[WEBINAR] Better to Ask Permission? Best Practices for Privacy and Security

Pluggable Authentication Module (PAM)

Definition - What does Pluggable Authentication Module (PAM) mean?

A pluggable authentication module (PAM) is an application programming interface (API) for authentication related services, which permits system administrators to add new authentication methods by installing PAMs and modifying authentication policies by editing the configuration files.

Techopedia explains Pluggable Authentication Module (PAM)

A pluggable authentication module (PAM) is a mechanism that integrates multiple low level authentication schemes into high level APIs permitting programs relying on authentication to be written independent of underlying authentication schemes. PAM was initially proposed in 1995 by Vipin Samar and Charlie Lai of Sun Microsystems. It was later adopted as an authentication framework for the common desktop environment.

Though PAM first appeared as an open source in Linux, PAM is currently supported in AIX OS, Dragon Fly BSD, Free BSD, HP-UX, Linux, Mac OS X, Net BSD and Solaris, among others. It was standardized as part of the X/Open UNIX standardization process resulting in X/Open the single sign-on standard.

PAM can be configured to deny programs the right to authenticate users and to warn certain programs from an authentication attempt. These programs use the PAM module and are attached to applications at run time.

The PAM API offers six authentication primitives grouped in four facilities: authentication, account, session and password. Authentication is a facility that is concerned with authenticating applicants and establishing account credentials besides providing two primitives, the pam_authenticate and pam_setcred. The former primitive authenticates the applicant by requesting an authentication token and comparing it with a value stored in a database or obtained from authentication server. The pam_sercred initiates account credentials such as user ID, group membership and resource limits.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.