Difference between revisions of "PAM"
From Nuclear Physics Group Documentation Pages
Jump to navigationJump to searchm (→Access Control) |
|||
| Line 1: | Line 1: | ||
"Pluggable Authentication Module." Programs that are aware of PAM use the modules defined in the PAM configuration files for making authentication/access decisions. | "Pluggable Authentication Module." Programs that are aware of PAM use the modules defined in the PAM configuration files for making authentication/access decisions. | ||
| − | == Access Control == | + | == Remote Access Control == |
''/etc/pam.d/sshd'' contains <code>account required pam_access.so</code>.<br />''/etc/security/access.conf'' contains the rules for who can log into the machine. | ''/etc/pam.d/sshd'' contains <code>account required pam_access.so</code>.<br />''/etc/security/access.conf'' contains the rules for who can log into the machine. | ||
Revision as of 15:32, 15 August 2007
"Pluggable Authentication Module." Programs that are aware of PAM use the modules defined in the PAM configuration files for making authentication/access decisions.
Remote Access Control
/etc/pam.d/sshd contains account required pam_access.so.
/etc/security/access.conf contains the rules for who can log into the machine.
Chart of what groups can log onto what machines:
| name | restricted by access.conf | no group | npg | farm | domain_admins | splunker |
|---|---|---|---|---|---|---|
| einstein | no | yes | yes | yes | yes | |
| lentil | no | yes | yes | yes | yes | |
| gourd | yes | no | yes | no | yes | |
| roentgen | yes | no | yes | no | yes | |
| taro | yes | no | no | yes | yes | |
| pepper | yes | no | no | yes | yes | |
| jalapeno | yes | no | no | no | yes | yes |
| tomato | yes | no | yes | no | yes | |
| okra | yes | no | yes | no | yes |
