11-18-2015
Not every system uses or even allows all possible login "types". If you read the pam manpage or vi pam.conf in the /etc directory tree you can see what your system does. Also note that you can deny interactive ssh sessions on a per user or per group basis - see your sshd.conf file. This affects the types of logins that you will see.
LDAP, for instance, can be set up to employ a remote server or to use the local box as the ldap server. What you may see in the auth logs will be different - at least on Solaris.
edit: As a second thought - please share what are you trying to accomplish ultimately - NOT how you think it should be done.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I would like to know as what all Unix types can be installed on PC, i.e. Intel Pentium processor and having HDD of let us say 4 GB or so? What RAM would be sufficient? I know for sure that Linux is free and can be installed on PC, can some one tell about other UNIX types which can be obtained for... (3 Replies)
Discussion started by: SANJAY
3 Replies
2. UNIX for Dummies Questions & Answers
Hello,
I've search this site many times and ave not been able to find my answer. So I'm going to post my question....(duh)
Ok.
I'm wanting to know what file types does unix support.
if you can try and list them like this:
php, .php
or somthing like that.
plus don't forget that I said I... (3 Replies)
Discussion started by: dgames
3 Replies
3. UNIX for Dummies Questions & Answers
Hi everyone,
I am a newbies to Unix and hope someone can help me on:
1. Do anyone has batch file example that can be logon to a unix sever through telnet and exec a nohup command without typing in username and passward everytime ?
2. A java script exmaple for doing the same logon so it... (1 Reply)
Discussion started by: oht
1 Replies
4. Windows & DOS: Issues & Discussions
I am not an expert in Unix at all. My knowledge of Unix is average. We have a couple of Unix servers, Solaris and Linux, which run mostly web servers, and Oracle databases. Currently users have multiple user IDs for Unix and AD applications. Is it possible to make use of the Windows Active... (2 Replies)
Discussion started by: speriya
2 Replies
5. Solaris
Experts,
Is there any way to know which authentication method the user used to login into the box? I mean, is possible to identify if an active user had logged using keys or password for example?
Let me clarify: we have a script that we want to allow users to execute only if they have used... (2 Replies)
Discussion started by: fmattos
2 Replies
6. Solaris
I am using solaris unix 8.2 version. I want to bypass password authentication for sftp. Can you please give some ideas on this. thanks.Regards. (4 Replies)
Discussion started by: vijill
4 Replies
7. Shell Programming and Scripting
Hello - Is there a command/way we can find out, what shells are supported on a Unix machine?
Please let me know.
Thanks,
Manju (3 Replies)
Discussion started by: manju--
3 Replies
8. AIX
We are looking at using Tivoli Directory Server (LDAP) or Active Directory 2003 for authentication. I wanted to get some feedback from the community. Our goal is to do it the simplest, easiest, and cheapest way that allows for centralized user authentication. We are mainly an AIX environment with... (3 Replies)
Discussion started by: x96riley3
3 Replies
9. Shell Programming and Scripting
Hi All,
My Servers are enabled with a secondary authentication of login. Whenever we are logging in to the servers with a common id it is asking like something " Enet your personal id and password" which has been created by UNIX admins previously.
Just curious how to achieve this... (1 Reply)
Discussion started by: Showdown
1 Replies
LEARN ABOUT CENTOS
postlogin-ac
SYSTEM-AUTH-AC(5) File Formats Manual SYSTEM-AUTH-AC(5)
NAME
system-auth-ac, password-auth-ac, smartcard-auth-ac, fingerprint-auth-ac, postlogin-ac - Common configuration files for PAMified services
written by authconfig(8)
SYNOPSIS
/etc/pam.d/system-auth-ac
DESCRIPTION
The purpose of this configuration file is to provide common configuration file for all applications and service daemons calling PAM
library.
The system-auth configuration file is included from all individual service configuration files with the help of the include directive. When
authconfig(8) writes the system PAM configuration file it replaces the default system-auth file with a symlink pointing to system-auth-ac
and writes the configuration to this file. The symlink is not changed on subsequent configuration changes even if it points elsewhere. This
allows system administrators to override the configuration written by authconfig.
The authconfig now writes the authentication modules also into additional PAM configuration files /etc/pam.d/password-auth-ac,
/etc/pam.d/smartcard-auth-ac, and /etc/pam.d/fingerprint-auth-ac. These configuration files contain only modules which perform authentica-
tion with the respective kinds of authentication tokens. For example /etc/pam.d/smartcard-auth[-ac] will not contain pam_unix and pam_ldap
modules and /etc/pam.d/password-auth[-ac] will not contain pam_pkcs11 and pam_fprintd modules.
The file /etc/pam.d/postlogin-ac contains common services to be invoked after login. An example can be a module that encrypts an user's
filesystem or user's keyring and is decrypted by his password.
The PAM configuration files of services which are accessed by remote connections such as sshd or ftpd now include the /etc/pam.d/password-
auth configuration file instead of /etc/pam.d/system-auth.
EXAMPLE
Configure system to use pam_tally2 for configuration of maximum number of failed logins. Also call pam_access to verify if access is
allowed.
Make system-auth symlink point to system-auth-local which contains:
auth requisite pam_access.so
auth requisite pam_tally2.so deny=3 lock_time=30
unlock_time=3600
auth include system-auth-ac
account required pam_tally2.so
account include system-auth-ac
password include system-auth-ac
session include system-auth-ac
BUGS
None known.
SEE ALSO
authconfig(8), authconfig-gtk(8), pam(8), system-auth(5)
Red Hat, Inc. 2010 March 31 SYSTEM-AUTH-AC(5)