Red Hat Training
A Red Hat training course is available for Red Hat Satellite
8.10. Implementing PAM Authentication
RHN Satellite supports network-based authentication systems such as LDAP and Kerberos, using Pluggable Authentication Modules (PAM). PAM is a suite of libraries that helps system administrators integrate the Satellite with a centralized authentication mechanism, thus eliminating the need for remembering multiple passwords.
Note
To ensure that PAM authentication functions properly, install the
pam-devel
package.
Configuring RHN Satellite to use PAM
- Create a PAM service file in the
/etc/pam.d/
directory:touch /etc/pam.d/rhn-satellite
- Edit the file with the following information:
auth required pam_env.so auth sufficient pam_sss.so auth required pam_deny.so account sufficient pam_sss.so account required pam_deny.so
- Instruct the satellite to use the PAM service file by adding the following line to the
/etc/rhn/rhn.conf
file:pam_auth_service = rhn-satellite
- Restart the service to pick up the changes:
rhn-satellite restart
- To enable a user to authenticate against PAM, select the checkbox labeled Pluggable Authentication Modules (PAM). It is positioned below the password and password confirmation fields on the Create User page.