2000/05/02
Explains how user and group information is stored and how users are authenticated on a Linux system (PAM), and how to secure you system's user authentication.
When trying to add a number of (mostly unnecessary :) network services to my existing home network, I kept running into the problem of authentication, so I decided to figure out how authentication works on linux systems, write a HOWTO, and call it my senior project. I hope this document helps you understand this often-forgotten, but very important, aspect of system administration.
When I get my domain up running properly, you'll be able to find the newest version of this document there. Until then, http://www.linuxdoc.org/ will have to suffice.
Comments, corrections, suggestions, flames, and flying saucer sightings can be sent to petehern@yahoo.com.
v0.1 (May 13, 2000) first version (not released).
v0.3 (May 14, 2000) revised (not released).
v0.5 (May 15, 2000) added section on securing pam, added resources section (not released).
v0.7 (May 15, 2000) revised; ready for release.
(c) 2000 Peter Hernberg
This manual may be reproduced in whole or in part, without fee, subject to the following restrictions:
The copyright notice above and this permission notice must be preserved complete on all complete or partial copies
Any translation or derived work must be approved by the author in writing before distribution.
If you distribute this work in part, instructions for obtaining the complete version of this manual must be included, and a means for obtaining a complete version provided.
Small portions may be reproduced as illustrations for reviews or quotes in other works without this permission notice if proper citation is given. Exceptions to these rules may be granted for academic purposes: Write to the author and ask. These restrictions are here to protect us as authors, not to restrict you as learners and educators. Any source code (aside from the SGML this document was written in) in this document is placed under the GNU General Public License, available via anonymous FTP from the GNU archive.
Thanks to my family for putting up with me for 18 years. Thanks to the Debian folks for making such a sweet distro for me to play with. Thanks to CGR for paying me to be a geek. Thanks to Sandy Harris for his helpful suggestions. Finally, I'd like thank the makers of ramen noodles, because I don't know how I'd live without them.
For the purpose of this document, it is assumed that the reader is comfortably with executing commands at the command line and editing text configuration files.
Next | ||
How User Information is Stored on Your System |