# Configure monit service



## mururoa (Dec 19, 2016)

Hello,

I use monit on FreeBSD.
So far, so good but now I want to go in production so I have to drop the passwords in config file like :

`allow monit:test`

On Linux I would use :

`allow @monit-users`

Where monit-users is a system group and use pam for authentification.
But no pam.d/monit config file is provided with monit package.
All I get when I try to use groups is syntax error.
I tried different pam config but I dont know if my configs are wrong or I just cant use groups on Freebsd.
Does someone already solved this ?

PS : I tried also md5 and same syntax error 
       So I removed the package and tried with the port in case this were options not selected and there is no options for this port


----------



## SirDice (Dec 19, 2016)

You will have to create a PAM file yourself, it's not supplied:

https://mmonit.com/monit/documentation/monit.html#PAM

```
Sample PAM service for Monit on Mac OS X (store as "/etc/pam.d/monit" file):

  # monit: auth account password session
  auth       sufficient     pam_securityserver.so
  auth       sufficient     pam_unix.so
  auth       required       pam_deny.so
  account    required       pam_permit.so
```

Don't know it if actually works though, I've never used it this way. We just use a specific account for this, hardcoded both at the server and the client.


----------



## mururoa (Dec 19, 2016)

Yes it works.
Dunno how I missed that one ...
And md5 works also, just needs to install apache to get htpasswd command.


----------

