Suggested by Jay8g | Linked from User:Jay8g/sandbox | #UCB_webform_linked 446/1114 |
|||
| (18 intermediate revisions by 16 users not shown) | |||
| Line 1: | Line 1: | ||
{{Short description|Software library to manage authentication on Linux systems}} |
|||
{{more footnotes|date=September 2010}} |
|||
{{Infobox software |
{{Infobox software |
||
| name = Linux PAM |
| name = Linux PAM |
||
| Line 15: | Line 15: | ||
| released = <!-- {{Start date and age|YYYY|MM|DD|df=yes/no}} --> |
| released = <!-- {{Start date and age|YYYY|MM|DD|df=yes/no}} --> |
||
| discontinued = |
| discontinued = |
||
| latest release version = 1. |
| latest release version = 1.5.3 |
||
| latest release date = {{Start date and age| |
| latest release date = {{Start date and age|2023|05|08}} |
||
| latest preview version = |
| latest preview version = |
||
| latest preview date = <!-- {{Start date and age|YYYY|MM|DD|df=yes/no}} --> |
| latest preview date = <!-- {{Start date and age|YYYY|MM|DD|df=yes/no}} --> |
||
| Line 25: | Line 25: | ||
| genre = authentication |
| genre = authentication |
||
| repo = https://github.com/linux-pam/linux-pam |
| repo = https://github.com/linux-pam/linux-pam |
||
| license = [[GNU General Public License]] or [[ |
| license = [[GNU General Public License]] or [[Modified BSD License]] |
||
| website = {{URL|http://www.linux-pam.org/}} |
| website = {{URL|http://www.linux-pam.org/}} |
||
}} |
}} |
||
'''Linux Pluggable Authentication Modules''' (PAM) |
'''Linux Pluggable Authentication Modules''' (PAM) is a suite of libraries that allow a Linux [[system administrator]] to configure methods to [[Authentication|authenticate]] users. It provides a flexible and centralized way to switch authentication methods for secured applications by using configuration files instead of changing application code.<ref>{{Cite web|title=Chapter 1. Introduction|url=http://www.linux-pam.org/Linux-PAM-html/sag-introduction.html|access-date=2023-11-11|website=An Internet Archive page of Linux PAM site|archive-url=https://web.archive.org/web/20210506140423/http://www.linux-pam.org/Linux-PAM-html/sag-introduction.html |archive-date=2021-05-06 }}</ref> There are Linux PAM libraries allowing authentication using methods such as local passwords, [[Lightweight Directory Access Protocol|LDAP]], or fingerprint readers.<ref>{{Cite web|last=Lauber|first=Susan|date=2020-07-22|title=An introduction to Pluggable Authentication Modules (PAM) in Linux|url=https://www.redhat.com/sysadmin/pluggable-authentication-modules-pam|access-date=2021-02-28|website=Red Hat|language=en}}</ref> Linux PAM is evolved from the [[Unix]] [[Pluggable Authentication Modules]] architecture.<ref>{{Cite web|url=https://www.linuxjournal.com/article/5940|title=Securing Applications on Linux with PAM {{!}} Linux Journal|last1=Fernandes|first1=Savio|last2=Reddy|first2=KLM|website=[[Linux Journal]]|language=en|access-date=2018-09-30}}</ref> |
||
Linux-PAM separates the tasks of authentication into four independent management groups: |
Linux-PAM separates the tasks of authentication into four independent management groups:<ref>{{Cite web|title=pam.d(8): Pluggable Authentication Modules for - Linux man page|url=https://linux.die.net/man/8/pam.d|access-date=2021-02-28|website=linux.die.net}}</ref> |
||
* account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service. |
* account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service. |
||
* authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a [[Keyring (cryptography)|keyring]]. |
* authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a [[Keyring (cryptography)|keyring]]. |
||
| Line 37: | Line 37: | ||
==See also== |
==See also== |
||
{{Portal|Linux|Free software}} |
{{Portal|Linux|Free and open-source software}} |
||
*[[Pluggable Authentication Modules]] |
|||
* |
*[[OpenPAM]] |
||
==References== |
==References== |
||
| Line 44: | Line 45: | ||
==External links== |
==External links== |
||
* [http://www.linux-pam.org/ Linux-PAM |
* [http://www.linux-pam.org/ Primary distribution site for the Linux-PAM project] |
||
* |
*[https://github.com/linux-pam/linux-pam Development site for the Linux-PAM project] |
||
* [https://github.com/linux-pam/linux-pam Development site for the Linux-PAM project] |
|||
* [http://aplawrence.com/Basics/understandingpam.html ''Understanding PAM'', by A.P. Lawrence] |
* [http://aplawrence.com/Basics/understandingpam.html ''Understanding PAM'', by A.P. Lawrence] |
||
* [https://likegeeks.com/linux-pam-easy-guide/ ''Linux PAM modules'', by Mokhtar Ebrahim] |
* [https://likegeeks.com/linux-pam-easy-guide/ ''Linux PAM modules'', by Mokhtar Ebrahim] |
||
Latest revision as of 03:33, 13 February 2024
| Stable release | 1.5.3
/ May 8, 2023 |
|---|---|
| Repository | https://github.com/linux-pam/linux-pam |
| Written in | C |
| Operating system | Linux |
| Type | authentication |
| License | GNU General Public License or Modified BSD License |
| Website | www |
Linux Pluggable Authentication Modules (PAM) is a suite of libraries that allow a Linux system administrator to configure methods to authenticate users. It provides a flexible and centralized way to switch authentication methods for secured applications by using configuration files instead of changing application code.[1] There are Linux PAM libraries allowing authentication using methods such as local passwords, LDAP, or fingerprint readers.[2] Linux PAM is evolved from the Unix Pluggable Authentication Modules architecture.[3]
Linux-PAM separates the tasks of authentication into four independent management groups:[4]
- account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.
- authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a keyring.
- password modules are responsible for updating passwords, and are generally coupled to modules employed in the authentication step. They may also be used to enforce strong passwords.
- session modules define actions that are performed at the beginning and end of sessions. A session starts after the user has successfully authenticated.
See also
[edit]
References
[edit]- ^ "Chapter 1. Introduction". An Internet Archive page of Linux PAM site. Archived from the original on 2021-05-06. Retrieved 2023-11-11.
- ^ Lauber, Susan (2020-07-22). "An introduction to Pluggable Authentication Modules (PAM) in Linux". Red Hat. Retrieved 2021-02-28.
- ^ Fernandes, Savio; Reddy, KLM. "Securing Applications on Linux with PAM | Linux Journal". Linux Journal. Retrieved 2018-09-30.
- ^ "pam.d(8): Pluggable Authentication Modules for - Linux man page". linux.die.net. Retrieved 2021-02-28.
External links
[edit]- Primary distribution site for the Linux-PAM project
- Development site for the Linux-PAM project
- Understanding PAM, by A.P. Lawrence
- Linux PAM modules, by Mokhtar Ebrahim
| Organization |
| ||||
|---|---|---|---|---|---|
| Technical | |||||
| Adoption |
| ||||
 | This security software article is a stub. You can help Wikipedia by expanding it. |