|Front | Info | Lists | Newsfeeds | Study Guide | What is BSD?|
This is the BSDA Study Guide Book written via a wiki collaboration. This is a work in progress. You may contribute to or discuss this specific page at http://bsdwiki.reedmedia.net/wiki/Recognize_alternate_authentication_mechanisms.html.
Recognize alternate authentication mechanisms
Understand basic authentication theory and be aware that providing a username and password is only one way to authenticate on BSD systems. Have a basic understanding of PAM and know it is available on Dragonfly, FreeBSD and NetBSD 3.x. Also understand basic theory regarding Kerberos, OTP and RADIUS. (Note: The BSDA candidate is not expected to know how to configure an alternate authentication mechanism.)
The Pluggable Authentication Modules (PAM) framework is a set of libraries that provide authentication tasks for services and applications.
The Kerberos system authenticates individual users in a network environment.
OTP - one-time passwords are another method authenticating to a system. skey(1) is an OTP authentication system available on NetBSD, OpenBSD and DragonFlyBSD. FreeBSD uses OPIE(4) - One-time Passwords In Everything.
The Remote Authentication Dial In User Service (RADIUS). RADIUS, defined in RFCs 2865 and 2866, allows clients to perform authentication and accounting by means of network requests to remote servers.