Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

is there a login service?

Status
Not open for further replies.
capitano

capitano

Programmer
Jul 30, 2001
88
US
I'm writing an application for RH7.1 Linux which should require authentication against user shell account. Instead of writing my own script to parse both the /etc/passwd and /etc/shadow to compare username and MD5 passwords, I'd like to find an application/service which already does this. I could wrap my application around this pre-existing service.

How does telnet, ssh, and etc run username/passwd checks? Don't they wrap around a pre-existing service? Or do they REALLY do all this parsing by their lonely old selves?

Does anybody know of a service to authenticate against user shell login/passwds which I can use??

Anybody, Anybody?

Thanks!!!
 
Sort by date Sort by votes
Hi,

Its all done with PAM (Pluggable Authentication Modules). Once PAM is active requests for resources are run through a series of rules defined by a config file in the /etc/pam.d directory. For example, /etc/pam.d/login . PAM config files look like this :

#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_unix.so shadow nullok
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_unix.so shadow nullok use_authtok
session required /lib/security/pam_unix.so

What happens is each module is called and conditions tested. Frequently they have their own config files. For example the module pam_securetty.so is the one that restricts root access to any tty other than those listed in /etc/securetty . The main site for info on PAM is here --> .

A bit more helpful for a newbie are the redhat docs --> and also -->
Because of this modular design, you can write pretty much any add-on authorisation modules you like and use the PAM mechanism to apply them. The module writer's guide is here --> .


Hope this helps
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
How Do I Start/Stop Systemd Services as a non-root User?
Replies
2
Views
898
gbaughma
gbaughma
SamBones
  • Locked
  • Question
CentOS is Dead? 1
Replies
0
Views
282
SamBones
SamBones
spamjim
  • Locked
  • Question
Sorting out NTFS filesystem issues
Replies
0
Views
289
spamjim
spamjim
Steve Bowman
  • Locked
  • Question
I have a Debian server (buster) I h
Replies
0
Views
220
Steve Bowman
Steve Bowman
RedLinux
  • Locked
  • Question
Login session issues with HTTP headers
Replies
0
Views
181
RedLinux
RedLinux

Part and Inventory Search

Sponsor

Back
Top