Skip to content
linux oauth pam module
Go C Makefile Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
dockerfiles add pam wrapper Feb 11, 2020
media add demo Jan 31, 2020
misc add pam wrapper Feb 11, 2020
pam buffer over flow... Feb 12, 2020
.gitignore add pam wrapper Feb 11, 2020
CHANGELOG.md init Jan 30, 2020
LICENSE add pam wrapper Feb 11, 2020
Makefile fix tag Feb 12, 2020
README.md add pam wrapper Feb 11, 2020
SSHDockerfile add pam wrapper Feb 11, 2020
cli.go add pam wrapper Feb 11, 2020
cli_test.go release Jan 30, 2020
go.mod add pam wrapper Feb 11, 2020
go.sum add pam wrapper Feb 11, 2020
goreleaser.yml release Jan 30, 2020
main.go release Jan 30, 2020
version.go release Jan 30, 2020

README.md

google-web-oauth

Description

google-web-oauth is ssh authentication software. this provides you with multi-factor authentication.

demo

Usage

USE PAM

for ubuntu

  1. Get the oAuth client ID on google.
  2. Please place the secret file to /etc/google-web-oauth/client_secret.json
  3. set binary.
    • /lib/x86_64-linux-gnu/security/google-web-oauth.so
    • /usr/bin/google-web-oauth
  4. Write the following in /etc/pam.d/sshd
auth    required google-web-oauth.so
#@include common-auth # must comment out.
  1. Write the following in sshd_config and restart sshd process.
KbdInteractiveAuthentication yes
UsePAM yes
AuthenticationMethods publickey,keyboard-interactive

USE SSH

In this case, they skip ForceCommand when use ProxyCommand, it is vulnerable...

  1. Get the oAuth client ID on google.
  2. Please place the secret file to /etc/google-web-oauth/client_secret.json
  3. set binary.
    • /usr/bin/google-web-oauth
  4. Write the following in sshd_config and restart sshd process.
ForceCommand sudo SSH_CONNECTION="$SSH_CONNECTION" /usr/bin/google-web-oauth && eval ${SSH_ORIGINAL_COMMAND:-/bin/bash}

blog

Install

To install, use go get:

$ go get -d github.com/pyama86/google-web-oauth

Contribution

  1. Fork (https://github.com/pyama86/google-web-oauth/fork)
  2. Create a feature branch
  3. Commit your changes
  4. Rebase your local changes against the master branch
  5. Run test suite with the go test ./... command and confirm that it passes
  6. Run gofmt -s
  7. Create a new Pull Request

Author

pyama86

You can’t perform that action at this time.