I'm interested in writing a replacement login screen for Ubuntu that would present the user with a puzzle rather than prompt for a password. I'm looking for some advice on how to go about creating this. I'm a programmer by profession with years of experience, but am not familiar enough with Linux application programming to know how to begin this particular project. Thank you!
You could probably do this as an authentication module for PAM (Linux Pluggable Authentication Modules).
PAM is configured in configuration files in /etc/pam.d. Each file in this directory defines a PAM service by specifying a set of PAM modules and how they should work together. You could write a new authentication module and replace the current authentication module in the services where you want to use the new login scheme.
The "best" way to do this may be to create a PAM module. This is how things like fingerprint identification are implemented. It will allow you to keep the same login screen with all the features such as accessibility options, etc.
The "easiest" way to do it may be to modify an existing display manager. Ubuntu uses GDM (Gnome Display Manager) by default, but it's pretty complicated. SLiM is a simple display manager that you can probably modify without much difficulty.
Related
I am trying to allow ssh users to be defined in Radius, but share a home directory, shell, etc. The idea is that all users share the same home directory and default shell (an application). I would like to avoid creating numerous accounts on the local machine (really a docker container) since their activity is constrained by the application. I think that I just need to replace the user database information, but I don't understand how to just override that part of the login activity. Has anyone else done this or should I be solving this a different way?
Ok, I am going to answer my own question. If you have better information, please contribute. This question might have been better in ServerFault, but as a programmer I spend more time on StackOverflow so I did not think of that.
The PAM library is useful for single sign-on, but it cannot replace the /etc/passwd file and related files. PAM and the other assets it brings in supplement the internal Linux info. So, while you can authenticate with a remote server like Radius, you will still have entries in /etc/passwd. The control flow is a list of rules in pam.conf and the top-level library works its way down the list letting each module (plug-in) do its work. Read 'man pam.conf' and 'man pam_mkhomedir' for good information on how this works.
A module implements 6 functions so it is very approachable to add new modules. See pam_deny.c for the simplest module.
Also, getpwnam is a function you may need in whatever it is you are trying to do. You can read about that using 'man getpwnam', but you probably already knew that.
I'm using NodeJS to create a simple blogging platform as a bit of an experiment. However while creating the admin panel (to allow one to compose posts and edit existing ones, change themes, etc.) I realised that I would need to create a login system. I am aware of passport.js, however I question the need for a login system where the software will administrated by one user.
My question is, is it necessary to have a login system for a platform that only has one administrator and no other users? If not, what approach should I take for this platform then?
In my opinion, it depends on what you want.
If you want to make some security relative practices and learn the principles inside, you should do more deeper research about security, and then choose a particular solution.
If you just want a 'door', which prevent others from accessing your control panel, and your application is just a simple blog system, not some popular huge system, in this case, I think static password would be good enough to hold, just require a password from user interface(frontend), then send it to your backend(nodejs), check if it's really yourself so that your backend logic can decide whether grant this access(you can hardcode the password in the backend part), done.
I developed an authentication algorithm for user authentication as part of my masters thesis and implemented it in PHP. I intend to know how can I implement the algorithm for operating system login, in which language (for linux)? also where the code will reside because it will not be click and run code it will automatically load upon the starting of OS.
Thank you and I hope no down vote in haste.
PAM is the Pluggable Authentication Modules used in Linux. There is extensive documentation on writing new modules.
Some users are suggesting that my (C#) program should be able to run scripts after completing it's job. This would be done through a command line to be input in my configuration dialog.
I'm no security expert, so I'm not sure if this acceptable in terms of security. Since the app runs with admin privileges (on Windows), wouldn't that be a huge security risk? Someone could just modify the config files of my application to point to a potentially dangerous script, couldn't they?
On the other hand, plenty of applications allow this, while requesting admin privileges, so I guess it must be ok, but I thought I'd better seek advice before opening wide security holes everywhere =)
Can I allow my application running with full privileges to launch user-specified scripts?
You can restrict access to your config in different ways - from obfuscating the config file to using NTFS permissions to limit access of non-admin accounts to it.
C# certainly allows you to run a user script. System.Diagnostics.Process makes that real easy. The question of security here is another problem.
Running scripts when a process completes can be an incredibly useful and can make or break your target audience's opinion of your application. Understandably, you don't want your product to be turned against your own consumers through a malicious hack like you're thinking.
The root of this problem is that your options are (I'm assuming) text based and easily editable. Your best bet is to encrypt your config file to prevent outside changes to it. Note that this doesn't prevent people from using your app to change your options to allow a malicious script, but for somebody to do that, they need access to an instance of your application instead of simply file read/write access.
This does bring to question one more aspect you should watch for. Don't use the same key for every installation of your application. If you do that, then Bob could cause Alice to run a malicious script by copying Alice's config, using his instance of your app to decrypt it and make the change and then Bob can replace Alice's config with the new malicious config.
Here is another SO question for how to encrypt strings in C#.
I'm writing a cross-platform TCP/IP server and I need to authenticate users before servicing them. Requirements stipulate that I use "native" authentication of the platform and not create my own authentication mechanism.
For Linux/Unix OS family I use getpwnam to authenticate users and the most reliable way I know to make sure this works is to start my service as root. There're no other reasons for the service to run as root and I wonder what my options are? Can I call getpwnam while not being root w/o compromising security? Or, if there're alternatives to getpwnam, how portable are they and how "administrator-friendly" in a sense of "what configuration effort they require? The reason why independent authentication mechanism is off the table is exactly that it creates "too much a configuration effort".
Have you taken a look at PAM authentication?
Use SASL, for example Cyrus SASL. No root privileges required and all popular Linux distributions support it. I'm using it to authenticate users of intranet site served by Apache and written in Python. Among others Sendmail and Postfix use it for authentication.
Using getpwnam() does not require root privileges.
Trying to get information from the shadow password file, or AFAIK using PAM, does require root privileges, and that presents some problems. However, you might be able to start your process as root, initialize access to PAM, and then drop privileges. That is unconfirmed speculation, but is at least somewhat plausible.
Note that in most systems, getpwnam() does not return you an encrypted (or hashed) password. So, you need to consider carefully what you are planning to do to 'authenticate' the user.