Home | 简体中文 | 繁体中文 | 杂文 | 打赏(Donations) | Github | OSChina 博客 | 云社区 | 云栖社区 | Facebook | Linkedin | 知乎专栏 | 视频教程 | About

第 141 章 Authentication


141.1. /etc/login.defs
141.2. PAM 插件认证
141.2.1. pam_tally2.so
141.2.2. pam_listfile.so
141.2.3. pam_access.so
141.2.4. pam_wheel.so
141.3. Network Authentication
141.3.1. Network Information Service (NIS) 安装NIS服务器 Slave NIS Server 客户机软件安装 Authentication Configuration application example Mount /home volume from NFS
141.3.2. OpenLDAP Server Client User and Group Management
141.3.3. Kerberos Kerberos 安装 CentOS 安装 Install by apt-get Kerberos Server Kerberos Client Kerberos Management ktutil - Kerberos keytab file maintenance utility klist - list cached Kerberos tickets OpenSSH Authentications Configuring the Application server system Configuring the Application client system
141.3.4. FreeRADIUS (Remote Authentication Dial In User Service) 安装 FreeRADIUS Ubuntu 安装 radiusd ldap mysql WAP2 Enterprise
141.3.5. SASL (Simple Authentication and Security Layer)
141.3.6. GSSAPI (Generic Security Services Application Program Interface)

141.1. /etc/login.defs


# cat /etc/login.defs
# Please note that the parameters in this configuration file control the
# behavior of the tools from the shadow-utils component. None of these
# tools uses the PAM mechanism, and the utilities that use PAM (such as the
# passwd command) should therefore be configured elsewhere. Refer to
# /etc/pam.d/system-auth for more information.

#   Directory where mailboxes reside, _or_ name of file, relative to the
#   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
#   QMAIL_DIR is for Qmail
#QMAIL_DIR	Maildir
MAIL_DIR	/var/spool/mail
#MAIL_FILE	.mail

# Password aging controls:
#	PASS_MAX_DAYS	Maximum number of days a password may be used.
#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
#	PASS_MIN_LEN	Minimum acceptable password length.
#	PASS_WARN_AGE	Number of days warning given before a password expires.

# Min/max values for automatic uid selection in useradd
UID_MIN			  500
UID_MAX			60000

# Min/max values for automatic gid selection in groupadd
GID_MIN			  500
GID_MAX			60000

# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#USERDEL_CMD	/usr/sbin/userdel_local

# If useradd should create home directories for users by default
# On RH systems, we do. This option is overridden with the -m flag on
# useradd command line.

# The permission mask is initialized to this value. If not specified,
# the permission mask will be initialized to 022.
UMASK           077

# This enables userdel to remove user groups if no members exist.

# Use SHA512 to encrypt password.