So in an environment where I have 40+ sets of completely unique sets of logon credentials. The only way I've been able to manage this is by keeping them in a hidden and heavily encrypted text file in my home dir.Would like to hear alternatives to this approach if there are any, BTW. Right now I have a script that automates the process of un-encrypting the file, launching an editor and then clean-up with shred -u after editing and re-encrypting.
What bugs me is the interim where I have the file in an un-encrypted state on my drive. It doesn't seem necessary. I have a view script that allows me to see what's in the file without saving it to the drive.
I would like to grep all values other than encrypted password from /etc/shadow fileFor example,each line consists of 8 fields separated with :/The only thing that I want not to print out is the contents between first : and second : (encrypted password)
I just upgraded from F14 to F15 and have a problem with entering the password for the encrypted FS: when booting with the latest entry in the bootloader:
I remember that some time ago I found a guide on the Ubuntu website about adding samba shares to mount at boot via /etc/fstab. The guide also mentioned using a credentials file to store the username and password.
However, the password was encrypted (in md5 I think) and it could not be read directly, but it still worked with fstab mount. If I remember correctly, the file contents were similar to this:
Code: useraname = user password = --md5
where was replaced by the encoded password. All was done in terminal. Recently I changed computers, and re-installed Ubuntu, but I forgot to save that file so I am not sure about the contents. I would like to know how to do this again, but I can't find the guide anymore. Does anyone know how to do this? Storing the password in plain text in file readable only by root is not acceptable because it can be read by someone mounting the drive from other operating system, and the share cannot be mounted/unmounted by regular users (which is possible with the md5 encrypted password).
there are some configuration files where linux require the password of application user, to do something.how can i to encrypt the password in these files? Or how can i to store that password in encrypted file and retrieve it in secure mode?
I have a requirement to set up linux system administrator password with respect to below guidelines... I was lookin at pam_passwdqc but not sure that it all the below mentioned criterias to be acheieved.. Please go thru the below criteria and let me know which utility should i use for it.
1 The password length must be at least 16 characters long. 2 The password must be different from the previous 20 passwords.# Not sure how to acheieve this 3 The password must be changed every 60 days. 4 The password must be different from the user ID. It must not contain any derivatives of the User ID. ]# Not sure how to acheieve this 5 The password must contain characters from 3 of the following 4 classes:
5.1 Upper Case 5.2 Lower Case 5.3 Numerals 5.4 Special Characters (for example: #, $, &, ].....)
I have installed fedora 11 in my system. While installing it asked me encrypted password which i passed. But I forgot that. Now the problem is whenever i boot my system before going to root itself it is asking for volume encrypted password, which as i told you i have forgot. Now i am not able to access my hard disk since it is completely locked. Is there any way to decrypt the password or unlock it. Or if that is not possible can data be recovered,which is my primary requirement..
I've just started using ubuntu one. However, some of the files I store on there are sensitive so I encrypt them using seahorse. Right click, encrypt etc etc. My question is, is there a way to automatically get the encrypt process to delete the un-encrypted file when it makes the new encrypted copy?
I'm looking for a Web File Management Application to use in my intranet. All I need are users ACL and a simple interface. Ldap authentication would be a nice fit I saw something around like PHPfilenavigator, and for further info, I like Ubuntu distro. Right now I'm using the filemanager inside eGroupware but I'd like to dump it Can anyone give me some opinion and suggestion?
I'm curious how file association management is implemented in Linux. Where is the related information stored? How do I modify it (I'm interested in non-KDE-based ways; I know there's a system configuration page for that in KDE)?
I would like to create a directory public_html/archive that is a mirror of public_html/images, except that deletions in the images directory don't cause corresponding deletions in archive.
I was going to manage all of this in code, but then I figured, maybe the system can handle it for me in a robust way.
Note that the website will reference archive in real time, so it has to be an instant mirror and not something done nightly, etc.
I need a webserver (LAMP) running inside a virtual machine (#1) running as a service (#2) in headless mode (#3) with part or the whole file system encrypted (#4).The virtual machine will be started with no user intervention and provide access to a web application for users in the host machine. Points #1,#2 and #3 are checked and proved to be working fine with Sun VirtualBox, so my question is for #4:Can I encrypt all of the file system and still access the webserver (using a browser) or will GRUB ask me for a password?If encrypting all of the file system is not an option, can I encrypt only /home and /var/www? Will Apache/PHP be able to use files in /home or /var/www without asking for a password or mounting these partitions manually?
I'm trying to work on the SmashTheStack wargame on Ubuntu, and I'm stuck at level 1 with using John the Ripper (JTR). I got the encrypted password and was able to run JTR on it using
Code:
but the output is
Code:
I'm pretty sure that the 'trying:' part is supposed to be the attempted passwords, but this one doesn't work, and this is the only one that gets output. When I run
Code:
I get
Code:
Which I'm guessing means that nothing happened.. what am I doing wrong, and how can I get it to work?
As a strategy for learning linux I have decided to adopt using a lean windows based approach. I want to focus on command line machine system, network basics, and file management knowledge. In other words find out how desktop manager does it's business, so I know how to master my machine, but by and large once I have made my choices, leave it alone to do just that.
I figure I should know how applications are internally configured etc., but I also figure an apps GUI and config choices should take care of installations, and program usage as in M$ windows. Surely taking care of an applications dependencies are the responsibility of the developer, are they not?
I am working my way through "Rute User's Tutorial and Exposition (Version 1.0.0)" right now for an overall viewpoint. Can anyone suggest a specific source for a point by point explanation of the command basis of a generalised "desktop management" application (KDE,LXDE)? Better yet would be if it had some parallel comparison of the varied approaches taken by different distributions of linux.
A secondary question, is that allowed? Up to a certain point in Ms windows, a thorough knowledge of DOS 6.xx would theoreticaly enable one to more or less duplicate the actions of the windows overlay. Is there a basic distribution (or subset in all of them maybe?) of linux that would be consistent with that paradigm? What would be analogous to DOS batch files, or GM-Basic? Oh! that's 3.I am certainly appreciating the depth of this forum, and the breadth of knowledge among you forumite's. Reading it is time well spent.
Didn't know where to post this as it doesn't really call under desktop or installations haha.Anyway, I have a bit of a problem. I've Installed Ubuntu 10.04 with and encrypted LVM password and it went on ok. When booting up the computer it comes to the screen where you enter your password to unlock the LVM which looks great.However after installing the NVidia graphics driver for the laptop and rebooting, the LVM password entry screen seems to be too big to fit on the screen, not looking very good....
I just installed CentOS 5.4 (x86_64) and I encrypted my /home /var /tmp and /mnt/Storage partitions, along with my swap partition. My only complaint is that when I boot, I have to enter my password 4 times, and I did not pick a short password. The password is the same for all 4 partitions. Is there anyway I can set things up so I can just type my password once? Once I get everything set up, I won't be booting that often, but right now it is a PIA.
I maintain a samba PDC for a small business, our current setup does not work very well; on a hardware upgrade I directled imported the old ldap database and attempting to add machines to the domain causes all sorts of trouble.
I'm 95% sure the original database (which predates my employment) was created using the idealx smb-ldap tools, unfortunately on our current platform (debian lenny) these tools seem to be broken; the only things hey seem to do reliably are set passwords and add posix users, asking them to do anything involving samba/windows causes errors. The idealx tools seem to be abandoned, and I don't know enough perl to try and fix them.
Since the idealx scripts seem to be abandoned, and most of the good samba+ldap how-tos references the idealx tools, I was wondering what people use nowadays to manage there ldap directories; surely they aren't importing .ldif files to add new users/machines like I've been doing. Are people just writing thier own management scripts/web-apps? Or are the smb=ldap tools just broke on debian?how to generate the NT/LM password hashes and proper SIDs, does anybody have anything they could point me to about this?
I have F10 installed on my laptop with disk encryption enabled. When I boot the machine I get a "Password:" request on screen but can't start typing for 30 seconds or more.Presumably the OS is not ready. This means I have to wait at the keyboard tapping a key until I see asterix. It's a waste of time and frankly a bit clunky for a modern OS. How can I change the behaviour so that the "Password:" request only appears when I can actually type?
There was a recent thread in this forum regarding capturing of SSH passwords via the use of wireshark. The thread subject was closed, which is a decision that I both agree with as well as agree with the reasoning behind. The thread, however, raised a point of curiosity and concern that I would like to ask about. Quoting from a the book, SSH, The definitive guide,
The client authenticates you to the remote computer's SSH server using an encrypted connection, meaning that your username and password are encrypted before they leave the local machine. The SSH server then logs you in, and your entire login session is encrypted as it travels between client and server. Because the encryption is transparent, you won't notice any differences between telnet and the telnet-like SSH client.
I was under the impression that SSH was impervious to this type of eavesdropping, and quite frankly I take great comfort in that idea. I personally, only allow RSA keys for SSH access and (hopefully) avoid this problem (?) as a result. Does SSH really have a vulnerability in that the authentication is sent via plain text? How to ensure the security of SSH and not on anything that could be considered a how to 'crack' it.
I've set up a Lucid system with software RAID and encryption, with three encrypted partions - swap (/dev/md1), the root filesystem (/dev/md2), and /home (/dev/md3). The unencrypted /boot partition is /dev/md0.
This works well but the passphrase had to be entered three times at bootup. Obviously it would be preferable to enter the passphrase once to unlock the root partition, then have the others unlocked via key files. So I added key files to the swap and home partitions and modified /etc/crypttab to use them:
Code: md1_crypt UUID=8066adbc-584c-4766-b188-bc2a7b61a2f0 /root/keys/swap-key luks,swap md2_crypt UUID=bac82294-f3b9-45e4-89ad-407cf8b19b7b none luks md3_crypt UUID=7d82a0b7-c811-4cc3-9fe7-1961c74b5ff2 /root/keys/home-key luks The key files are owned by root and have 0400 protection. (The /root/keys
[Code].....
Since the swap partition is no longer referenced in fstab or crypttab, why is there still a bootup password prompt for it? What else needs to be done to stop it?
I want to have /boot as an ext2 (I don't need journaling and I might want to undelete something) and all other partitions in an LVM.When the server starts it will prompt me for the LVM password. I would like to be able to contact the server using SSH (or using another secure method) and tell the password. Since /usr/sbin and all the other partitions are inside the LVM I guess I have a problem?
Is it possible to setup something like this? The SSH session for the LVM authentication does not have to be a daemon. It can be something which just sits and waits until I connect and input the password. And then the "real" SSH deamon kicks in.
I installed 10.10nbr on my wife's eee 901. Now she cannot remember her password. I've tried booting to recovery to use the passwd command, but that does not work. I believe I encrypted the home folder when I installed. Normally if I don't encrypt home, then I enable auto-login.
I'm running Thunderbird with Enigmail, and I have this very annoying problem. When I open an encrypted email for the first time, it asks me for my key password. It then remembers my password. This is fine for a few minutes, since I don't want to enter the password every time if I look at seven emails in five minutes. However, I WOULD like it to EVENTUALLY forget. At the moment, it doesn't even forget if I shut off Thunderbird. I have to restart my computer, in fact.
The preferences for Enigmail don't help. I've configured it to remember the password for 0 minutes, for example. I don't know how to edit the preferences for gpg-agent or anything else like that.
I have installed debian 6 on two of my laptops. During installation I chose to encrypt my partitions (swap, root and home). Now I find it annoying that during boot up I'm asked for password, for each of these partions seperately. I have given same password for all three of them. How can I make the system ask for the password only once. I know it can be done because on fedora it was like that before.
I have installed fedora 11 in my system. While installing it asked me encrypted password which i passed. But I forgot that. Now the problem is whenever i boot my system before going to root itself it is asking for volume encrypted password, which as i told you i have forgot. Now i am not able to access my hard disk since it is completely locked. Is there any way to decrypt the password or unlock it. Or if that is not possible can data be recovered,which is my primary requirement..
