Re: PAM on HP-UX 10.20

Wed, 5 May 1999 17:51:46 +0200 (MET DST) 

In message <c=US%a=ATTMAIL%p=ALCOAUSA%l=NAE_ATC2-990505133550Z-2572@nae-msx2rtr
.atc.alcoa.com>, "Luciew, Daniel G." writes:

>       Does anyone have a copy of the /etc/pam.conf file I can look at?  Also,
>what else besides changing the pam.conf file do you have to do?  Do I
>have to modify inetd.conf?  Are there any other files other than
>/usr/lib/security/pam_afs.so.1 that have to be changed/added to the
>system?  Do I have to do special handling for
>login/rlogin/remsh/ftp/telnet?

Here is my config from a sol26 machine which should be good enough.
Watch out for the line wraps.  You do not need to modify inetd.conf,
and presumably telnet/login/rlogin etc... are already setup to
use pam under HP-UX, so you shouldn't need to do anything else.


Any binaries that did not come with the system ( wu-ftp or ssh), need to
be setup to use Pam.  It is fairly straight forward I am told, but I can't
unfortunately give you any examples (maybe someone else on the list can) :(


---- 
#ident  "@(#)pam.conf 1.19     95/11/30 SMI"
#
# PAM configuration
#
# Authentication management
#
login   auth optional   /usr/lib/security/pam_unix.so.1 
login   auth optional   /usr/lib/security/pam_afs.so.1 try_first_pass ignore_root 
setenv_password_expires

rlogin  auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rlogin  auth optional   /usr/lib/security/pam_unix.so.1
rlogin  auth optional   /usr/lib/security/pam_afs.so.1 try_first_pass 
ignore_root

dtlogin auth required   /usr/lib/security/pam_unix.so.1 
#
rsh     auth optional   /usr/lib/security/pam_rhosts_auth.so.1
rsh     auth optional   /usr/lib/security/pam_afs.so.1 try_first_pass ignore_root 
other   auth optional   /usr/lib/security/pam_unix.so.1
other   auth optional   /usr/lib/security/pam_afs.so.1 try_first_pass ignore_root 
#
# Account management
#
login   account required        /usr/lib/security/pam_unix.so.1 
dtlogin account required        /usr/lib/security/pam_unix.so.1 
#
other   account required        /usr/lib/security/pam_unix.so.1 
#
# Session management
#
other   session required        /usr/lib/security/pam_unix.so.1 
#
# Password management
#
other   password required       /usr/lib/security/pam_unix.so.1 




- Rob

Reply via email to