Red Hat Training

A Red Hat training course is available for Red Hat Satellite

9.10. Implementing PAM Authentication

Red Hat Network Satellite supports network-based authentication systems such as LDAP and Kerberos, using Pluggable Authentication Modules (PAM). PAM is a suite of libraries that helps system administrators integrate the Satellite with a centralized authentication mechanism, thus eliminating the need for remembering multiple passwords.


To ensure that PAM authentication functions properly, install the pam-devel package.

Configuring Red Hat Network Satellite to use PAM

  1. Create a PAM service file in the /etc/pam.d/ directory:
    touch /etc/pam.d/rhn-satellite
  2. Edit the file with the following information:
    auth        required
    auth        sufficient 
    auth        required
    account     sufficient
    account     required
  3. Instruct the satellite to use the PAM service file by adding the following line to the /etc/rhn/rhn.conf file:
    pam_auth_service = rhn-satellite
  4. Restart the service to pick up the changes:
    rhn-satellite restart
  5. To enable a user to authenticate against PAM, select the checkbox labeled Pluggable Authentication Modules (PAM). It is positioned below the password and password confirmation fields on the Create User page.