[Pkg-shadow-devel] Bug#187921: login: PAM service for login is
fixed.
Steve Langasek
vorlon at debian.org
Tue Nov 8 08:30:53 UTC 2005
Hi,
At Christian's request, here is an example of how different authentication
types can be accepted for console logins vs. telnet, with a single PAM
config file (i.e., no need for patches here):
auth requisite pam_securetty.so
auth requisite pam_nologin.so
auth [success=ignore default=1] pam_listfile.so onerr=fail item=tty \
sense=allow file=/etc/securetty
auth sufficient pam_unix.so nullok_secure
auth requisite pam_opie.so
Needs to be tweaked if you have other modules in common that should be
stacked after pam_unix/pam_opie, but that follows the same principle as
above.
The syntax used here is documented in the Linux-PAM System Administrators'
Guide in the libpam-doc package.
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20051108/b491019b/attachment.pgp
More information about the Pkg-shadow-devel
mailing list