The difference between /etc/pam.d/login and /etc/pam.d/system-auth?

Solution 1:

The /etc/pam.d/system-auth file is used by Red-Hat and like systems to group together common security policies. It is often included in other /etc/pam.d policy files where those common policies are required.

When accessing a system via ssh through sshd, the /etc/pam.d/sshd policy file is consulted. This file includes /etc/pam.d/system-auth so your changes to /etc/pam.d/system-auth are valid.

The file /etc/pam.d/login is consulted when you log in via the /bin/login program therefore any changes to it only affect /bin/login.

Solution 2:

  • login - rules for local (console login)
  • system-auth - common rules many services
  • password-auth - common rules for many remote services
  • sshd - rules for SSHD daemon only

Solution 3:

Now I am not very clear about the difference between /etc/pam.d/login and /etc/pam.d/system-auth. Could anyone give me some reference or some guide?

OpenSSH use /etc/pam.d/sshd module. /etc/pam.d/sshd:

auth       include      system-auth

OpenSSH not use /etc/pam.d/login to auth. /etc/pam.d/login and /etc/pam.d/system-auth is different modules to different programs.