Enterprise Linux Magazine: Meet PAM - Authenticating Users on an Open Source SystemAug 27, 2000, 19:18 (1 Talkback[s])
(Other stories by Scott Mann)
"Pluggable authentication modules (PAM) were originally developed by Sun Microsystems and released as an undocumented feature in Solaris 2.3. Since then, Sun has done little with PAM, compared to the open source community, and most specifically, the Linux community. In this article, we will explore the general role of Linux-PAM, its components, configuration and a few general examples of its use."
"The principal purpose of PAM is to provide a framework for authenticating users on a system. To put PAM in perspective, consider the very commonly implemented programs ftp and telnet. Historically, each of these utilities incorporated its own authentication mechanism through its associated daemon: telnetd and ftpd, respectively. Telnetd would use the authentication algorithm supplied by the login program while the ftpd incorporated its own authentication algorithm. These algorithms are quite similar and in most UNIX implementations, ultimately resolved to the use of the entries found in /etc/passwd (and, in some cases, /etc/shadow or similar files). Figure 1 depicts the authentication procedure in this case."