The echo service module for PAM displays its arguments to the user, separated by spaces, using the current conversation function.
If the
% character occurs anywhere in the arguments to
pam_echo, it is assumed to introduce one of the following escape sequences:
%H
The name of the host on which the client runs (PAM_RHOST).
%s
The current service name (PAM_SERVICE).
%t
The name of the controlling tty (PAM_TTY).
%U
The applicant's user name (PAM_RUSER).
%u
The target account's user name (PAM_USER).
Any other two-character sequence beginning with
% expands to the character following the
% character.