All Red Hat Linux documents are copyrighted to Red Hat Inc.

Chapter 14. Pluggable Authentication Modules (PAM)

Programs which allow users access to a system verify the user's identity through a process called authentication. Historically, each such program had its own way of performing the task of authentication. Under Red Hat Linux, many such programs are configured to use a centralized authentication process called Pluggable Authentication Modules (PAM).

PAM uses a pluggable, modular architecture, which affords the system administrator a great deal of flexibility in setting authentication policies for the system.

In most situations, the default PAM configuration file for a PAM-aware application is sufficient. However, sometimes it may become necessary to edit a PAM configuration file. Because misconfiguration of PAM can compromise system security, it is important to understand the structure of these files before making any modifications (refer to Section 14.3 PAM Configuration File Format for more information).

14.1. Advantages of PAM

PAM offers the following advantages:

  • Provides a common authentication scheme that can be used with a wide variety of applications.

  • Allows a large amount of flexibility and control over authentication for both the system administrator and application developer.

  • Allows application developers to develop programs without creating their own authentication scheme.

© Copyright 2003-2014 www.php-editors.com. The ultimate PHP Editor and PHP IDE site.