PAM on Slackware
mount -o loop slackware1337.iso /mnt
installpkg /a/ap/l/d/n/*.txz
cd /mnt/extra/source/pam
./pam.SlackBuild
installpkg /tmp/pam-1.1.3-x86_64-1.txz
——————-
cp -R /mnt/source/a/shadow /tmp/shadow
cd /tmp/shadow
edit shadow.SlackBuild
insert “read -p ‘Modify code now. Enter when complete…’” before ./configure
./shadow.SlackBuild
When asked for Modify code, open new ssh session, modify code on /tmp/shadow-4.1.4.3/libmisc/chkname.c
save / close ssh session
press Enter on other ssh session
removepkg shadow
installpkg /tmp/shadow-4.1.4.3-x86_64.txz
cd /etc/pam.d
root@slax:/etc/pam.d# cat login
#%PAM-1.0
auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat common-auth
auth sufficient pam_unix.so
auth required pam_deny.so
root@slax:/etc/pam.d# cat common-account
account sufficient pam_unix.so
account required pam_permit.so
root@slax:/etc/pam.d# cat common-password
password sufficient pam_unix.so
password required pam_deny.so
root@slax:/etc/pam.d# cat common-session
session sufficient pam_mkhomedir.so skel=/etc/skel umask=0022
session sufficient pam_unix.so
session required pam_deny.so
root@slax:/etc/pam.d#login
edit /etc/login.defs , comment (#) out warnings
root@slax:/etc/pam.d# cat sshd
#%PAM-1.0
auth required pam_google_authenticator.so try_first_pass forward_pass secret=${HOME}/otp/.google_authenticator
auth required pam_unix.so use_first_pass
#auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat su
#%PAM-1.0
auth sufficient pam_rootok.so
auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat passwd
#%PAM-1.0
auth include common-auth
account include common-account
password include common-password
session include common-session
root@slax:/etc/pam.d# cat useradd
#%PAM-1.0
auth sufficient pam_rootok.so
account required pam_permit.so
password include common-password
———————-
open-ssh, edit slackBuid, replace –without-pam with –with-pam, edit sshd_config , UsePAM yes
# cat /etc/pam.d/sshd
#%PAM-1.0
auth sufficient pam_radius_auth.so
account required pam_unix.so
account required pam_permit.so
password sufficient pam_unix.so
password required pam_deny.so
session sufficient pam_unix.so
session required pam_deny.so
Leave a reply