[344] | 1 | # PAM configuration for the Secure Shell service |
---|
| 2 | |
---|
| 3 | # Read environment variables from /etc/environment and |
---|
| 4 | # /etc/security/pam_env.conf. |
---|
| 5 | auth required pam_env.so # [1] |
---|
| 6 | # In Debian 4.0 (etch), locale-related environment variables were moved to |
---|
| 7 | # /etc/default/locale, so read that as well. |
---|
| 8 | auth required pam_env.so envfile=/etc/default/locale |
---|
| 9 | |
---|
| 10 | # Standard Un*x authentication. |
---|
| 11 | @include common-auth |
---|
| 12 | |
---|
| 13 | # Disallow non-root logins when /etc/nologin exists. |
---|
| 14 | account required pam_nologin.so |
---|
| 15 | |
---|
| 16 | # Uncomment and edit /etc/security/access.conf if you need to set complex |
---|
| 17 | # access limits that are hard to express in sshd_config. |
---|
| 18 | # account required pam_access.so |
---|
| 19 | |
---|
| 20 | # Standard Un*x authorization. |
---|
| 21 | @include common-account |
---|
| 22 | |
---|
| 23 | # Standard Un*x session setup and teardown. |
---|
| 24 | @include common-session |
---|
| 25 | |
---|
| 26 | # Print the message of the day upon successful login. |
---|
| 27 | #session optional pam_motd.so # [1] |
---|
| 28 | |
---|
| 29 | # Print the status of the user's mailbox upon successful login. |
---|
| 30 | session optional pam_mail.so standard noenv # [1] |
---|
| 31 | |
---|
| 32 | # Set up user limits from /etc/security/limits.conf. |
---|
| 33 | session required pam_limits.so |
---|
| 34 | |
---|
| 35 | # Set up SELinux capabilities (need modified pam) |
---|
| 36 | # session required pam_selinux.so multiple |
---|
| 37 | |
---|
| 38 | # Standard Un*x password updating. |
---|
| 39 | @include common-password |
---|