428 lines
5.2 KiB
HTML
428 lines
5.2 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
> User Authentication HOWTO
|
|
</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="NEXT"
|
|
TITLE=" Introduction
|
|
"
|
|
HREF="x40.html"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="User Authentication"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="user"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="password"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="PAM"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="NIS"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="/etc/passwd"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="/etc/shadow"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="/etc/group"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="/etc/gshadow"></HEAD
|
|
><BODY
|
|
CLASS="ARTICLE"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="ARTICLE"
|
|
><DIV
|
|
CLASS="TITLEPAGE"
|
|
><H1
|
|
CLASS="TITLE"
|
|
><A
|
|
NAME="AEN2"
|
|
></A
|
|
>User Authentication HOWTO</H1
|
|
><H3
|
|
CLASS="AUTHOR"
|
|
><A
|
|
NAME="AEN4"
|
|
>Peter Hernberg</A
|
|
></H3
|
|
><P
|
|
CLASS="OTHERCREDIT"
|
|
><B
|
|
>Floris Lambrechts - </B
|
|
><SPAN
|
|
CLASS="CONTRIB"
|
|
> Language changes, various small fixes (v0.8).
|
|
</SPAN
|
|
></P
|
|
><P
|
|
CLASS="PUBDATE"
|
|
> 2000-05-02
|
|
<BR></P
|
|
><DIV
|
|
CLASS="REVHISTORY"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
><TR
|
|
><TH
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
COLSPAN="3"
|
|
><B
|
|
>Revision History</B
|
|
></TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revision 0.8</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>2003-02-20</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revised by: fl</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
COLSPAN="3"
|
|
>language changes, various small fixes</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revision 0.5</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>2000-05-15</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revised by: ph</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
COLSPAN="3"
|
|
>added section on securing pam, added resources section</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revision 0.1</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>2000-05-02</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revised by: ph</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
COLSPAN="3"
|
|
>initial version</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
><DIV
|
|
><DIV
|
|
CLASS="ABSTRACT"
|
|
><A
|
|
NAME="AEN7"
|
|
></A
|
|
><P
|
|
></P
|
|
><P
|
|
> Explains how user and group information is stored and how users are authenticated on a Linux system (PAM), and how to secure you system's user authentication.
|
|
</P
|
|
><P
|
|
></P
|
|
></DIV
|
|
></DIV
|
|
><HR></DIV
|
|
><DIV
|
|
CLASS="TOC"
|
|
><DL
|
|
><DT
|
|
><B
|
|
>Table of Contents</B
|
|
></DT
|
|
><DT
|
|
>1. <A
|
|
HREF="x40.html"
|
|
>Introduction</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>1.1. <A
|
|
HREF="x40.html#AEN42"
|
|
>How this document came to be</A
|
|
></DT
|
|
><DT
|
|
>1.2. <A
|
|
HREF="x40.html#AEN45"
|
|
>New versions</A
|
|
></DT
|
|
><DT
|
|
>1.3. <A
|
|
HREF="x40.html#AEN48"
|
|
>Feedback</A
|
|
></DT
|
|
><DT
|
|
>1.4. <A
|
|
HREF="x40.html#AEN51"
|
|
>Copyrights and Trademarks</A
|
|
></DT
|
|
><DT
|
|
>1.5. <A
|
|
HREF="x40.html#AEN64"
|
|
>Acknowledgements and Thanks</A
|
|
></DT
|
|
><DT
|
|
>1.6. <A
|
|
HREF="x40.html#AEN68"
|
|
>Assumptions about the reader</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>2. <A
|
|
HREF="x71.html"
|
|
>How User Information is Stored on Your System</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>2.1. <A
|
|
HREF="x71.html#AEN73"
|
|
><TT
|
|
CLASS="FILENAME"
|
|
>/etc/passwd</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>2.2. <A
|
|
HREF="x71.html#AEN81"
|
|
>Shadow passwords</A
|
|
></DT
|
|
><DT
|
|
>2.3. <A
|
|
HREF="x71.html#AEN95"
|
|
><TT
|
|
CLASS="FILENAME"
|
|
>/etc/group</TT
|
|
> and <TT
|
|
CLASS="FILENAME"
|
|
>/etc/gshadow</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>2.4. <A
|
|
HREF="x71.html#AEN106"
|
|
>MD5 encrypted passwords</A
|
|
></DT
|
|
><DT
|
|
>2.5. <A
|
|
HREF="x71.html#AEN109"
|
|
>Sifting through the mess</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>3. <A
|
|
HREF="x115.html"
|
|
>PAM (Pluggable Authentication Modules)</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>3.1. <A
|
|
HREF="x115.html#AEN118"
|
|
>Why</A
|
|
></DT
|
|
><DT
|
|
>3.2. <A
|
|
HREF="x115.html#AEN127"
|
|
>What</A
|
|
></DT
|
|
><DT
|
|
>3.3. <A
|
|
HREF="x115.html#AEN153"
|
|
>How</A
|
|
></DT
|
|
><DT
|
|
>3.4. <A
|
|
HREF="x115.html#AEN259"
|
|
>Getting more information</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>4. <A
|
|
HREF="x263.html"
|
|
>Securing User Authentication</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>4.1. <A
|
|
HREF="x263.html#AEN266"
|
|
>A strong <TT
|
|
CLASS="FILENAME"
|
|
>/etc/pam.d/other</TT
|
|
></A
|
|
></DT
|
|
><DT
|
|
>4.2. <A
|
|
HREF="x263.html#AEN295"
|
|
>Disabling logins for user with null passwords</A
|
|
></DT
|
|
><DT
|
|
>4.3. <A
|
|
HREF="x263.html#AEN302"
|
|
>Disable unused services</A
|
|
></DT
|
|
><DT
|
|
>4.4. <A
|
|
HREF="x263.html#AEN307"
|
|
>Password-cracking tools</A
|
|
></DT
|
|
><DT
|
|
>4.5. <A
|
|
HREF="x263.html#AEN312"
|
|
>Shadow and MD5 passwords</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>5. <A
|
|
HREF="x316.html"
|
|
>Tying it all together</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>5.1. <A
|
|
HREF="x316.html#AEN319"
|
|
>Apache + mod_auth_pam</A
|
|
></DT
|
|
><DT
|
|
>5.2. <A
|
|
HREF="x316.html#AEN322"
|
|
>Our example</A
|
|
></DT
|
|
><DT
|
|
>5.3. <A
|
|
HREF="x316.html#AEN326"
|
|
>Installing mod_auth_pam</A
|
|
></DT
|
|
><DT
|
|
>5.4. <A
|
|
HREF="x316.html#AEN343"
|
|
>Configuring PAM</A
|
|
></DT
|
|
><DT
|
|
>5.5. <A
|
|
HREF="x316.html#AEN360"
|
|
>Configuring Apache</A
|
|
></DT
|
|
><DT
|
|
>5.6. <A
|
|
HREF="x316.html#AEN373"
|
|
>Testing our setup</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>6. <A
|
|
HREF="x376.html"
|
|
>Resources</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>6.1. <A
|
|
HREF="x376.html#AEN380"
|
|
>PAM</A
|
|
></DT
|
|
><DT
|
|
>6.2. <A
|
|
HREF="x376.html#AEN392"
|
|
>General Security</A
|
|
></DT
|
|
><DT
|
|
>6.3. <A
|
|
HREF="x376.html#AEN407"
|
|
>Offline Documentation</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>7. <A
|
|
HREF="x437.html"
|
|
>Conclusion</A
|
|
></DT
|
|
></DL
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x40.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Introduction</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |