-
-
Notifications
You must be signed in to change notification settings - Fork 634
PAM Module
You can file an issue about it and ask that it be added.
Linux-PAM is a library that enables the local system administrator to choose how individual applications authenticate users. It offers multiple low-level authentication schemes into a high-level application programming interface (API).
Currently more used are the SHA-256 and SHA-512 based hashes, sha256crypt and sha512crypt, which are similar in structure to md5crypt but support variable amounts of iteration. They're marked with $5$ and $6$ respectively. sha512crypt ($6$) is what at least RedHat/CentOS and Debian (generally most modern distros) currently use by default.
# C2S/CIS: CCE-27104-9 (Medium)
password sufficient pam_unix.so sha512 other arguments...C2S/CIS: CCE-27104-9 (Medium)
The Practical Linux Hardening Guide provides a high-level overview of the hardening GNU/Linux systems. It is not an official standard or handbook but it touches and use industry standards.