Linux PAM
Software library to manage authentication on Linux From Wikipedia, the free encyclopedia
Linux Pluggable Authentication Modules (PAM) is a suite of libraries that allow a Linux system administrator to configure methods to authenticate users. It provides a flexible and centralized way to switch authentication methods for secured applications by using configuration files instead of changing application code.[2] There are Linux PAM libraries allowing authentication using methods such as local passwords, LDAP, or fingerprint readers.[3] Linux PAM is evolved from the Unix Pluggable Authentication Modules architecture.[4]
| Stable release | |
|---|---|
| Repository | https://github.com/linux-pam/linux-pam |
| Written in | C |
| Operating system | Linux |
| Type | authentication |
| License | GNU General Public License or Modified BSD License |
| Website | www |
Linux-PAM separates the tasks of authentication into four independent management groups:[5]
- account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.
- authentication modules verify the user's identity, for example by requesting and checking a password or other secret. They may also pass authentication information on to other systems like a keyring.
- password modules are responsible for updating passwords, and are generally coupled to modules employed in the authentication step. They may also be used to enforce strong passwords.
- session modules define actions that are performed at the beginning and end of sessions. A session starts after the user has successfully authenticated.
See also
References
External links
Wikiwand - on
Seamless Wikipedia browsing. On steroids.