Mercurial > prosody-modules

view mod_auth_pam/README.markdown @ 5748:dfbced5e54b9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_audit_auth: Ignore FAST authentication events by default FAST is more like a cookie that allows linking new connections to a previous (e.g. password) authentication. Since we assume that FAST tokens are secure (not user generated) and not shareable, it reduces a lot of noise by filtering out uninteresting authentication events.
author Matthew Wild <mwild1@gmail.com>
date Fri, 01 Dec 2023 11:34:52 +0000
parents d407397d05ca
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
- 'Type-Auth'
summary: PAM authentication module
---

Introduction
============

This module makes Prosody authenticate users against PAM (Linux
Pluggable Authentication Modules)

Dependencies
============

The module depends on [lua-pam](https://github.com/devurandom/lua-pam)
and [LuaPosix](https://github.com/luaposix/luaposix).

Setup
=====

Create a `/etc/pam.d/xmpp` with something like this:

    auth    [success=1 default=ignore]  pam_unix.so obscure sha512 nodelay
    auth    requisite           pam_deny.so
    auth    required            pam_permit.so

And switch authentication provider in the Prosody config:

    authentication = "pam"

Compatibility
=============

Compatible with 0.9 and up