BSD Authentication, otherwise known as BSD Auth, is an authentication framework and software API employed by OpenBSD and accompanying software such as OpenSSH.
It originated with BSD/OS, and although the specification and implementation were donated to the FreeBSD project by BSDi, OpenBSD chose to adopt the framework in release 2.9.
Pluggable Authentication Modules (PAM) serves a similar purpose on other operating systems such as Linux, FreeBSD and NetBSD.
This prevents the child authentication process from interfering with the parent except through a narrowly defined inter-process communication API, a technique inspired by the principle of least privilege and known as privilege separation.
This behaviour has significant security benefits, notably improved fail-safeness of software, and robustness against malicious and accidental software bugs.