# PAM unixsock


Ever felt the need to do something with PAM, like implementing 2FA in SSH? You are left with a few
bad choices, among others you'll need to write something (complex) in C. I rather not do that, so
I've created [pam-unixsock](https://github.com/miekg/pam-unixsock).

This is _tiny_, the most trouble I had with concatenating strings with a space in between,
because, you know, C. Anyway _tiny_. It doesn't do much and gets you into another language quickly!

```txt
github.com/AlDanial/cloc v 2.02  T=0.01 s (711.7 files/s, 48601.9 lines/s)
----------------------------------------------------------------
Language      files          blank        comment           code
----------------------------------------------------------------
C                 1             22              0            144
```

This PAM module writes a few lines (username, 2fa token, ...) in a `word\n` fashion to the
Unix socket (yes, the ordering matters, maybe that will change in the future). You can write a
server that listens on that socket and does the complex thing you want. It should write back `1\n`
for success or `0\n` for failure to authenticate.

This is opening up many features on the Linux platform at $work, like integrating the normal user
utilities (chsh, passwd, etc.) to interface with the central user DB, instead of just idling.

Of course I'll be writing the server in Go, but you can _even_ use Rust. An example Go server is
included in the source.