Skip to main content
Unix & Linux

Questions tagged [pam]

Ask Question

Pluggable Authentication Modules handle authentication tasks of applications or services running on the system.

685 questions
Newest Active Bountied Unanswered
6 votes
1 answer
202 views

pam_mount results not available in pam_exec

How can a pam_exec script access mounts performed by pam_mount? I have a working auth optional pam_mount.so PAM configuration such that the device is not mounted before entering the passphrase (tested ...
Ross Patterson's user avatar
Ross Patterson
  • 163
1 vote
1 answer
66 views

Samba authentication error: NT_STATUS_LOGON_FAILURE (linked with PAM: Account Validation Failed)

I would like to share a folder by a Samba server installed in my Linux (yocto) distribution. The configuration of my Samba server (file /etc/samba/smb.conf) The output of the command testparm -s is: # ...
User051209's user avatar
User051209
  • 668
5 votes
1 answer
207 views

'sudo su' Permission Denied, but relogging fixes it

I am having an issue that is only present since about April after updating packages. When I am accessing servers and use sudo su or sudo -s to access root and enter my password, I'll get: sudo: PAM ...
JCrowder's user avatar
JCrowder
  • 81
1 vote
1 answer
90 views

pam module for sudo bypassed by using sudo -i

I've been trying to set up 2FA with Google Authenticator on Ubuntu to protect sudo. I followed the steps at https://blog.jitendrapatro.me/configuring-two-factor-authentication-for-su-and-sudo/ and ...
Burvil's user avatar
Burvil
  • 43
3 votes
1 answer
125 views

pam syntax help for password-auth

I have an /etc/pam.d/dcv file (goes with nice-dcv) and it has just these two lines: auth include password-auth account include password-auth my problem is a security request to include a ...
ron's user avatar
ron
  • 9,092
-1 votes
1 answer
59 views

publickey authentication getting failed in rhel

I have 2 RHEL machines . I am attempting to login via ssh with publickeyauthentication from 1 machine (say Machine A) to the other (say machine B) both of which are in the same network. For that first ...
Biswa's user avatar
Biswa
  • 99
1 vote
1 answer
1k views

pam_env(sshd:session): deprecated reading of user environment enabled

Debian 12 Bookworm; Inspecting the SSH system log, there is always a trailing grayed-out message at the end of each log entry: pam_env(sshd:session): deprecated reading of user environment enabled I ...
Vlastimil Burián's user avatar
Vlastimil Burián
  • 31.1k
1 vote
0 answers
92 views

How to debug chpasswd "Authentication token manipulation error"

I'm trying to programmatically change a user's password using chpasswd, but I'm getting the following error: /sbin/chpasswd <<< "0s22xmgW:<new_password>" chpasswd: (user ...
ealfonso's user avatar
ealfonso
  • 1,005
0 votes
2 answers
133 views

How to redirect output from a program that waits for input

Following this post I created my own version of the script, with the difference that user and password are forwarded from the environment variables: #!/bin/zsh pamtester login $user authenticate <&...
Namal's user avatar
Namal
  • 101
2 votes
0 answers
78 views

Custom PAM module and Oauth2 tokens

I have rootless Podman container (system: Alpine Linux) in Podman (master system: Alpine Linux). Container is able to work with xRDP (and sesman) so I am able to connect to it via local user (if ...
VitezslavSimon's user avatar
VitezslavSimon
  • 121
1 vote
1 answer
86 views

PAM maxlogins limit not working

Since upgrading from CentOS 7 to Rocky Linux 8 our PAM maxlogins limit is no longer being enforced for SFTP sessions. SFTP users belong to the sftp group and we have this in /etc/security/limits.d/10-...
drjeep's user avatar
drjeep
  • 125
15 votes
2 answers
5k views

Why am I known as a user?

I inherited a Linux server; the previous administrator is no longer with our company. I can log in to the server via SSH with my company-wide Microsoft Directory administration user, and it works ...
Matthias Ronge's user avatar
Matthias Ronge
  • 515
0 votes
1 answer
186 views

How to configure the system so that users in a specific user group can execute programs requiring the cap_sys_admin capability?

My primary goal is to allow users in a specific group to execute programs requiring the cap_sys_admin capability (e.g., perf) after SSH-ing into Ubuntu 22.04. A simple solution is modifying ...
lei hu's user avatar
lei hu
  • 103
2 votes
1 answer
46 views

Why PAM modules are restricted from accessing keys on root keyring?

I'm writing a special PAM module that is supposed to authenticate user with a password stored in kernel keyring. The key is added by running the following command as root: keyctl add user some-key 123 ...
Subtle Development Space's user avatar
Subtle Development Space
  • 193
0 votes
1 answer
49 views

Pam with krb5: very strange local user login, krb5 user login, root..no

This is my pam.conf for Slackware 15.0 #%PAM-1.0 # # Most of these PAM modules have man pages included, like # pam_unix(8) for example. # ################## # Authentication # ################## ...
elbarna's user avatar
elbarna
  • 14.2k

15 30 50 per page
1
2 3 4 5
46