On Fri, 19 Oct 2018, Damian Kaliszan wrote:
> Hi,
>
> I'd like to ask you (I couldn't find an answer on OpenSSH
mailing
> lists) if it's possible to rename/remap/manipulate with username
> during logging?
>
> I found a similar solution to what I want here
> https://sourceforge.net/projects/ukngi/files/meg/1.0-1/ but this is
> gsissh.
>
> To be precise I tried 2 possible solutions:
>
> a/ enabled pam_script pam module as the first module during
> authentication and set PAM_USER in pam_script_auth script
>
> b/ I created my custom module in which inside pam_sm_authenticate
> function I call pam_set_item where I change the username
>
> but both failed. Could you please help me and answer if it's possible
> at all?? (let's leave other issues e.g. security aside)
OpenSSH doesn't support username remapping via PAM, but you should be
able to do it via a NSS module.
-d