mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-22 17:24:23 +01:00
24 lines
888 B
Plaintext
24 lines
888 B
Plaintext
|
# Configuration file for Pluggable Authentication Modules (PAM).
|
||
|
#
|
||
|
# This file controls the authentication methods that login and other
|
||
|
# utilities use. See pam(8) for a description of its format.
|
||
|
#
|
||
|
# Note: the final entry must say "required" -- otherwise, things don't
|
||
|
# work quite right. If you delete the final entry, be sure to change
|
||
|
# "sufficient" to "required" in the entry before it.
|
||
|
#
|
||
|
# $FreeBSD$
|
||
|
|
||
|
# If the user can authenticate with S/Key, that's sufficient.
|
||
|
login auth sufficient pam_skey.so
|
||
|
|
||
|
# Check skey.access to make sure it is OK to let the user type in
|
||
|
# a cleartext password. If not, then fail right here.
|
||
|
login auth requisite pam_cleartext_pass_ok.so
|
||
|
|
||
|
# If you want KerberosIV authentication, uncomment the next line:
|
||
|
#login auth sufficient pam_kerberosIV.so try_first_pass
|
||
|
|
||
|
# Traditional getpwnam() authentication.
|
||
|
login auth required pam_unix.so try_first_pass
|