HPE Community
Operating System - HP-UX
1832513 Members
4485 Online
110043 Solutions
New Discussion

PAM

 
Sunil Sharma_1
Honored Contributor

‎02-27-2004 01:50 AM

‎02-27-2004 01:50 AM

PAM

Hi All,

I don't know what is PAM. Could somebody give me information about PAM. with standard HP UX what can i acheive using this?

I know i am asking nonsense information..but please help...

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Reply
8 REPLIES 8
Robert-Jan Goossens
Honored Contributor

‎02-27-2004 01:53 AM

‎02-27-2004 01:53 AM

Re: PAM

Hi Sunil.

Pam Kerberos ?

http://www.software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J5849AA

Regards,
Robert-Jan
0 Kudos
Reply
Dave Hutton
Honored Contributor

‎02-27-2004 01:54 AM

‎02-27-2004 01:54 AM

Re: PAM

If you look at man pam it has a pretty good description of it:


PAM gives system administrators the flexibility of choosing any
authentication service available on the system to perform
authentication. The framework also allows new authentication service
modules to be plugged in and made available without modifying the
applications.

The PAM framework, libpam, consists of an interface library and
multiple authentication service modules. The PAM interface library is
the layer implementing the Application Programming Interface (API).
The authentication service modules are a set of dynamically loadable objects invoked by the PAM API to provide a particular type of user
authentication.


0 Kudos
Reply
Sundar_7
Honored Contributor

‎02-27-2004 10:57 AM

‎02-27-2004 10:57 AM

Re: PAM

Sunil,

PAM was first introduced in 10.20. In 10.20 it was only used for CDE authentication.

In 11.x, PAM is integrated in to HP-UX login mechanism. PAM-NTLM and PAM-Kerberos are the two products that you would be interested if you are to authenticate against NT/2000 servers.

PAM-NTLM is installed as part of the CIFS-CLient package. PAM-Kerberos enables the HP-UX logins to be authenticated against windows 2K servers. Remember kerberos is the authentication mechanism used in windows 2K.

/etc/pam.conf is the file and /usr/lib/security is where the pam shared libaries are stored

-- Sundar.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Vijaya Kumar_3
Respected Contributor

‎02-27-2004 04:34 PM

‎02-27-2004 04:34 PM

Re: PAM

PAM is the Pluggable authentication module and it play a role in unix authentication. Whenever a user login to the system, PAM is used to authenticate the login.

PAM can used for ultimately full security (no one is allowd to login to the system) to no security (anyone is allowed to login to the system) by editing /etc/pam.conf.

PAM is the standard authentication mechanism in HP-UX 11/11.11, Solaris 7/8/9/10, AIX 5.2 and All linux flavors.

I used this guide to know about PAM.
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html

Hope this helps
Vijay
Known is a drop, unknown is ocean - visit me at http://vijay.theunixplace.com
0 Kudos
Reply
Sunil Sharma_1
Honored Contributor

‎02-29-2004 03:54 PM

‎02-29-2004 03:54 PM

Re: PAM

Thanks to all who responded.

i want to impliment some password ristrictions in my HP UX 10.20 box. can i do this using PAM modules or i have convert my system in trusted mode ?

if yes how can i do that ?

Password ristrictions like password aging, password construction etc.

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Reply
Michael Tully
Honored Contributor

‎02-29-2004 04:07 PM

‎02-29-2004 04:07 PM

Re: PAM

You don't need PAM or to secure your system just for password aging. You can just implement it using the represented characters of numbers of weeks. See:
$ man 4 passwd

If you wish to go further and have password policies as such, then yes trust your system. Be aware that trusting your system forces each user to change their password. If you are not that familiar with password aging using trusted system, SAM is a good helper.

To trust:
/usr/lbin/tsconvert

to untrust:
/usr/lbin/tsconvert -r
Anyone for a Mutiny ?
0 Kudos
Reply
Karthik S S
Honored Contributor

‎02-29-2004 04:52 PM

‎02-29-2004 04:52 PM

Re: PAM

To secure your hp-ux system refer to,

http://downloads.securityfocus.com/library/bastion.html

-Karthik S S
For a list of all the ways technology has failed to improve the quality of life, please press three. - Alice Kahn
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.