Fedora Servers :: Ssh Authentication With Passphrase+password?
Jul 19, 2011
We have small requirement, we need to connect to ssh server through ey+Passphrase+password. Is it possible to configure this type of authentication in any version of openssh/fedora.
View 3 Replies
ADVERTISEMENT
Feb 9, 2010
Simply, the number of possible combinations of passwords increases as an exponent of the number of characters used and as a factor of the number of characters available for use.
26 potential characters for a 2 character password results in 26^2 possible password combinations. This means that each new character added would result in an "order of magnitude" increase in the difficulty of brute force attack.
Using a phrase, complete with punctuation and capitalization is the very best mnemonic device to remember a password. Consider this, how hard is it to remember; The quick brown fox jumped over the lazy dog.
Than it is to remember, l33tsp34kp@ssw0rd
If we pretend that both of these passphrases are generated from a character set consisting of 26 characters, the first would be one of a possible 15274273784216769021564085930704478424313742483024 510976. The second would be one of a possible 1133827315385150725554176.
In short, use a passphrase not a password, they are much MUCH more secure.
View 14 Replies
View Related
Feb 10, 2010
I maintain a samba PDC for a small business, our current setup does not work very well; on a hardware upgrade I directled imported the old ldap database and attempting to add machines to the domain causes all sorts of trouble.
I'm 95% sure the original database (which predates my employment) was created using the idealx smb-ldap tools, unfortunately on our current platform (debian lenny) these tools seem to be broken; the only things hey seem to do reliably are set passwords and add posix users, asking them to do anything involving samba/windows causes errors. The idealx tools seem to be abandoned, and I don't know enough perl to try and fix them.
Since the idealx scripts seem to be abandoned, and most of the good samba+ldap how-tos references the idealx tools, I was wondering what people use nowadays to manage there ldap directories; surely they aren't importing .ldif files to add new users/machines like I've been doing. Are people just writing thier own management scripts/web-apps? Or are the smb=ldap tools just broke on debian?how to generate the NT/LM password hashes and proper SIDs, does anybody have anything they could point me to about this?
View 1 Replies
View Related
Jun 30, 2011
When I try and access redmine from the webbrowser i get an error:
Code:
FATAL: password authentication failed for user "redmine" FATAL: password authentication failed for user "redmine" (PGError)
[code]....
View 7 Replies
View Related
Jan 10, 2010
I want to configure SSH key-based authentication and SSH password Authentication in same machine for different user .
View 1 Replies
View Related
Feb 8, 2011
I considered making my system run the following if an incorrect password is entered 10 times in a row or a specific dead-password is entered.Code:shred /home/.ecryptfs/$USER/.ecryptfs/wrapped-passphrase.Because ext4 doesn't journal the contents of the file, only the metadata, the file would be shredded and it would be impossible to recover the encrypted home folder even with the password.Is there a simple way I could make GDM check this or would I have to patch and recompile GDM for something like this to work?
View 1 Replies
View Related
Apr 19, 2011
When I set up an ID in Ubuntu, I encrypted it. I did a print screen of the passphrase and put it on the desktop. I'm just learning how to use the encryption so don't fault me for putting it right on the desktop. There is no important data in this ID. Now, I went and changed my password to the account. On the next boot, I got a few error message:
Could not update ICEauthority file /home/mickymouse/.ICEauthority
There is a problem with the configuration server /usr/lib/libconf2-4/gconf-sanity-check-2 exited with status 256 In researching these, it looks like the problem is that I changed the password but didn't update (or something) my passphrase.
I can't boot into the GUI but I have figured out how to boot to a command prompt. I don't have access to my home directory because I don't have my passphrase. Am I toast or is there a way to recover / update the passphrase?
View 3 Replies
View Related
Dec 5, 2010
Server A: Generated RSA Key
Server B: Added the RSA Key to authorized_keys list
SFTP from A to B.
Still prompts for password.
I will be sftp-ing both from Server B to Server A and 'A to B'. Sever B to Server A works fine. No prompting for password. But from A-B it this is what is happening sftp -v log...
debug1: Offering public key: ~InfAdmin-.ssh-id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: ~InfAdmin-.ssh-id_dsa
debug1: Next authentication method: password
InfAdminATServerB's password:
Why is this trying id_dsa private key? From Server B to Server A when I do the same, it does not say 'Trying Private Key -id_dsa' This is what it says
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
How do I enforce that Server A does the same? Why is it trying the dsa private key when I have used RSA.
View 4 Replies
View Related
Jan 27, 2010
Can't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
View 3 Replies
View Related
May 9, 2010
I just installed Fedora 12 on HP Pavilion (dual boot with Windows vista). I made it all the way through the installation and created my user account. A few seconds later I got the login screen asking for my password. I enter the password and get "Authentication Failure."
The name that shows up on the login screen is my full name, not the user name that I created. Is that wrong?
View 4 Replies
View Related
Dec 19, 2010
How to disable the NTFS drives root password authentication?When I try to access the NTFS drives for the first time after logging in, the system is asking for root password authentication.How can I disable this?
View 1 Replies
View Related
Jan 29, 2011
I am a noob who is playing around with setting up a home print/file server using Ubuntu Server 10.04. I have successfully setup the server and am now configuring the SSH server so I can control remotely.
I have setup RSA keys with a passphrase as outlined in the SSH - Ubuntu Community Documentation. However, when I log in remotely I am only asked for the passphrase the first time. Any subsequent log-ins simply take a few seconds to connect without any passphrase request. After restarting my laptop (that I use to connect remotely), I am again asked for the passphrase only the first time and subsuquent logins are without a passphrase. I would like to know if this is normal and if there is a way to have passphrase requested on each login.
View 3 Replies
View Related
Mar 14, 2011
On Ubuntu server 10.10, with a relay smtp server with authentication via postfix; I keep getting 535: Incorrect authentication data. I'm sure my username and password is correct. Heres how I set up postfix: I created a file called smarthosts.conf in my /etc/postfix/ directory that contains the following:
[Code].....
my server uses plain text authentication on port 25. I would like to use security like SSL, but this particular server is unsecured.
View 9 Replies
View Related
Apr 28, 2010
I have a rather difficult problem. Every time I need root privileges and I am asked to authenticate (i.e. Update Manager, mounting a partition, etc), the password window comes up, shakes and immediately closes, leaving me with no chance to enter a password. What to do?edit: this is NOT the login window, just the little dialog that pops up when you need elevated privileges.
View 5 Replies
View Related
Aug 30, 2010
So I've connected to my wireless network with the command:
iwconfig wlan0 essid Linksys
But I need to enter my wireless access' passphrase to connect to it. The closest I've come is using:
iwconfig wlan0 key s: PASSPHRASE
...which gives an invalid argument and I've resently found out that this passphrase command is not supported - yet.
Where do one tell Ubuntu to use a passphrase to connect to a wireless network?
- Ubuntu 10.04
View 5 Replies
View Related
Feb 8, 2010
Something has gone awry with my login. After the usual username/password prompt my laptop comes up with smart card authentication & I can't login. How do I get away from the graphical login so I can login & correct the problem?
View 3 Replies
View Related
Mar 1, 2011
Is there a guide somewhere that covers installing Trac? [URL]That one doesn't cover how to link Trac to Apache with mod_python,configuring authentication, or using htdocs to host static content (like the logo image I want to use. Does tracd support authentication and htdocs?
View 1 Replies
View Related
Aug 27, 2011
A time ago I've been trying to implement a PDC linux server with Samba and Openldap for centralized authentication for windows and linux clients, but I can NOT get it. So I read somewhere that there is another option called Directory Server and maybe that is possible to do. According to your experience do you recommend any 'how to' or 'tutorial' that will permit implement a PDC server for authenticating and sharing files and printers for windows and linux clients?
View 2 Replies
View Related
Apr 28, 2011
I am new to to dovecot and would like some help, so please be kind.I have one user that can send mail but not read it either by pop3 or imap.I am running Dovecot 2.0.11 on Fedora 14.
View 2 Replies
View Related
Sep 2, 2011
I have a openldap server running on one machine (fedora10) and pam_ldap.so and nss_ldap.so running on the other machine.
I have added a new user to the LDAP server database, this user is not created on client machine.
1. Can i login to the client machine using this new user?
2. Now if i try logging with this new user I am getting error messages, the error messages are as follows at client side
Sep 2 10:34:36 localhost sshd[8484]: Invalid user kim from 10.254.194.148
Sep 2 10:34:36 localhost sshd[8485]: input_userauth_request: invalid user kim
Sep 2 10:35:16 localhost sshd[8484]: pam_ldap: error trying to bind as user "cn=min soo,ou=people,dc=samsung,dc=com" (Invalid credentials)
[Code]....
View 4 Replies
View Related
Jul 25, 2011
I am running a small ubuntu-server headless machine at home. It is configured with sshd so that I can connect from anywhere (if I have Internet access.)However, there is a thing: I'd like to have good security and disable password authentication, but I also want to be able to connect from a PC that I've never touched before. And no, I'm not prepared to type a 256 bytes password every time I type "sudo ..."
Here is what I thought: I could have a login (pieroxy) that has a moderately strong password and another user (pieroxy-ext) that has a very strong password (100+ chars.) I would use my regular account (pieroxy) whenever I have a key-based authentication and the other one (pieroxy-ext) whenever I have a password-based authentication to do. Then, I'll just su to "pieroxy" and I'm done typing the 100 chars pwd. In order to do that, I would need to be able to configure my machine so that password-based authentication is disabled for all accounts but enabled for my account that has a strong password (pieroxy-ext). Is it possible to disable password-based authentication on a user basis?
View 2 Replies
View Related
Oct 8, 2010
I had installed xp & ubuntu on my laptop hp compaq cq-40. Then i got this problem on su password authentication failure. I had alreadyformat and re installed ubuntu. But the su authentication still failure,
View 2 Replies
View Related
May 3, 2011
I am running Ubuntu 11.04 which I like very much (except for Unity - so I am using Ubuntu Classic).
Whenever I try to use "su - " I get Password Authentication Failure. I have checked Caps Lock (obviously) and have also tried resetting the password using "passwd" - but with no success.
If I use "sudo ...." with a command the password is accepted.
I have the same software installed on two computers but the problem only occurs on one - the other is OK!
View 2 Replies
View Related
Sep 9, 2010
I am using Fedora 13 x64.I want to removing passphrase from the RSA Private Key then harden the decrypted Private Key.When I tried section 6.6 guide line, I get directory does not exist?I don't know where my server.key is stored.
View 1 Replies
View Related
Jul 7, 2010
Every time I log in to my Fedora 13 system, I am prompted for my SSH pass phrase.
I would like to be prompted the first time I login after booting, but then have ssh-agent continue to run until I kill it or shutdown so I don't have to be prompted every time.
Where do I configure this?
View 3 Replies
View Related
Oct 13, 2010
I set up a debian lenny in vmware on my windows machine. The network interface is set to bridged, so the virtual machine is connected directly to the university network i am connected to. I want to be able to ssh into the vm.I installed sshd via "apt-get install ssh", generated a key pair with puttygen and copied the public part to "/home/user/.ssh/authorized_keys", set rights to 600 and then tried to disable password authentication completely, following the "securing debian" documentation.this is how my /etc/ssh/sshd_config looks now:
# Package generated configuration file
# See the sshd(8) manpage for details
# What ports, IPs and protocols we listen for
[code]...
View 7 Replies
View Related
Aug 8, 2011
I was hoping that someone could point me in the right direction. I just did an install and the os is up and running. During install, I set a root password and also set up a regular user account. The only option at login is the regular user acct. Needless to say, the os asks me to provide the root pw for just about everything I need to do.get an authentication failure. (I assume that this is the same as permission). I can find plenty of info on how to restrict access but nothing relevant to my problem. Just to rule out an install problem, I installed the os a 2nd time. I am very sure I have my passwords correct. One other thing to note is that on the 1st install, I used a different pw for root and regular user. On the 2nd, just to keep is as simple as possibl I used the same pw for root and reg user account. I am new to debian, but the distro that I have been using (slackware)
View 5 Replies
View Related
May 2, 2010
have been experiencing an error (the past few weeks) whenever I try to install a software package using the default installer. Each time I enter the root password it is not accepted and I am unable to get past it and the installation fails.This is the error message that is issued:[PK_TMP_DIR|dir:///var/tmp/TmpDir.mf2zCf] Repository already exists.I am able to enter the root password in a terminal session without any problem along with using the Install Software option in the main menu.
View 6 Replies
View Related
Jun 13, 2010
I've been having enormous problems with pam authentication. I use opensuse 11.1, postfix 2.5.5, dovecot 1.1.7. , ssl, dovecot-sasl. Everything works fine within local network, but I can't log in from outside (using outlook express 6). Output of dovecot -n:
protocols: imap imaps pop3 pop3s
listen(default): *:143
listen(imap): *:143
listen(pop3): *:110
[code].....
View 4 Replies
View Related
Feb 2, 2010
Is there a way to disable password authentication completely? The command line is the following:
ssh -o KbdInteractiveAuthentication=no -o PasswordAuthentication=no machine"
it STILL asks for a password. Of course I would like to do this without touching the server, if possible.
View 2 Replies
View Related