Pluggable Authentication Modules
Pluggable Authentication Modules ( PAM ) is a programming interface (API) that enables programs to authenticate users using configurable modules .
Details
PAM was developed in 1995 by Vipin Samar and Charlie Lai at Sun Microsystems and has not changed significantly since then. In 1997 , the Open Group published a preliminary specification called X / Open Single Sign-on Service ( XSSO ). PAM is now available on AIX , HP-UX , Solaris , Linux , FreeBSD , NetBSD , macOS and DragonFly BSD .
Instead of reformulating the details of the authentication in each application, the PAM-API offers a standardized service in the form of modules . In a configuration file , the system administrator can assign the authentication modules to individual services without having to recompile the software that implements these services .
In practice, PAM is often used to combine various server services such as SSH and FTP with just one authentication service. This enables the central storage of the login data for these services. If the password is changed at the central point, you can log into all services directly with the new, centrally stored password. Separate password databases for individual services are not necessary.
See also
Web links
- PAM at linuxwiki.de
- Dag-Erling Smørgrav: Pluggable Authentication Modules (English)
- X / Open Single Sign-on Service (XSSO) (English)
- Thomas Glanzmann: Unix-Encrypt Password System, shadow, Pluggable Authentication Module (PDF, 100 KiB)
- Basics (Wedel University of Applied Sciences)
- Linux-PAM page (English)
- Java-PAM Bridge (English)