A PAM module that protects sensitive data and provides a panic function for emergency situations. Authentication through passwords or removable media.
Go to file
2018-08-10 13:55:25 -04:00
m4 Convert the project to use the GNU Build System (aka Autotools) 2018-04-02 14:44:28 -04:00
src Added authorship 2018-08-10 13:55:25 -04:00
test Header and header. 2018-05-11 04:18:34 +02:00
.gitattributes Roff? Nah. Fix! 2018-04-13 17:09:39 +02:00
.gitignore *.[0-9].tmp 2018-06-13 11:53:09 +02:00
.travis.yml Travis should have cunit 2018-05-11 01:48:59 +02:00
AUTHORS Convert the project to use the GNU Build System (aka Autotools) 2018-04-02 14:44:28 -04:00
ChangeLog Convert the project to use the GNU Build System (aka Autotools) 2018-04-02 14:44:28 -04:00
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md 2018-04-04 03:03:01 +02:00
configure.ac Working CUnit test but still meh autoconf 2018-05-11 04:03:19 +02:00
COPYING Convert the project to use the GNU Build System (aka Autotools) 2018-04-02 14:44:28 -04:00
INSTALL Convert the project to use the GNU Build System (aka Autotools) 2018-04-02 14:44:28 -04:00
ISSUE_TEMPLATE.md Create ISSUE_TEMPLATE.md 2018-04-25 01:33:42 +02:00
Makefile.am Test suites with dirty autoconf. Closes #20 2018-05-11 01:29:13 +02:00
NEWS Convert the project to use the GNU Build System (aka Autotools) 2018-04-02 14:44:28 -04:00
PULL_REQUEST_TEMPLATE.md Create PULL_REQUEST_TEMPLATE.md 2018-04-25 01:39:19 +02:00
README Convert the project to use the GNU Build System (aka Autotools) 2018-04-02 14:44:28 -04:00
README.md Typo 2018-08-04 13:15:01 +02:00

Build Status Codacy Badge

pam_panic

Purpose

pam_panic is a PAM module that protects sensitive data and provides a panic function for emergency situations.

How it works

You can choose from one of two options:

Using two removable media previous your own password

There are two removable media which work as keys: the auth key and the panic key. The auth key will let you pass to the password prompt whereas the panic key, if provided, will securely erase the LUKS header, rendering the data unreadable.

Using two passwords previous your own password

There are two passwords you are able to set: the key password and the panic password. The key password will let you pass to the original password prompt whereas the panic password, if provided, will securely erase the LUKS header, rendering the data unreadable.

Installation

Arch Linux

There is pam_panic-git in the AUR now.

Ubuntu

There's a PPA. To install the package using the PPA:

sudo add-apt-repository ppa:bandie/pampanic
sudo apt-get update
sudo apt-get install pampanic

From sources

You will need GCC or similar, as well as the PAM headers. Some distributions package the PAM headers as libpam0g-dev. Also you need autoconf.

To compile and install it, do the following within the project's root directory:

$ [ ! -e ./configure ] && autoreconf -i
$ ./configure
$ make
$ sudo make install

Note: the paths of the reboot, poweroff, and cryptsetup commands are passed to the module at compile-time.

Preparation

If you want to use removable media you'll need two GPT-formatted removable storage devices, and said devices must have at least one partition. Here's an example fdisk session, showing how this might be accomplished:

$ sudo fdisk /dev/sdc

Welcome to fdisk (util-linux 2.31.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.


Command (m for help): g
Created a new GPT disklabel (GUID: AAAAAAAA-AAAA-AAAA-AAAA-AAAAAAAAAAAA).

Command (m for help): n
Partition number (1-128, default 1): 
First sector (2048-15661022, default 2048): 
Last sector, +sectors or +size{K,M,G,T,P} (2048-15661022, default 15661022): 

Created a new partition 1 of type 'Linux filesystem' and of size 7.5 GiB.
Command (m for help): w

You'll find the UUID of your partition in /dev/disk/by-partuuid/. You can find out which device is which typing ls -l /dev/disk/by-partuuid/ in your favourite shell.

Configuration

To configure the module, add the following to the appropriate PAM configuration file(s): (see pam.conf(5) for details on these files)

Using the removable media:

auth       requisite    /usr/local/lib/security/pam_panic.so auth=<UUID> reject=<UUID> reboot serious=<UUID>
account    requisite    /usr/local/lib/security/pam_panic.so

Using the two passwords:

auth       requisite    /usr/local/lib/security/pam_panic.so password reboot serious=<UUID>
account    requisite    /usr/local/lib/security/pam_panic.so

To set your passwords run pam_panic_pw as root in your preferred shell.

More information

See man 8 pam_panic and man 1 pam_panic_pw for more information.

Contact

TODO

Addendum

Poisoning memory when issuing a reboot or shutdown

If you want to be sure to have your memory clear of all information when issuing a reboot/shutdown you might want to add the option page_poison=on and slub_debug=P to your kernel command line at boot. For GRUB2 you just append it on your GRUB_CMDLINE_LINUX entry in /etc/default/grub and then issue a rebuild of the GRUB2 config: grub-mkconfig -o /boot/grub/grub.cfg