#%PAM-1.0
-auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
-auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/security/blacklist.sshd onerr=succeed
-auth required /lib/security/pam_unix.so
-auth required /lib/security/pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root
-auth required /lib/security/pam_shells.so
-auth required /lib/security/pam_nologin.so
-account required /lib/security/pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root
-account required /lib/security/pam_access.so
-account required /lib/security/pam_unix.so
-password required /lib/security/pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required /lib/security/pam_unix.so md5 shadow use_authtok
-password required /lib/security/pam_make.so /var/db
-session required /lib/security/pam_unix.so
-session required /lib/security/pam_env.so
-session required /lib/security/pam_limits.so change_uid
-session optional /lib/security/pam_mail.so
+auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.sshd onerr=succeed
+auth include system-auth
+account required pam_shells.so
+account required pam_nologin.so
+account required pam_access.so
+account include system-auth
+password include system-auth
+session optional pam_keyinit.so force revoke
+session include system-auth
+session optional pam_mail.so