Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Mail Systems
Eclipse Documentation

How To Guides
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Problem Solutions
Privacy Policy




Debian GNU/Linux Reference Guide
Prev Home Next

9.2.1 Restricting logins with PAM

PAM (Pluggable Authentication Modules) allow you to control how users log in.

     /etc/pam.d/*             # PAM control files
     /etc/pam.d/login         # PAM control file for login
     /etc/security/*          # PAM module parameters
     /etc/securetty           # this controls root login by console (login)
     /etc/login.defs          # this controls login behaviors (login)

Change the contents of /etc/pam.d/login as follows, if you want insecure but passwordless console terminals at your own risk.

     #auth       required nullok
     auth       required

Similar tricks can be applied for xdm, gdm, ..., for passwordless console X.

On the other hand, install cracklib2 and set /etc/pam.d/passwd as follows, if you want to enforce a good password policy.

     password required retry=3 minlen=6 difok=3

A one-time login password for account activation may also help. For this, use the passwd command with the -e option. See passwd(1).

The maximum number of processes can be set with ulimit -u 1000 in a Bash shell or with settings in /etc/security/limits.conf from PAM. Other parameters such as core can be set similarly. The initial value of PATH can be set by /etc/login.defs before the shell startup script.

The documentation for PAM is packaged in the libpam-doc package. The Linux-PAM System Administrator's Guide covers configuring PAM, what modules are available, etc. The documentation also includes The Linux-PAM Application Developers' Guide and The Linux-PAM Module Writers' Guide.

Debian GNU/Linux Reference Guide
Prev Home Next

  Published under the terms of the GNU General Public License Design by Interspire