Pluggable Authentication Modules: The Definitive Guide to PAM for Linux SysAdmins and C Developers

Cart | Your Account | Trade | Sitemap

BROWSE

SHOPPING CART

CHECKOUT

Kenneth Geisshirt

Pluggable Authentication Modules: The Definitive Guide to PAM for Linux SysAdmins and C Developers

A comprehensive and practical guide to PAM for Linux: how modules work and how to implement them

Understand and configure PAM
Develop PAM-aware applications and your own PAMs using the API and C
How to authenticate users in Active Directory, mount encrypted home directories, load SSH keys automatically, and restrict web and rsh services

In More Detail

Available Now

Buy 2 books, get 18% off
Buy 2 eBooks, get 35% off

Code download
Request a Review Copy
Send us feedback on this title
Ask a question about this title
Book Details

Language English
Paperback 124 pages [191mm x 235mm]
Release date January 2007
ISBN 1904811329
ISBN 13 978-1-904811-32-9
Author(s) Kenneth Geisshirt
Topics and Technologies Networking & Telephony, Linux Servers

First this book explains how Pluggable Authentication Modules (PAM) simplify and standardize authentication in Linux. It shows in detail how PAM works and how it is configured. Then 11 common modules used across UNIX/Linux distributions are examined and explained, including all their parameters. Installation of third-party modules is discussed, and the development of new modules and PAM-aware applications is outlined

In Detail

PAM-aware applications reduce the complexity of authentication. With PAM you can use the same user database for every login process. PAM also supports different authentication processes as required. Moreover, PAM is a well-defined API, and PAM-aware applications will not break if you change the underlying authentication configuration.

The PAM framework is widely used by most Linux distributions for authentication purposes. Originating from Solaris 2.6 ten years ago, PAM is used today by most proprietary and free UNIX operating systems including GNU/Linux, FreeBSD, and Solaris, following both the design concept and the practical details. PAM is thus a unifying technology for authentication mechanisms in UNIX.

PAM is a modular and flexible authentication management layer that sits between Linux applications and the native underlying authentication system. PAM can be implemented with various applications without having to recompile the applications to specifically support PAM.

What you will learn from this book

Using PAM services for authentication in applications
Using PAM modules common to various operating systems (pam_mkhomedir, pam_mount, pam_succeed_if, pam_nologin, pam_wheel, pam_access, pam_deny, pam_unix, pam_winbind, pam_ldap, pam_mysql)
Testing and debugging your PAM configuration
Using PAM and Winbind for integrating any Linux/UNIX computer with Microsoft Active Directory
Developing your own PAM module in C

Approach

This book provides a practical approach to UNIX/Linux authentication. The design principles are explained thoroughly, then illustrated through the examination of popular modules. It is intended as a one-stop introduction and reference to PAM.

Who this book is written for

This book is for experienced system administrators and developers working with multiple Linux/UNIX servers or with both UNIX and Windows servers. It assumes a good level of admin knowledge, and that developers are competent in C development on UNIX-based systems.

Author(s)

Kenneth Geisshirt
Kenneth Geisshirt is a chemist by education, and is a strong free-software advocate. He spent his Christmas holidays in 1992 installing SLS Linux, and GNU/Linux has been his favorite operating system ever since. Currently, he does consultancy work in areas like scientific computing and Linux clusters. He lives in Copenhagen, Denmark with his partner and their two children. You can find him at http://kenneth.geisshirt.dk/.