]>
Commit | Line | Data |
---|---|---|
788cdc6d | 1 | #%PAM-1.0 |
2 | # | |
edd7c245 | 3 | |
c115e4a4 | 4 | ##### if running frr as root: |
788cdc6d | 5 | # Only allow root (and possibly wheel) to use this because enable access |
6 | # is unrestricted. | |
8570676c | 7 | auth sufficient pam_rootok.so |
788cdc6d | 8 | |
788cdc6d | 9 | # Uncomment the following line to implicitly trust users in the "wheel" group. |
8570676c | 10 | #auth sufficient pam_wheel.so trust use_uid |
788cdc6d | 11 | # Uncomment the following line to require a user to be in the "wheel" group. |
8570676c | 12 | #auth required pam_wheel.so use_uid |
edd7c245 | 13 | ########################################################### |
14 | ||
c115e4a4 | 15 | # If using frr privileges and with a seperate group for vty access, then |
edd7c245 | 16 | # access can be controlled via the vty access group, and pam can simply |
2f4453f4 | 17 | # check for valid user/password, eg: |
edd7c245 | 18 | # |
19 | # only allow local users. | |
8570676c | 20 | #auth required pam_securetty.so |
21 | #auth include system-auth | |
22 | #auth required pam_nologin.so | |
23 | #account include system-auth | |
24 | #password include system-auth | |
25 | #session include system-auth | |
26 | #session optional pam_console.so |