Linux PAM: Difference between revisions
Appearance
Content deleted Content added
Correction using word authentication instead of auhtorization |
No edit summary |
||
Line 28: | Line 28: | ||
| website = {{URL|http://www.linux-pam.org/}} |
| website = {{URL|http://www.linux-pam.org/}} |
||
}} |
}} |
||
'''Linux Pluggable Authentication Modules''' (PAM) provide dynamic authentication support for applications and services in a [[Linux]] system. Linux PAM is evolved from the [[Unix]] [[Pluggable Authentication Modules]] architecture. |
'''Linux Pluggable Authentication Modules''' (PAM) provide dynamic authentication support for applications and services in a [[GNU/Linux]] or [[GNU/kFreeBSD]]<ref>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=220980</ref> system. Linux PAM is evolved from the [[Unix]] [[Pluggable Authentication Modules]] architecture. |
||
Linux-PAM separates the tasks of authentication into four independent management groups: |
Linux-PAM separates the tasks of authentication into four independent management groups: |
Revision as of 12:00, 23 October 2015
This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. (September 2010) |
Stable release | 1.1.8
/ September 19, 2013 |
---|---|
Repository | |
Written in | C |
Operating system | Linux |
Type | authentication |
License | GNU General Public License or Revised BSD License |
Website | www |
Linux Pluggable Authentication Modules (PAM) provide dynamic authentication support for applications and services in a GNU/Linux or GNU/kFreeBSD[1] system. Linux PAM is evolved from the Unix Pluggable Authentication Modules architecture.
Linux-PAM separates the tasks of authentication into four independent management groups:
- account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.
- authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a keyring.
- password modules are responsible for updating passwords, and are generally coupled to modules employed in the authentication step. They may also be used to enforce strong passwords.
- session modules define actions that are performed at the beginning and end of sessions. A session starts after the user has successfully authenticated.