1234567891011121314151617181920212223242526272829303132333435363738394041 |
- # PAM configuration for the Secure Shell service
- # Read environment variables from /etc/environment and
- # /etc/security/pam_env.conf.
- auth required pam_env.so
- # Skip Google Authenticator if logging in from the local network.
- # auth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-sshd-local.conf
- # Google Authenticator 2-step verification.
- # auth requisite pam_google_authenticator.so
- # Standard Un*x authentication.
- auth include common-auth
- # Disallow non-root logins when /etc/nologin exists.
- account required pam_nologin.so
- # Uncomment and edit /etc/security/access.conf if you need to set complex
- # access limits that are hard to express in sshd_config.
- # account required pam_access.so
- # Standard Un*x authorization.
- account include common-account
- # Standard Un*x session setup and teardown.
- session include common-session
- # Print the message of the day upon successful login.
- session optional pam_motd.so
- # Print the status of the user's mailbox upon successful login.
- session optional pam_mail.so standard noenv
- # Set up user limits from /etc/security/limits.conf.
- session required pam_limits.so
- # Set up SELinux capabilities (need modified pam)
- # session required pam_selinux.so multiple
- # Standard Un*x password updating.
- password include common-password
|