Additional information: `pam_get_authtok` is returning PAM_SUCCES with a string the same length as the password I entered, but filled with: “\x08\x0a\x0d\x7fINCORRECT\x08\x0a\x0d\x7fINCORRECT\x08\x0a\x0d\x7fINCORRECT” Any help would be greatly appreciated. -Liam From: Liam Kelly Hi, I am currently unable to retrieve the password string given to my custom PAM module from OpenSSH Server. I am writing a PAM module in order to allow OpenSSH Server to reference a user database on peripheral hardware. I modeled my code very similarly to `pam_userdb` and tested it initially with the tool in the `simple_pam` repository on GitHub. The `simple_pam` tool worked but OpenSSH Server was not able to retreave the password for comparison. The main difference between the two applications is that ‘simple_pam’ brings up the pam_prompt and sets the AUTHTOK first while OpenSSH only allows for retrieval. I have tried both `pam_get_auth` and `pam_get_item`, but both return an empty string for the SSH case. Also I get the username just fine from OpenSSH. `pam_unix` works, so I am really confused as to why I cannot get the AUTHTOK. Do you think it has something to do with the module locks placed on AUTHOKs? Could I be missing a compiler option? -Liam |
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
