Archive for January 2nd, 2014

2
Jan

PAM on Slackware

   Posted by: admin    in Mẹo vặt của hiếu râu

mount -o loop slackware1337.iso /mnt

installpkg /a/ap/l/d/n/*.txz

cd /mnt/extra/source/pam

./pam.SlackBuild

installpkg /tmp/pam-1.1.3-x86_64-1.txz

——————-

cp -R /mnt/source/a/shadow /tmp/shadow

cd /tmp/shadow

edit shadow.SlackBuild

insert “read -p ‘Modify code now. Enter when complete…’” before ./configure

./shadow.SlackBuild

When asked for Modify code, open new ssh session, modify code on /tmp/shadow-4.1.4.3/libmisc/chkname.c

save / close ssh session

press Enter on other ssh session

removepkg shadow

installpkg /tmp/shadow-4.1.4.3-x86_64.txz

cd /etc/pam.d

root@slax:/etc/pam.d# cat login

#%PAM-1.0

auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat common-auth

auth            sufficient      pam_unix.so

auth            required        pam_deny.so

root@slax:/etc/pam.d# cat common-account

account         sufficient      pam_unix.so

account         required        pam_permit.so

root@slax:/etc/pam.d# cat common-password

password        sufficient      pam_unix.so

password        required        pam_deny.so

root@slax:/etc/pam.d# cat common-session

session         sufficient      pam_mkhomedir.so skel=/etc/skel umask=0022

session         sufficient      pam_unix.so

session         required        pam_deny.so

root@slax:/etc/pam.d#login

edit /etc/login.defs , comment (#) out warnings

root@slax:/etc/pam.d# cat sshd

#%PAM-1.0

auth       required     pam_google_authenticator.so try_first_pass forward_pass secret=${HOME}/otp/.google_authenticator

auth            required      pam_unix.so use_first_pass

#auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat su

#%PAM-1.0

auth            sufficient      pam_rootok.so

auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat passwd

#%PAM-1.0

auth            include         common-auth

account         include         common-account

password        include         common-password

session         include         common-session

root@slax:/etc/pam.d# cat useradd

#%PAM-1.0

auth            sufficient      pam_rootok.so

account         required        pam_permit.so

password        include         common-password

———————-

open-ssh, edit slackBuid, replace –without-pam with –with-pam, edit sshd_config , UsePAM yes

# cat /etc/pam.d/sshd

#%PAM-1.0

auth       sufficient   pam_radius_auth.so

account    required     pam_unix.so

account    required     pam_permit.so

password   sufficient   pam_unix.so

password   required     pam_deny.so

session    sufficient   pam_unix.so

session    required     pam_deny.so

slackware 14.1 http://www.slackware.com/~vbatts/pam/
No Comments
Back to top