#%PAM-1.0

auth       required	/lib/security/pam_env.so
auth       [success=done ignore=ignore auth_err=die default=bad] /lib/security/pam_skey.so
auth       sufficient	/lib/security/pam_unix.so likeauth nullok try_first_pass
auth       required	/lib/security/pam_deny.so

account    required	/lib/security/pam_unix.so

password   required	/lib/security/pam_cracklib.so retry=3
password   sufficient	/lib/security/pam_unix.so nullok md5 shadow use_authtok
password   required	/lib/security/pam_deny.so

session    required	/lib/security/pam_limits.so
session    required	/lib/security/pam_unix.so

# If you want to enable pam_console, uncomment the following line
# and read carefully README.pam_console in /usr/share/doc/pam*
#session    optional	/lib/security/pam_console.so