Introduction to the Kerberos Products and
PAM Kerberos
OTHER | session sufficient /usr/lib/security/libpam_unix.1 |
# |
|
#Password management
login | password sufficient /usr/lib/security/libpam_krb5.1 |
login | password required /usr/lib/security/libpam_unix.1 |
passwd | password sufficient /usr/lib/security/libpam_krb5.1 |
passwd | password required /usr/lib/security/libpam_unix.1 |
dtlogin | password sufficient /usr/lib/security/libpam_krb5.1 |
dtlogin | password required /usr/lib/security/libpam_unix.1 |
dtaction | password sufficient /usr/lib/security/libpam_krb5.1 |
dtaction | password required /usr/lib/security/libpam_unix.1 |
OTHER | password sufficient /usr/lib/security/libpam_unix.1 |
On
#
#PAM configuration
#Notes: This pam.conf file is intended as an example only.
#If the path to a library is not absolute, it is assumed to be
#relative to one of the following directories:
# /usr/lib/security | (PA |
#/usr/lib/security/pa20_64 (PA
#/usr/lib/security/hpux32 (IA
#/usr/lib/security/hpux64 (IA
#The IA file name convention is normally used; for example:
#libpam_unix.so.1
#For PA libpam_unix.so.1 is a symbolic link to the PA library:
#ln
#Also note that the use of pam_hpsec(5) is mandatory for some of the
#services. See pam_hpsec(5).
#Authentication management
# |
|
|
login | auth sufficient | libpam_krb5.so.1 |
login | auth required | libpam_unix.so.1 |
try_first_pass |
| |
su | auth sufficient | libpam_krb5.so.1 |
su | auth required | libpam_unix.so.1 |
try_first_pass |
| |
dtlogin | auth sufficient | libpam_krb5.so.1 |
dtlogin | auth required | libpam_unix.so.1 |
try_first_pass |
| |
dtaction | auth sufficient | libpam_krb5.so.1 |
dtaction | auth required | libpam_unix.so.1 |
try_first_pass |
| |
ftp | auth sufficient | libpam_krb5.so.1 |
44 | Chapter 2 |