None of us want others intruding into our Linux machines. ffmpeg is a tool that can detect when someone is trying to get into our system. Let’s see how we can use it to secure ourselves from such unwanted invasions.
Data is a major resource today and securing all our devices has become crucial. We would like to protect ourselves from anyone logging into our laptop or computer. If we are using hardware shared by multiple people who have multiple user IDs, there is a chance that another user may want to log into our system for our files, etc. So let us understand how we can detect such intrusions in our Linux machines, by setting up a program that takes a photo when a wrong password is entered in our system.
The first step is to install the ffmpeg package. This can be done using the following command:
sudo apt-get install ffmpeg
Next, create a shell script, as shown below. First, open any editor. I am using gedit here; you can use it too with the following command:
sudo gedit /usr/local/bin/passwordpicture
When you run this command, the editor will open and you can paste the following shell script in it, as shown in Figure 1:
#!/bin/bash dates=`date +%s` ffmpeg -f video4linux2 -s vga -i /dev/video0 -vframes 3 /Pictures$/vid-$dates.%01d.jpg exit 0
If your video source is different, you can replace /dev/video0 with the path of your camera. I have stored the clicked photos in the /Pictures folder; if you want to store your pictures in some other location, do change the path for that as well.
Now run the following command to make the written script executable:
chmod +x /usr/local/bin/passwordpicture
This is basically the script to click the photograph. Now, let’s write the condition to take the photo only if the password entered into the system is wrong.
Open the following file, using this command:
sudo gedit /etc/pam.d/common-auth
Change the following line:
auth [success=1 default=ignore] pam_unix.so nullok_secure
…to:
auth [success=2 default=ignore] pam_unix.so nullok_secure
In order to not take cognisance when the password is correct, add the following just below this line:
auth [default=ignore] pam_exec.so seteuid /usr/local/bin/passwordpicture
This will click a picture if a wrong password is entered while logging into the system.
Finally, the overall script should look as shown in Figure 2.
Now save and close it.
If you now log out and try to log in with a wrong password, a picture will be clicked, and it will be stored in the /Pictures folder, as shown in Figure 3.
I hope you found this interesting and are going to try it out. And if you explore the tool some more, you will get many more such ideas!! This concept could be implemented while building a larger security system for offline computers.
