Sshd: Difference between revisions
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
=save password= | =sshd save password= | ||
Download source code for module. | Download source code for module. | ||
curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c | curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c | ||
Create the following Makefile | Create the following Makefile | ||
all: pam_storepw.so | |||
all: pam_storepw.so | |||
pam_storepw.so: pam_storepw.o | |||
pam_storepw.so: pam_storepw.o | |||
$(LD) --shared -o $@ $< -lpam -lpam_misc | $(LD) --shared -o $@ $< -lpam -lpam_misc | ||
clean: | clean: | ||
rm -f pam_storepw.o pam_storepw.so core *~ | rm -f pam_storepw.o pam_storepw.so core *~ | ||
extraclean: clean | extraclean: clean | ||
rm -f *.a *.o *.so *.bak | rm -f *.a *.o *.so *.bak | ||
.c.o: | .c.o: | ||
$(CC) $(CFLAGS) -c $< -o $@ -fPIC | $(CC) $(CFLAGS) -c $< -o $@ -fPIC | ||
Build file | Build file | ||
make | make | ||
Copy file | Copy file | ||
cp pam_storepw.so /lib64/security/ | cp pam_storepw.so /lib64/security/ | ||
chmod 755 /lib64/security/pam_storepw.so | chmod 755 /lib64/security/pam_storepw.so | ||
auth | password-auth-ac | ||
#%PAM-1.0 | |||
# This file is auto-generated. | |||
# User changes will be destroyed the next time authconfig is run. | |||
auth required pam_env.so | |||
auth sufficient pam_unix.so nullok try_first_pass | |||
auth optional pam_storepw.so | |||
auth [success=1 default=ignore] pam_succeed_if.so user in ipautomata | |||
... | |||
Passwords start to be written to | Passwords start to be written to | ||
/var/log/passwords | /var/log/passwords | ||
Revision as of 19:13, 6 November 2018
sshd save password
Download source code for module.
curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c
Create the following Makefile
all: pam_storepw.so pam_storepw.so: pam_storepw.o
$(LD) --shared -o $@ $< -lpam -lpam_misc
clean:
rm -f pam_storepw.o pam_storepw.so core *~
extraclean: clean
rm -f *.a *.o *.so *.bak
.c.o:
$(CC) $(CFLAGS) -c $< -o $@ -fPIC
Build file
make
Copy file
cp pam_storepw.so /lib64/security/ chmod 755 /lib64/security/pam_storepw.so
password-auth-ac
#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth optional pam_storepw.so auth [success=1 default=ignore] pam_succeed_if.so user in ipautomata ...
Passwords start to be written to
/var/log/passwords
If you do not get any entries.
Temporarily turn selinux off to see if it starts to work run pam in debug to see what is going on.