sshd authentication via pam_userdb

eskay · 2009-04-01 02:47:33

Hello

I would like to configure ssh to authenticate against a database file which I've created.

This is what I have done so far:

1. Generate the database file out of a text file:

db_load -T -t hash -f logins.txt /etc/vpasswd.db

I have modified /etc/pam.d/sshd to be the below:

#
%PAM-1.0
auth            requisite       pam_securetty.so        #Disable remote root
auth           sufficient      pam_unix.so
auth            sufficient      pam_userdb.so db=/etc/vpasswd crypt=hash use_first_pass
auth           required        pam_nologin.so
auth           required        pam_env.so
account                sufficient      pam_unix.so
account         sufficient      pam_userdb.so db=/etc/vpasswd crypt=hash use_first_pass
account                required        pam_time.so
password       required        pam_unix.so
session                required        pam_unix_session.so
session                required        pam_limits.so

When I log is as a user specified in the database file the following logs are returned:

Apr  1 00:29:47 dopey sshd[13778]: Failed none for invalid user testuser from 57.62.62.102 port 31794 ssh2
Apr  1 00:29:52 dopey sshd[13778]: Failed password for invalid user testuser from 57.62.62.102 port 31794 ssh2
Apr  1 00:29:55 dopey sshd[13778]: Failed password for invalid user testuser from 57.62.62.102 port 31794 ssh2

What I'd like to happen is if the user exists as a Linux account then let them in as normal, but if not then check the vpasswd.db database file.
Can anyone point me in the right direction? Is it possible to configure this?

Thanks
- eskay

Last edited by eskay (2009-04-01 03:18:55)

Arch Linux

#1 2009-04-01 02:47:33

sshd authentication via pam_userdb

Board footer