Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
31323334353637383940
Click HP-UX 11i v3 Networking Software.
PAM_RADIUS
The HP-UX PAM RADIUS module provides authentication and session management
for PAM enabled applications (typically system entry services such as login and
ftp) through RADIUS server using the pam.conf configuration file. The HP-UX PAM
RADIUS module consists of the following two modules:
Authentication module
Session management module
It also provides null function for account management. All modules are supported
through the same dynamically loadable library,
/usr/lib/security/libpam_radius.1.
The HP-UX PAM RADIUS module supports two-factor authentication by requesting
the user's password and One Time Password (OTP).
For more information, see pam_radius(5).
PAM_UNIX
The PAM_UNIX modules provide functionality for all four PAM modules:
authentication, account management, session management, and password
management. The modules are supported through the PAM UNIX library, /usr/
lib/security/libpam_unix.1. See pam_unix(5) for more information.
PAM_UPDBE
The user policy definition service module for PAM, /usr/lib/security/
libpam_updbe.1, reads options defined in the user configuration file, /etc/
pam_user.conf, and stores the information in the PAM handle for subsequent
service modules to use. See pam_updbe(5) for more information.
2.3.3 Systemwide Configuration Using /etc/pam.conf
The PAM configuration file /etc/pam.conf defines the security mechanisms that are
used to authenticate users. Its default values provide the customary operation of the system
under both standard HP-UX and trusted systems. It also provides support for controls on
individual users and for the DCE integrated login functionality.
NOTE: For DCE, use the auth.adm utility to create the desired configuration file. This
file is functionally equivalent to the former HP integrated login auth.conf file. See
auth.adm(1m) for more information.
The libpam and libpam_unix PAM libraries and the /etc/pam.conf configuration
file must be on the system in order for users to be able to log in or change passwords.
HP-UX authentication is dependent upon the file /etc/pam.conf. This file must be
owned by root with the following file permissions:
2.3 Authenticating Users with PAM 37