can someone pleas explain what this line exactly means and what it does

auth [success=done ignore=ignore default=die] nullok try_first_pass

  • post-author-pic
    Stosh O

    Hi Sahas,

    This line invokes the pam module that performs traditional password authentication for most Linux systems.  The auth keyword instructs pam to hook into the authentication functionality of the module as opposed to other functionalities.

    The brackets contain options influencing how the modules affects the pam stack to which it belongs (in this case system auth).  Essentially, this  will allow authentication success if it determines the user authentication successful, otherwise, authentication will fail.

    nullok and try_first_pass are options passed to the module.  nullok means that the password provided may be blank and try_first_pass means that the module will use a password collected by a module higher in the stack.

    More information on pam may be found in the LPIC2 and LPIC3 courses we offer.



    Hope you find this helpful,


Looking For Team Training?

Learn More