Lightspoke Documentation Resource

Business Web Application Platform

Web-Based Database

User Authentication HOWTO

Peter Hernberg

Floris Lambrechts - Language changes, various small fixes (v0.8).

2000-05-02

Revision History
Revision 0.8	2003-02-20	Revised by: fl
language changes, various small fixes
Revision 0.5	2000-05-15	Revised by: ph
added section on securing pam, added resources section
Revision 0.1	2000-05-02	Revised by: ph
initial version

Explains how user and group information is stored and how users are authenticated on a Linux system (PAM), and how to secure you system's user authentication.

Table of Contents

1. Introduction

1.1. How this document came to be
1.2. New versions
1.3. Feedback
1.4. Copyrights and Trademarks
1.5. Acknowledgements and Thanks
1.6. Assumptions about the reader

2. How User Information is Stored on Your System

2.1. /etc/passwd
2.2. Shadow passwords
2.3. /etc/group and /etc/gshadow
2.4. MD5 encrypted passwords
2.5. Sifting through the mess

3. PAM (Pluggable Authentication Modules)

3.1. Why
3.2. What
3.3. How
3.4. Getting more information

4. Securing User Authentication

4.1. A strong /etc/pam.d/other
4.2. Disabling logins for user with null passwords
4.3. Disable unused services
4.4. Password-cracking tools
4.5. Shadow and MD5 passwords

5. Tying it all together

5.1. Apache + mod_auth_pam
5.2. Our example
5.3. Installing mod_auth_pam
5.4. Configuring PAM
5.5. Configuring Apache
5.6. Testing our setup

6. Resources

6.1. PAM
6.2. General Security
6.3. Offline Documentation

7. Conclusion

		Next
		Introduction

This resource is mirrored from the Linux Documentation Project. It was posted as a resource for all. Courtesy of Lightspoke: The web-based database company.

Additional resources:
Web-Based Database | Business Applications | Internet Data Store | Database On-Demand | Hosted Web Service | Fast Distributed Applications | Online Web Applications | Online Database | Find Apps | Rebate Tracker | Techrepublic | Unix Resources
Special Thanks:
Vancouver Real Estate Agent