Home/ Questions/Q 8460905
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T13:43:59+00:00

I am trying to write a pam module that will read password from a

  • 0

I am trying to write a pam module that will read password from a file then let the user log in without entering password.

[EDIT: File will be stored in a external device. (Trying to satisfy two-factor authentication). This may sound very insecure but, file will be encrypted with a appropriate encryption algorithm. Key exchange and encryption/decryption is not an issue]

When the external device is connected, user will only enter his username on login screen (KDM) then my PAM Module will get required password from device then log the user in.

I am newbie in PAM topic, i have done some research but couldn’t find whether it is possible (if it is how) or not.

I’ll be grateful if you point out the way to solve this problem.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The answer is here:

    1. Write your custom pam module. (Tons of examples can be found on internet)
    2. Read data as you wish. (read from file or smthing else with any function you may like)
    3. Compare hashed passwords as it shown below and here:
    if ((!pwd->pw_passwd[0] && (flags & PAM_DISALLOW_NULL_AUTHTOK)) ||
      (crypt_password = crypt(password, pwd->pw_passwd)) == NULL ||
      strcmp(crypt_password, pwd->pw_passwd) != 0)
      pam_err = PAM_AUTH_ERR;

    if match, return success.

    That is it.

    • 0