PAM, or Linux Pluggable Authentication Modules

PAM stacks are not very easy to read. If you made a change but didn’t test it well, it might not work as expected. Or worse, you may end up exposing a vulnerability in your authentication mechanisms.

Here are my notes about the 3 terms in the PAM stack:

required: keeps going (despite success or failure).

sufficient: it stops (disregards what’s below it) when succeeds. It will only be successful if no previous ‘required’ items have failed.

requisite: if this fails, stops and return failure



A pragmatic programmer with a rubber duck.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store