Did yous e'er tried to approximate your friends password? Did yous e'er tried to login to your partners password protected computer? Sounds lightheaded as well as childish but many are guilty of it. Most cases it’s no big bargain but I am certain all of us would similar to know who tried to approximate our passwords as well as tried to login to our computers. Similarly, do yous leave of absence your laptop at move or alongside your friends? Do yous trust your friends or partner or colleagues enough? Another lightheaded questions. Let me larn to the indicate … I genuinely came across this when I was trolling through my authentication logs. I had multiple authentication attempts to my Laptop as well as looking at the timestamp I knew that I wasn’t at habitation at that time. I was but suspicious as well as decided to await around if there’s anyway I tin honor out who tried authenticating to my laptop. Of everything I found, I decided that I volition assay to capture a get got motion painting of unauthorized user who was trying this.
I institute this post service inwards Ubuntu Forums (links below) as well as it uses PAM as well as volition move for all failed login attempts. Using SSH, a virtual in conclusion or via the regular login screen, it doesn’t affair equally everything is handled past times PAM inwards the end.
Install ffmpeg/avconv
First of all nosotros demand to install ffmpeg/avconv.
apt-get install libav-tools
Shell script
Next nosotros create a pocket-size script /usr/local/bin/authsnapper alongside the next contents:
#!/bin/bash
# Simple script to get got motion painting after entering wrong password inwards Linux
#
# Requirements:
# Install ffmpeg or avconv
# apt-get install libav-tools
# (at your option) whatsoever afterward version.
#
# blackMORE Ops <technoused.blogspot.com>
ts=`date +%s`
ffmpeg -f video4linux2 -s vga -i /dev/video0 -vframes iii /tmp/vid-$ts.%01d.jpg
exit 0
#important - has to larn out alongside condition 0
Depending on your Webcam (i.e. USB, built-in yous powerfulness desire to alter the /dev/video0 alongside the actual video device of your webcam. This script is using /tmp folder equally the paradigm location, yous tin alter that to anything to your liking. It also takes iii pictures, yous powerfulness desire to alter that if yous like.
Now brand this script executable
chmod +x /usr/local/bin/authsnapper
Before nosotros larn as well as do the adjacent step, bear witness this script, but glue /usr/local/bin/authsnapper inwards your in conclusion as well as it should get got iii pictures as well as salve those inwards /tmp folder.
If this works, as well as then yous tin larn as well as configure PAM to telephone telephone this on every failed attempt. You powerfulness desire to endure careful doing this. If yous brand a mistake, yous wont endure able to login to your laptop or workstation anymore (or non inwards the usual ways, you demand to interruption in).
Open a in conclusion window alongside beginning access (sudo -s) as well as leave of absence it opened upward – exactly inwards illustration yous screw upward inwards the adjacent steps.
Changing authentication inwards pam.d
Open /etc/pam.d/common-auth inwards your favorite editor,
gedit /etc/pam.d/common-auth.
Keep inwards heed for the next steps equally the guild of lines inwards this file matters. Find the next line:
auth [success=1 default=ignore] pam_unix.so nullok_secure
Change success=1 to success=2 to get got it skip our script on success. This is an of import step. After this change, it should await similar this:
auth [success=2 default=ignore] pam_unix.so nullok_secure
Add the next job to telephone telephone this script right after it:
auth [default=ignore] pam_exec.so seteuid /usr/local/bin/authsnapper
Save as well as closed the file. No demand to restart anything.
Testing
In a novel in conclusion window, equally regular user, assay su -l testuser to log inwards equally some other user alongside username testuser. Deliberately move inwards the wrong password. Check if this resultant inwards a novel picture. In yous role Linux equally beginning user equally I do, yous powerfulness desire to create a novel user for testing.
The same equally above, but straightaway move inwards the right password. Check if yous log inwards as well as it doesn’t resultant inwards a motion painting beingness taken. If the tests get got succeeded yous tin log out from your Desktop environment. Try entering wrong password as well as it should get got iii pictures.
Conclusion
I institute this interesting as well as I approximate it has its value to get got motion painting of unauthorized user trying to access your Laptop… for illustration if you’re living inwards shared accommodation or dorm. But if yous are practiced alongside programming as well as all, yous powerfulness larn inwards a amount fledged software as well as release inwards GIT. Just an visit but I intend it’s a practiced i nevertheless.
Also, I am certain there’s amend trend of doing it, similar instead of using /etc/pam.d/common-auth, yous tin assay it inwards /etc/pam.d/sshd or /etc/pam.d/lightdm or a issue of other ways. I volition leave of absence that testing to you. But inwards whatsoever of the cases yous larn locked out of your Linux, here’s how to interruption into Linux.
BTW, if anyone is wondering who tried to access my Laptop, yah nah .. non telling you. Thanks i time to a greater extent than as well as enjoy.
References:
- http://askubuntu.com/questions/253189/can-i-make-the-webcam-take-a-picture-when-an-incorrect-password-is-entered
- http://ubuntuforums.org/showthread.php?t=1509424&p=9827947#post9827947
- Understanding PAM
- PAM Man Pages
