PAM Flashcards

1
Q

PAM config files

A

/etc/pam.d/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Docs for PAM

A

/usr/share/pam-x.x.x/txt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Create an account lockout policy with PAM

A

vim /etc/pam.d/password-auth
/etc/pam.d/system-auth
add second line:
auth required pam_faillock.so preauth silent audit deny=3 unlock_time=600

add first line into account section:
account required pam_failock.so

add second line into password section:
password required pam_pwhistory.so remember=30 use_authok

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Sections in PAM

A

auth
account
password
session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Control flags

A

Optional -result is ignored

Required -result required to continue (to obfuscate which module failed)

Requisite- required with notification (if it fails, it will kick you out of the process)

Sufficient- result is ignored on failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly