Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Debian GNU/Linux Reference Guide
Prev Home Next

9.2.1 Restricting logins with PAM

PAM (Pluggable Authentication Modules) allow you to control how users log in.

     /etc/pam.d/*             # PAM control files
     /etc/pam.d/login         # PAM control file for login
     /etc/security/*          # PAM module parameters
     /etc/securetty           # this controls root login by console (login)
     /etc/login.defs          # this controls login behaviors (login)

Change the contents of /etc/pam.d/login as follows, if you want insecure but passwordless console terminals at your own risk.

     #auth       required   pam_unix.so nullok
     auth       required   pam_permit.so

Similar tricks can be applied for xdm, gdm, ..., for passwordless console X.

On the other hand, install cracklib2 and set /etc/pam.d/passwd as follows, if you want to enforce a good password policy.

     password required       pam_cracklib.so retry=3 minlen=6 difok=3

A one-time login password for account activation may also help. For this, use the passwd command with the -e option. See passwd(1).

The maximum number of processes can be set with ulimit -u 1000 in a Bash shell or with settings in /etc/security/limits.conf from PAM. Other parameters such as core can be set similarly. The initial value of PATH can be set by /etc/login.defs before the shell startup script.

The documentation for PAM is packaged in the libpam-doc package. The Linux-PAM System Administrator's Guide covers configuring PAM, what modules are available, etc. The documentation also includes The Linux-PAM Application Developers' Guide and The Linux-PAM Module Writers' Guide.


Debian GNU/Linux Reference Guide
Prev Home Next

 
 
  Published under the terms of the GNU General Public License Design by Interspire