Linux Today: Linux News On Internet Time.

Enterprise Networking Planet: Pulling The Covers Off Linux PAM

Jun 23, 2005, 07:00 (0 Talkback[s])
(Other stories by Carla Schroder)

"A hidden jewel--or pain in the rear, depending on your perspective--is Linux PAM (Pluggable Authentication Module). Linux oldtimers remember the ancient days when PAM was simple and used but a single configuration file. It didn't do much, and life was easy. The modern PAM is more complex and flexible, which can be trying for new sysadmins. But it has a number of significant advantages.

"Back in the Linux stone age, passwords were encrypted by the venerable crypt and the resulting hash was kept in /etc/passwd. /etc/passwd has to be world-readable, so anyone who could glom a copy of it could then crack the passwords at leisure. So shadow passwords were invented; the hashed password is kept in /etc/shadow, which only root can read..."

Complete Story

Related Stories: