6Pluggable Authentication Modules (PAM)

Whenever you want to gain access to a service on a Solaris system, you must provide some credentials that prove you are who you say you are. These credentials can be a user name/password combination, a fingerprint, a token card, a one-time password, or some form of a cryptographic token that only you can possess. Ideally, system administrators, not programmers, define what sort of authentication is needed for each service.

Before the Solaris OS introduced the concept of Pluggable Authentication Modules (PAM), every service hard-coded its access control mechanism. To enforce onetime passwords for the FTP service, for example, an administrator had to change the code of the FTP service. With the introduction ...

Get Solaris™ 10 Security Essentials now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.