I want to allow ssh only to user with rsa key file and also after authenticate the rsa key it will ask user login password, is it possible to add this type of duel security on linux box.
View 4 RepliesWhen I ls -l /etc/passwd, -rw-r--r-- 1 root root /etc/passwd When I login as myself, and rm /etc/passwd, it asks: rm: remove write-protected file '/etc/passwd'? If I say yes, will it actually delete the passwd file?
View 1 Replies View RelatedThis is for educational purpose. In fact it is my lab tutorial for a subject.I want to capture the users password when he changes his password. Both new and old.This is the script i have come up with:
Code:
#!/bin/bash
echo "Changing password for user $USER."
[code]...
I'm using a command in Linux which generates an eight character random password. the problem is when i execute the command, the generated password have shown and isn't store anywhere i can use.How can I store this password into a file or pipe the command to save the password into desired file directly?
[code]...
I m Trying to get vsftpd usergroups to work i accidentally moved a file called passwd from /etc/vsftpd/ to /etc/, resulting in my root access is destroyed! how to restore the passwd file so i can keep working, or do i have to re-install the entire box?
View 4 Replies View RelatedI made a shell backup script that uses Rsync and I am trying to get rid of the password prompt because it will use a CRON to run. I have set my variable in my shell script at:
PASSWORD_FILE=rsync_password
And the password in that file only takes up 1 line.
However when I run (ignore $DESTINATION)
rsync -aRvz tmp $DESTINATION --password-file=$PASSWORD_FILE
It still gives me the prompt. How can I accomplish this? I cannot allow a prompt and I do not want to have to use keys.
So in an environment where I have 40+ sets of completely unique sets of logon credentials. The only way I've been able to manage this is by keeping them in a hidden and heavily encrypted text file in my home dir.Would like to hear alternatives to this approach if there are any, BTW. Right now I have a script that automates the process of un-encrypting the file, launching an editor and then clean-up with shred -u after editing and re-encrypting.
What bugs me is the interim where I have the file in an un-encrypted state on my drive. It doesn't seem necessary. I have a view script that allows me to see what's in the file without saving it to the drive.
how to create password protected tar file ?
View 3 Replies View RelatedToday i was going through some of security guides written on linux .Under shadow file security following points were mentioned.1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.2)Usernames in shadow file must satisfy to all the same rules as usernames in /etc/passwd.3)password for application Username should display * if username is not locked.4)If a user is locked it should be displayed as ! as the first character in second field of shadow file.
Confusion for point 1 and 2:Now i m confused as why the encrypted password should be more than 14-25 characters.Also what rules to satisfy How to check it?Confusion for point 3 and 4:There are lot of users with * as second field i guess they are not locked but according to 4th point there are lot of users with ! as first characters.How would i check whether they are actually locked or not.I m posting the output of /etc/shadow and /etc/passwd files for the account.
There are weird commas after the real-name parameter of some lines in my /etc/password file.
kye:x:1000:100:Kye,,,:/home/kye:/bin/bash
What gives? Why are they there? Can I remove them?
Is there a way to crack the windows Administrator password in Linux (using the SAM file) WITHOUT resetting it?
Ok so Ive already got Ubuntu 10.10 on a usb bootstick. Chntpw is installed as well. What I'm wondering is are there any programs to crack as in decrypt the SAM file and show the password but not erase it? Most Linux programs Ive come across don't do this. They just reset the password.
I would like to grep all values other than encrypted password from /etc/shadow fileFor example,each line consists of 8 fields separated with :/The only thing that I want not to print out is the contents between first : and second : (encrypted password)
View 7 Replies View Relatedactually i upload a password protect folder software, but unfortunately it was a trial version which i didn't know . now i am unable to recover my files from that.
View 2 Replies View RelatedI want to automate the following manual process.Currently, I am encryptying a set of files using openssl as follows:Encrypt file.txt to file.out using 256-bit AES in CBC mode $ openssl enc -aes-256-cbc -salt -in file1 -out file1.enI am then prompted for a password, which is then used to encrypt the fileWhen decrypting, I type $ openssl enc -d -aes-256-cbc -infile1.enc -out fileI am then prompted for the password - which again, I manually type.I want to automate this process of en/decryption - so I need to find a way of providing openssh with the password.
My first thought is whether it is possible to read the password from a file (say)? Or is there a better way of doing this?Also, I suppose that I will have to place restriction on who can view the password file - otherwise, that defeats the whole objective of using a password. I am thinking to run the bash script as a specific user, and then give only that user read rights to the contents of that file.Is this the way its done - or is there a better way?Ofcourse all of this leads to yet another question - which is, how to run a bash script as another user - without having to type the user pwd at the terminal.
I have a requirement related to the apache access log file format: When a user access my local site, http authentication will be displayed:
Code: username: saagar password: 123 I wish to have the LogFormat in the configuration file in such a way that the username and password (saagar/123 in this case) will be logged in the /var/log/apache2/mysite_access_log file. I used the %u parameter as follows: Code: LogFormat "%h %u "%r" %>s %b" common CustomLog /var/log/apache2/mydreamhome_access.log common and it works, similarly I wish the password too to be displayed in the access_log file.
I am having problems gaining access to the BackupPC admin web page. The error:
Quote:
[Tue Feb 22 16:43:59 2011] [error] [client 192.168.0.2] (13)Permission denied: Could not open password file: /etc/BackupPC/htpasswd [Tue Feb 22 16:43:59 2011] [error] [client 82.30.227.113] access to /backuppc failed, reason: verification of user id 'myhtaccessuser' not configured
Why is this occuring, is there anyway of getting around this? I just cant remember originally on my old system how I set this up.
I made a script to backup file from each host with general password in local network. This script using SSH Pass and Rsync with this
syntax:
rsync --rsh="sshpass -p password ssh -l root" hostath destinationpath
Everything is okay under 9.10 version until I migrate to Ubuntu 11.04, there is always give an error:
rsync error: received SIGINT, SIGTERM, or SIGHUP (code 20) at rsync.c(541) [Receiver=3.0.7]
I am using bash version: GNU bash, version 4.2.8(1)-release (i686-pc-linux-gnu) and 2.6.38-8-generic kernel
I am an absolute Linux Beginner who is being required to do a bit of admin work because the boss just fired the old linux admin. Unfortunately, one of our employees cannot remember her password to her email account and as such I need to reset it on our linux server.What I want to check is that this email account is actually a linux user account and I simply will reset the password for it using the passwd command from the root login. Is that correct?
View 1 Replies View RelatedI want to add 50 new users, not on the server yet I want to add them all to group Accounting - with 1 option, not user by user I want to setup a default password for them all, and have it say something like 'You must now change password or no access will be permitted' Any other options I also want to do once, not for each user?
View 3 Replies View RelatedUbuntu 8.4 Just installed Truecrypt yesterday. Would like to be able to start Truecrypt automatically and use the same password as my login password.
View 1 Replies View Relatedbrand new 2 Ubantu & set up standard Ubantu compartment accessed via 1 user name only and password. 1st few times all good but now suddenly, unexpectedly password declared invalid. Had written down password so it is correct & not entry error. Not know how to reset password or bypass 'username/password log on screen' Am on an Acer 5542G with windows 7 home premium.
View 3 Replies View RelatedIs there a way to change password to value same as the previous password? I know this is a security flaw, but would like to know however. when I try this:
[Code].....
i forgot root password and how to change the password
View 3 Replies View Relatedhello i am trying to change my password, but when i type in the new password i get this:"The password is longer than 8 characters. On some systems, this can cause problems. You can truncate the password to 8 characters, or leave it as it is."my question is what kind of problem could i get and how can i change so i have to log in every time i start the computer?
View 9 Replies View RelatedI'm using Ubuntu 10.04LTS. I'm trying to configure my chat accounts. But after entering username and password, it is asking "Enter password to unlock your login keyring". I have entered my login password. But it is saying that "The password you use to log in to your computer no longer matches that of your login keyring."
View 4 Replies View RelatedOn my linux machine, I've enforced a password expiry policy every 45 days. So, today when I tried to ssh to the host, I get the typical "WARNING: Your password has expired". Fine, no big deal. But when I enter my new password and confirm, instead of giving me a login prompt, it tells me passwd all auth tokens updated successfully, then next line, "Connection to <host> closed". I can re-ssh back into that host and all is well from here, but it's a nuisance having to go through the extra step. Is this something in the /etc/ssh/sshd_config somewhere or perhaps a PAM config issue?
View 2 Replies View RelatedIs there anyway to put a password on a file that is not the user password or the superuser password? If so, how?
View 1 Replies View RelatedThis is sort of a weird question.'m helping an agency develop a Microsoft Access database. They use windows and I use Fedora. I can run Access in Crossover Office if I don't get too fancy.I've sent what I've done to them for their review and comments and somehow it has become password protected. I've checked the Access settings and their is no password set from Access. I've tried a chmod666 on the file and sent it to him again and he says it is still calling for a password
View 2 Replies View RelatedI have set up an Ubuntu box at home as a server (though using the desktop version as I wanted a GUI - may at some point use it for plugging a TV into etc to play meda), but want to be able to remote access files on it when away from home.
I have set up with a DYNDNS account and know how to route web requests to the server machine, but want to know the best way to have it share files so that they are accessible (upload and download) via a web browser. Ideally, it would run some sort of file manager-like interface, but as long as I can upload and download files, it doesn't matter if it is a bit rough. I have a folder set up as a Samba share, and just want it to access that (and its subfolders).
The only other thing I would need from it would be that it requires a password before it lets someone do anything, as it will be open to the wild (while I probably won't use port 80, open is still open...)
I get lpr from debian package center. I compile it ,and it works good on my computer but when transplantation it to my dev-board
i get this :
[root@loo:/]# lpd
lpd: 'lp' uid not in password file
[root@loo:/]# id lp
uid=4(lp) gid=7(lp) groups=7(lp)
[root@loo:/]# id root
uid=0(root) gid=0(root) groups=0(root)
but in the /etc/group, /etc/passwd, /etc/shadow which has lp
and /etc/group,/etc/passwd ,/etc/shadow was copied from my computer