]>
Commit | Line | Data |
---|---|---|
788cdc6d | 1 | #%PAM-1.0 |
2 | # | |
edd7c245 | 3 | |
c115e4a4 | 4 | ##### if running frr as root: |
788cdc6d | 5 | # Only allow root (and possibly wheel) to use this because enable access |
6 | # is unrestricted. | |
8570676c | 7 | auth sufficient pam_rootok.so |
6031b8a3 | 8 | account sufficient pam_rootok.so |
788cdc6d | 9 | |
788cdc6d | 10 | # Uncomment the following line to implicitly trust users in the "wheel" group. |
8570676c | 11 | #auth sufficient pam_wheel.so trust use_uid |
788cdc6d | 12 | # Uncomment the following line to require a user to be in the "wheel" group. |
8570676c | 13 | #auth required pam_wheel.so use_uid |
edd7c245 | 14 | ########################################################### |
15 | ||
c115e4a4 | 16 | # If using frr privileges and with a seperate group for vty access, then |
edd7c245 | 17 | # access can be controlled via the vty access group, and pam can simply |
2f4453f4 | 18 | # check for valid user/password, eg: |
edd7c245 | 19 | # |
20 | # only allow local users. | |
8570676c | 21 | #auth required pam_securetty.so |
22 | #auth include system-auth | |
23 | #auth required pam_nologin.so | |
24 | #account include system-auth | |
25 | #password include system-auth | |
26 | #session include system-auth | |
27 | #session optional pam_console.so |