Questions about PAM


New Member
Jan 18, 2021
Reaction score

I was wondering about PAM.

If I add in the common-passwd file (in /etc/pam.d) the module cracklib (password policy), it applies
on all services that use PAM right?
So when I make a "adduser XXX", I notice that indeed, the module is well loaded and my password policy
I just don't understand when and where the use of PAM with the adduser service is specified.
If I take the example of the sshd_config file for SSH, it is defined "USEPAM YES". But when I look at
the adduser config files, nowhere is specified the use of PAM so I was wondering how does it work ? How to activate/deactivate PAM for adduser the same way we would do for SSH?

Thank you in advance

useradd is just a command, pam is used for authentication so it's short for "Pluggable Authentication Modules". You don't need to configure useradd to work with pam. You create an account, assign a password to it and then with your pam configuration in place when you login if you type in the correct password pam will authorize you to login. You can also change your pam configuration to search for different authentication methods such as ldap/ad or radius and various other settings when it comes to authentication requirements using pam modules.
Last edited:

Members online