Linux PAM: Difference between revisions

This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. Please help improve this article by introducing more precise citations. (September 2010) (Learn how and when to remove this message)

Linux Pluggable Authentication Modules (PAM) provide dynamic authorization for applications and services in a Linux system. Linux PAM is evolved from the Unix Pluggable Authentication Modules architecture.

There are four groups for independent management:

• Account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.
• Authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a keyring.
• Password modules are responsible for updating passwords, and are generally coupled to modules employed in the authentication step. They may also be used to enforce strong passwords.
• Session modules define actions that are performed at the beginning and end of sessions. A session starts after the user has successfully authenticated.

• OpenPAM
• fprint

• Linux-PAM page
• pam.d(8) - Linux man page
• Development site for the Linux-PAM project

This security software article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e