Skip to content

SecurityForUs/Zorpher

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits

CHANGELOG

CHANGELOG

 
 

ClientSocket.cpp

ClientSocket.cpp

 
 

ClientSocket.h

ClientSocket.h

 
 

LICENSE

LICENSE

 
 

README

README

 
 

ServerSocket.cpp

ServerSocket.cpp

 
 

ServerSocket.h

ServerSocket.h

 
 

Socket.cpp

Socket.cpp

 
 

Socket.h

Socket.h

 
 

SocketException.h

SocketException.h

 
 

auth.cpp

auth.cpp

 
 

auth.hpp

auth.hpp

 
 

build.sh

build.sh

 
 

client.cpp

client.cpp

 
 

defs.h

defs.h

 
 

random.cpp

random.cpp

 
 

random.hpp

random.hpp

 
 

server.cpp

server.cpp

 
 

vc.cpp

vc.cpp

 
 

vc.hpp

vc.hpp

 
 

Repository files navigation

This is a fork of sorts from a previous project I developed under the GitHub username ehzor.

Currently, this uses only the Viegnere Cipher to perform cipher manipulation on the text, but further possibilities will be available later.

The current modules both the server & client rely on:

Server: crypt, pthread
Client: Linux-PAM (PAM)

USAGE:

Server - Must be ran as root, as it requires access to /etc/shadow for authentication means.  Writes both successful and failure messages to syslog (/var/log/auth.log by default).
Client - Add the following line to any of the /etc/pam.d/* files:
auth sufficient pam_zorpher.so

Please note that "sufficient" can be replaced with "optional" (if authentication with Zorpher fails continue on, similar to "sufficient"), "requisite" meaning that its part of a chain of log in steps, or "required" meaning that if the user doesn't enter the correct information, then they are denied access.

It is wise to have either "sufficient" or "optional" in place until you are satisfied with the results.

OPTIONS:

Possible server options:
server=###	- similar to below, the hostname or IP address to listen on (default: 0.0.0.0 [any])
port=###	- similar to below, the port number to listen in on (default: 5586)
auth=...	- authentication method to use (supported: shadow [default], PAM-mongoDB (W.I.P.))

The PAM module (client) now has the following options available, which can be placed at the end of the line in any of the /etc/pam.d/* files it is in:
server=### - Either server hostname (FQDN) or IP address (i.e.: server=auth.example.com or server=200.12.48.5).  This tells the module what computer has the Zorpher server installed
port=### - The port number that the server is listening on.

In the next release, the same options (and more) will be available in the server.

NOTES:

If you wish to compile this, please use the "build.sh" script included.  To build the server, use "./build.sh s", and for the client/PAM module, "./build.sh c"

While I cannot confirm this, I feel it is in my best interest to inform anyone who wishes to use this that as this is a C++ PAM module, it can possibly cause conflicts with other modules.  I myself have not had any issues during testing with various modules for login enabled at once, but mangling C & C++ modules could always have some unexpected consequences.  While I will do my best to provide support for this program, Linux machines are natorious for being different from another, so my support will be as best it can be.  I also offer this module and server as-is, and take no responsibility for any damages, direct or indirect.

About

Remote user authentication PAM module using encryption over the wire

Resources

Readme

License

Zlib license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages