My case is that, the LADP user connected could not login via SSH. This user could login in the system console. And all the other users could login within ssh. And I was wondering whether any one could suggest which place to check next. And here is the detail: I was using SUSE 11.3 when I met this error. PAM module is used, and the corresponding files in /etc/pam.d/ have all been updated. Here is what I've added:
I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.
And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.
I am a new Linux user and have a question about the administrative authentication. When I am logged in as a user and I need to do something that requires root privileges the little password window comes up and I enter the root password. My question is how long are the root privileges granted for?I noticed that a few minutes after finishing checking out the firewall configuration tool and closing the window that I was still able to re-enter the fire wall tool and other administrative tools. How do I log out of the root privileges without logging out and then back into my account?
I recently set up a family computer for a friend, and now his son is "experimenting" with the terminal (randomly entering commands). since he could accidentally do something bad, I am supposed to prevent him from using terminals, but only as hi user. I tried vlock and away, but with vlock it says 'this terminal is not a virtual console', and away can't seem to lock all consoles.
Second off, I'm trying to capture a user password on login (through gdm) such that I can re-use it for a service like Kerberos or AFS. The idea is that the user has to log in only once, and then I renew the tickets and tokens until they log out again. If there's a better way to do this
I am trying to disable accounts after 5 unsuccessful login attempts. I am following the guidelines in this article:
This is on an Oracle Enterprise 5.4 box, which is essentially RHEL 5.4 Here is what my /etc/pam.d/system-auth looks like:
-------- #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run.
Unfortunately, the account does not seem to be locked or disabled. As root, runninng 'su test2 -c <some-command>' always sucessfully runs <some-command>, and leaves the failed attempt count at 6. /etc/shadow does not have an * or ! anywhere in the encrypted password for the 'test1' user.
What am I doing wrong? I thought that with the max attempts set to 0 in faillog, that the deny= parameter would be used. I thought I should be using su <user> -c <command> from the root account to test if the disable feature is working.
I have a problem with my ubuntu account. I am running 4 virtual machines, based on jeos-8.04 and I am using a public key authentication to login to my account (via ssh). This is not the problem, I have the key and the passphrase. But when I am logged in, I can't sudo, because I forgot the password for the accout.
I get the problem to acess root password when i am in user login, means wahen i am in user login and want to install software from terminal then he asked root password, when i supplied root password but he give me login incorrect.
while hardening a red hat enterprise 5 installation I have done something that causes the sessions of all user accounts except root to close immediately after authentication. in the /var/log/secure log file it will show three log entries per attempt:
<date/time><hostname> login: pam_unix(login:session): session opened for user fred by LOGIN(uid=0) <date/time><hostname> login: LOGIN ON tty1 BY fred <date/time><hostname> login: pam_unix(login:session): session closed for user fred
Since I did a number of things and have not been able to identify what caused this.
My goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.
The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.
I am using Red Hat and was wondering how to disable username and password only login and require that a PPK secure key file be used for authentication ? I can log in using the secure private key and the public key that is in ~/.ssh/authorized_keys but i can still log in using the plain username and password login.
After my last upgrade from 10.? to 10? my users' (kids) were unable to login. I tried to fix it and could not find anything wrong. Now I have upgraded to 11.? and the problem persists. The users could still login by selecting an older version at the prompt during boot up.
I deleted there account and reinstall the user and still they could not login. I added a completely new test user and could not log that one in either. The system excepts the password, waits a several seconds, then the mouse curser changes to the spinning circle. The hard drive lights flash for many seconds then eventually the hard drive stops flashing. I have let it sit a long time and it never continues. Tonight I came home tried to login and it is doing the same thing to me tonight. I ran fix packages, fix grub and everything else I could think of and could not log in.
Finally I logged in to the oldest version on there and it let me in.? The screens are all the same but the desk top is entirely different? I have never seen one like this. I think its like the new version of fire fox, with every thing moved around. Icons down the side. Menu's hidden at the top? I can probably get used to that but I need to able to login, and my user's to login?
I wanted to set up Computer Lab. loading Fedora 11 OS and one system acting as a Server to store Users(Student) Login Informations. When students do a programs, all programs (eg, C++ programs) files should be saved in the local fedora system but when login to the system, the login should be validate by a Server System.
I was apparently invaded this morning via my private FTP server. The invader logged in with my user name and apparently knew the password for the account,The system is Hardy LTS 8.04.4, fully updated. I have backups that pre-date the intrusion, stored on another system, so am not totally averse to reformatting and reloading everything -- although I'd like to avoid it if possible.The "passwords.txt" file contains only a few passwords for online forums, including this one; it does not include anything critical such as banking information. I'm most concerned about the implications of the ssh config data...
After upgrading FEdora 13, user ravi was added. Then after few days neel was added. Both of the users were already existing. So when attempting login to neel, we found that every file is owned by ravi. So we did$chown -R neel:neel But after that problem started and when we rebooted the machin, there were no list of users on login screen. (then I connected to that comp remotely, it worked, but somehow I was not able to switch to root) It says incorrect password (though I new it very well). So I went to maintenance mode and changed the root password, and rebooted. Still problem persists.Now I am not able to login as root (from anywhere, login screen , terminal, remote)No list of usernames on login screen ( but i can choose, other and type login-password)
I have just upgraded my laptop from F8 to F10, and I am unable to login to the system as root user.At login, it provides 2 options, one is the user I created and another called 'other'.On selecting 'other' and providing uid/passwd as 'root/<rootpassword>, it says "Unable to Authenticate User"!!However, when I tried to access my windows partition, it happily accepted the root password
I created an account using the following command:#useradd -g developers john and successfully changed the user password with:#passwd johnThe user is unable to login using the New Password using SSH. As a root I can login (#su - john) with no problem.
I am unable to login as normal user. I am sure that my password is correct. What are the possible reasons behind this and also the solutions. My /etc/password and /etc/shadow files are good and my login haven't set to /etc/nologin.
Actually this a question asked to me by a Novell(Suse Enterprise Linux) Regional manager.
I am having Opensuse 11.0. Recently I upgraded my system including kernel. Now I am unable to login in X as user. However I can login as root and working perfectly. I can login as user in failsafe as well as after pressing ctrl-alt-f1 when login screen appears.I have tried following---1. Emptied /temp folder and 2. deleting and adding user.
I have now been trying to find an answer for the following for a while and can't seem to get anything.On previous linux distros we had the option available "passwd -e" which allowed us to force the user to change their passwords upon the next login.s functionality however seems to be excluded from latest linux distros (currently using RHEL 5.4)...Does anybody know how the same effect can be achieved and perhaps any idea on why this option was removed as it was great for securing passwords
If I'm getting good at anything with Fedora, it would be making mistakes. I have Fedora 12 installed and it was running fine until I attempted to set the path in bashrc and cshrc for jdk. Now I am unable to login using the only user account I created at install. When I enter my password the login screens goes blank then my mouse pointer appears with the circling dashed loading symbol for a few secs and then brings me back to the login screen asking for my password again.