1 # Configuration file for Pluggable Authentication Modules (PAM).
3 # This file controls the authentication methods that login and other
4 # utilities use. See pam(8) for a description of its format.
6 # Note: the final entry must say "required" -- otherwise, things don't
7 # work quite right. If you delete the final entry, be sure to change
8 # "sufficient" to "required" in the entry before it.
12 # If the user can authenticate with S/Key, that's sufficient; allow clear
13 # password. Try kerberos, then try plain unix password.
14 login auth sufficient pam_skey.so
15 login auth requisite pam_cleartext_pass_ok.so
16 #login auth sufficient pam_kerberosIV.so try_first_pass
17 login auth required pam_unix.so try_first_pass
19 # Same requirement for ftpd as login
20 ftpd auth sufficient pam_skey.so
21 ftpd auth requisite pam_cleartext_pass_ok.so
22 #ftpd auth sufficient pam_kerberosIV.so try_first_pass
23 ftpd auth required pam_unix.so try_first_pass
25 # r-utils are broken; ensure this doesn't bother folk
26 rshd auth sufficient pam_deny.so
29 xserver auth required pam_permit.so
31 # XDM is difficult; it fails or moans unless there are modules for each
32 # of the four management groups; auth, account, session and password.
33 xdm auth required pam_unix.so
34 #xdm auth sufficient pam_kerberosIV.so try_first_pass
35 xdm account required pam_unix.so try_first_pass
36 xdm session required pam_deny.so
37 xdm password required pam_deny.so
40 imap auth required pam_unix.so try_first_pass
41 pop3 auth required pam_unix.so try_first_pass
43 # If we don't match anything else, default to using getpwnam().
44 other auth required pam_unix.so try_first_pass
45 other account required pam_unix.so try_first_pass
projects / FreeBSD / FreeBSD.git / blob