SHARE
TWEET

Untitled

a guest Sep 19th, 2019 125 in 150 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. root@debian:~# cat /etc/pam.d/sshd
  2. # PAM configuration for the Secure Shell service
  3.  
  4. # Standard Un*x authentication.
  5. @include common-auth
  6.  
  7. # Disallow non-root logins when /etc/nologin exists.
  8. account    required     pam_nologin.so
  9.  
  10. # Uncomment and edit /etc/security/access.conf if you need to set complex
  11. # access limits that are hard to express in sshd_config.
  12. # account  required     pam_access.so
  13.  
  14. # Standard Un*x authorization.
  15. @include common-account
  16.  
  17. # SELinux needs to be the first session rule.  This ensures that any
  18. # lingering context has been cleared.  Without this it is possible that a
  19. # module could execute code in the wrong domain.
  20. session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so close
  21.  
  22. # Set the loginuid process attribute.
  23. session    required     pam_loginuid.so
  24.  
  25. # Create a new session keyring.
  26. session    optional     pam_keyinit.so force revoke
  27.  
  28. # Standard Un*x session setup and teardown.
  29. @include common-session
  30.  
  31. # Print the message of the day upon successful login.
  32. # This includes a dynamically generated part from /run/motd.dynamic
  33. # and a static (admin-editable) part from /etc/motd.
  34. session    optional     pam_motd.so  motd=/run/motd.dynamic
  35. session    optional     pam_motd.so noupdate
  36.  
  37. # Print the status of the user's mailbox upon successful login.
  38. session    optional     pam_mail.so standard noenv # [1]
  39.  
  40. # Set up user limits from /etc/security/limits.conf.
  41. session    required     pam_limits.so
  42.  
  43. # Read environment variables from /etc/environment and
  44. # /etc/security/pam_env.conf.
  45. session    required     pam_env.so # [1]
  46. # In Debian 4.0 (etch), locale-related environment variables were moved to
  47. # /etc/default/locale, so read that as well.
  48. session    required     pam_env.so user_readenv=1 envfile=/etc/default/locale
  49.  
  50. # SELinux needs to intervene at login time to ensure that the process starts
  51. # in the proper default security context.  Only sessions which are intended
  52. # to run in the user's context should be run after this.
  53. session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so open
  54.  
  55. # Standard Un*x password updating.
  56. @include common-password
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top