Slideshare.net (beta)

Home Browse My Slidespace Upload Community Tags Widgets

Latest | Most Viewed | Most Embedded | Featured | Most Favorited | Most Downloaded | Slidecasts

 
Post to TwitterPost to Twitter
Post: 
Myspace Hi5 Friendster Xanga LiveJournal Facebook Blogger Tagged Typepad Freewebs BlackPlanet gigya icons

All comments

Add a comment on Slide 1

If you have a SlideShare account, login to comment; else you can comment as a guest


Showing 1-50 of 1 (more)

Authentication Modules For Linux - PAM Architecture

From gnunify, 2 years ago

3466 views  |  1 comment  |  1 favorite  |  2 embeds (Stats)
Share
Download not available ?
 

Categories

Add Category
 
 

Tags

gnunify gnunify07 linux authenticationmoduleslinux pam authentication

 
 

Groups / Events

 

 
Embed
options

More Info

This slideshow is Public
Total Views: 3466
on Slideshare: 3464
from embeds: 2

Slideshow transcript

Slide 1: Authentication Modules for Linux Arun Bagul Friday, January 26, 2007 1

Slide 2: Thought of the Day... “We all are in mission of learning, What learning will give? -when learning is purposeful, creativity blossoms, when creativity blossoms, thinking emanates, when thinking emanates, knowledge is fully floats, When knowledge fully floats, economy fully flourishes”. - APJ Abdul Kalam Friday, January 26, 2007 2

Slide 3: What will you learn?... Authentication   PAM (Pluggable Authentication Modules)  PAM Modules and Architecture  How to configure PAM?  NSS (Name Service Switch)  Different methods of User Admin.  PAM with MySQL Friday, January 26, 2007 3

Slide 4: Authentication… What is Authentication?   Why Authentication?  Different types of Authentication Basic, single-factor   Multi-factor  Cryptographic Friday, January 26, 2007 4

Slide 5: What is Authentication? Act of establishing identity   Identity: users, systems, applications and messages  Legal process Friday, January 26, 2007 5

Slide 6: Why Authentication? Control access and privileges   Bind some sensitive data  Establish trusted multiple parties  Maintain, secure data/privacy Friday, January 26, 2007 6

Slide 7: Different types of Authentication 1) Basic, single-factor common password  host or system names   application names  numerical ids Friday, January 26, 2007 7

Slide 8: Different types of Authentication 2) Multi-Factor name and password  smart cards   biometric information Friday, January 26, 2007 8

Slide 9: Different types of Authentication 3) Cryptographic Public key authentication   Digital signature Friday, January 26, 2007 9

Slide 10: PAM (Pluggable Authentication Modules) What is PAM?   Why PAM?  Advantages  User administration Friday, January 26, 2007 10

Slide 11: PAM Architecture MySQL Friday, January 26, 2007 11

Slide 12: PAM Modules Authentication management   Account management  Session management  Password management Friday, January 26, 2007 12

Slide 13: PAM Modules syntax… <module> <control-flag> <module-path> <argument> auth required /lib/security ignore account requisite ok session sufficient done password optional e.g.:- auth required pam_issue.so issue=/etc/issue auth requisite pam_securetty.so account requisite pam_time.so Friday, January 26, 2007 13

Slide 14: How to configure PAM /etc/pam.d/login auth requisite pam_securetty.so session required pam_env.so readenv=1 auth optional pam_group.so @include common-auth @include common-account @include common-session session required pam_limits.so session optional pam_lastlog.so session optional pam_motd.so session optional pam_mail.so standard @include common-password Friday, January 26, 2007 14

Slide 15: How to configure PAM /etc/pam.d/common-session #session required pam_unix.so #session optional pam_foreground.so session required pam_mkhomedir.so skel=/etc/skel/ session sufficient pam_unix.so session required pam_mysql.so config_file=/etc/pam_mysql.conf /etc/pam.d/common-password password sufficient pam_unix.so nullok obscure min=4 max=8 md5 password required pam_mysql.so config_file=/etc/pam_mysql.conf /etc/pam.d/common-account account sufficient pam_mysql.so config_file=/etc/pam_mysql.conf account required pam_unix.so Friday, January 26, 2007 15

Slide 16: NSS (Name Service Switch) MySQL Friday, January 26, 2007 16

Slide 17: Different methods of User Admin. PAM with MySQL   PAM with Postgres  LDAP  Kerberos  Samba  OPIE (One time Password In Everything) Friday, January 26, 2007 17

Slide 18: PAM with MySQL pam_mysql   libnss-mysql_1.0_4  Database:- authentication  Tables:- users, groups and authlog /etc/pam_mysql.conf   /etc/nsswitch.conf  /etc/nss-mysql.conf  /etc/nss-mysql-root.conf  /etc/pam.d Friday, January 26, 2007 18

Slide 19: PAM with MySQL pam_mysql and libnss-mysql installation  # ./configure --with-pam-mods-dir=/lib/security # dpkg –i libnss-mysql_1.0_4ubuntu.deb create pam_mysql package for same configuration  Friday, January 26, 2007 19

Slide 20: PAM with MySQL #/etc/pam_mysql.conf users.host = 192.168.0.10 users.database = authentication users.db_user = connect_auth users.db_passwd = abc users.where_clause = users.status = 'A' AND users.allowed_hosts LIKE '%hostname%'; users.table = users users.update_table = users users.user_column = user_name users.password_column = password users.password_crypt = 1 log.enabled = 1 log.table = authlog Friday, January 26, 2007 20

Slide 21: PAM with MySQL #/etc/nsswitch.conf files mysql passwd: files mysql group: files mysql shadow: Friday, January 26, 2007 21

Slide 22: PAM with MySQL #/etc/nss-mysql.conf ## DB Access users.host = inet:192.168.0.10:3306; users.db_user = query_auth; users.db_password = xyz ## USERS users.table = users; users.user_column = users.user_name; users.user_column = users.user_name; Friday, January 26, 2007 22

Slide 23: Authentication Modules for Linux Thank you www.magnettechnologies.com arun.bagul@magnettechnologies.com Ph:- 022 6719200, 9890756335 Friday, January 26, 2007 23

© 2008 SlideShare Inc. All Rights Reserved.
App09.ss is serving you.