Manualshelf

Configuration Guide for Kerberos Client Products on HP-UX 11.0 | HP-UX 11i v1 | HP-UX 11i v1.6 | HP-UX 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software
21222324252627282930
Introduction to the Kerberos Products and GSS-API
PAM Kerberos
Chapter 228
For more information on the configuration file pam.conf, see the section
“Configuring for PAM Kerberos” on page 85.
Figure 2-1 HP-UX authentication modules under
PAM
The Kerberos service module for PAM consists of the following four
modules: Authentication module, Account management module, Session
management module and Password management module. All modules
are supported through the same dynamically loadable library,
libpam_krb5. The KRB5 PAM modules are compatible with MIT Kerberos
5 and Microsoft Windows 2000.
The Authentication Module
The Authentication module verifies the identity of a user and sets
user-specific credentials. It authenticates the user to KDC with a
password. If the password matches, the user is authenticated and a
Ticket Granting Ticket (TGT) is granted.
login su telnet
PAM library
UNIX DCE Kerberos LDAP NTLM
libpam_krb5.1 libpam_ntlm.1libpam_unix.1
passwd
Authentication
Service
libpam_dce.1 libpam_ldap.1
Use the PAM configuration
file, pam.conf, to indicate
which authentication module to use