Jump to content

Linux PAM

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Monkbot (talk | contribs) at 01:09, 14 October 2019 (top: Task 16: replaced (0×) / removed (1×) deprecated |dead-url= and |deadurl= with |url-status=;). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Linux PAM
Stable release
1.3.1 / May 18, 2018; 6 years ago (2018-05-18)
Repositoryhttps://github.com/linux-pam/linux-pam
Written inC
Operating systemLinux
Typeauthentication
LicenseGNU General Public License or Revised BSD License
Websitewww.linux-pam.org

Linux Pluggable Authentication Modules (PAM) provide dynamic authentication support for applications and services in a Linux system. Linux PAM is evolved from the Unix Pluggable Authentication Modules architecture.[1]

Linux-PAM separates the tasks of authentication into four independent management groups:

  • account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.
  • authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a keyring.
  • password modules are responsible for updating passwords, and are generally coupled to modules employed in the authentication step. They may also be used to enforce strong passwords.
  • session modules define actions that are performed at the beginning and end of sessions. A session starts after the user has successfully authenticated.

See also

References

  1. ^ Fernandes, Savio; Reddy, KLM. "Securing Applications on Linux with PAM | Linux Journal". Linux Journal. Retrieved 2018-09-30.