Dan Hollis wrote:
Is it possible for a module to retrieve the attempted username in a
failed login if the user does not exist on the machine?
The module pam_abl[1] can only show NOUSER[2] when a login failure
occurs with an invalid username.
[...]
I'd like to know what actual username was attempted, instead of "NOUSER".
Is it possible or would this need to be a modification to PAM?
What app is that? My guess is OpenSSH's sshd, which used to supply
"NOUSER" to PAM if the user didn't exist.
If so, you just need a newer sshd (the behaviour in question changed a
couple of years ago, between 3.6.1p2 and 3.7p1) or a patch for whatever
version you're using.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
