When creating 10 samba users I also created Linux users. I do not want these Samba users to be able to use putty, winscp etc to access the server.
Do you know how I can restrict ssh access to specific users?
I would like to know if it is possible to deny the access to a file for root? Would ACL's be a possibility? I have "googled" around but haven't found anything interesting (except SELinux). I should secure a password file to an important database.
View 6 Replies View RelatedI have an ADSL modem and router, its OS is linux. It runs ftp service, and I can read files in its file system, but I have no permission to list files and to write files. It has TR069 protocol connections and can upgrade remotely.It has ssh, but not started.
View 1 Replies View RelatedI'm currently running a dual boot (VistaFedora 11) system. I've noticed that the first time I access files on the Windows partition (via Nautilus GUI) I'm prompted for root access. However, on subsequent attempts to access the Windows partition I am NOT prompted for root access (even after I close/re-open Nautilus). My concern is that I'm leaving my root access "open".
View 4 Replies View RelatedI temporarily placed a Back in Time backup into the root partition, by running it as root.However, I couldn't get it back out on the Desktop, so I opened a terminal window and ran 'sudo nautilus', which I now know should be avoided. I couldn't bring up "Properties" of the root folder, but I was able to open it and see the backintime folders. I then clicked on root, which was in the toolbar row "< root backintime" and was able to get full access to properties. I flipped folder access to "create and delete files" for Otherter disconnecting from the network, and moved the folder to the Desktop. So, is this correct or is it inconsistent that I could open root from the toolbar and not from the folder listing when opening 'filesystem'?
View 6 Replies View RelatedI just installed gufw and was in quite a hurry. A root acces prompt came up as I started gufw for the first time, and I quickly responded with appropriate password. All I saw in this hurry was that it had something to do with the usr/share directory.So, here's my question: Does gufw require root access when first starting up
View 6 Replies View RelatedI get the problem to acess root password when i am in user login, means wahen i am in user login and want to install software from terminal then he asked root password, when i supplied root password but he give me login incorrect.
View 2 Replies View RelatedI have tried to not allow root access and have created a wheel user.
Now I can not logged in as root.
Its okay but when am logging as wheel user and trying to access root then it says:
Code:
I have been trying to use my DS2490 USB to serial device with a Maxim .DG1921G thermocron with owfs. It is supposed to give me access to a virtual file system for the thermocrom without needing to launch owfs as root.
Code:
/var/log/messages gives:
Feb 8 16:22:45 norman-HP-G56-Notebook-PC kernel: [ 236.140141] usb 5-1: new full speed USB device using ohci_hcd and address 2[code]....
but if ds2490 module is loaded it works when run sudo.It seems from this that it is a lack of permissions to USB but I have tried all the methods on at http://owfs.org/index.php?page=udev etc. to overcome this and a few others but none work.I am running Ubuntu 10.10 kernel 2.6.35-22-generic #33-Ubuntu SMP
I have a question in regards to enabling root remote access to the server.I am trying to use the mysql workbenchit kicks back an error saying "Access denied for user 'root'@'10.x.x.x' (using password: YES)" But I am able to login locally on the server.How do I enable root to long on remotely from any workstation?
View 3 Replies View RelatedI have Centos installed as part of Strongbolt on a Cobalt RAQ550 Machine. The Admin password and the root password is supposed to be identical. However, I can only login as admin. If I try to access using root, the SSH session shuts down. If I enter another passowrd it gives the correct response and says incorrect password. If I login as admin and then try SU Root - It displays a list of commmand options for SSH and does not allow me to login.
View 1 Replies View Relatedubuntu terminal. I have installed mysql-server, but i have no access. I have set the password during installation process.
Used command:
mysql -u root -p
error message:
[code]....
I'm using squid version 2.7. The problem is when access.log is writing in new file for a new day, the access.log is written under "root" id, not "proxy" id. It caused the squid services not be running. I have to "chown" access.log to become "squid" id in order to run squid services. What I saw here is new access.log is written by "root".
View 2 Replies View RelatedI've tried every manual there is for creating new MySQL users ... but without success.
I keep getting
Code:
ERROR 1045 (28000): Access denied for user 'test'@'localhost' (using password: YES) even though I just created it with all privileges ... WITH a password that I DO remember .
Fortunately I still have access via the MySQL root user (so I try not to disturb that user, because I have had computers with THAT account not accessible as well - even WITH resetting the password via skip-grant-tables).
I have recently secured a server by preventing root from logging in via SSH. Now I log in with a non-root account and use 'su' when necessary.However, now I can't do something I used to do, which is open 'sftp://user@ipaddress' in nautilus and be able to edit files as root. Is there anyway to get nautilus to give me root permissions on the server? Or at least end up with root permissions in a GUI text editor on my computer? I don't mind if I have to use bash to start the process, once I can get a GUI for editing files.
Note 1: Yes, I realize I could ssh in and use nano/vi etc, but I'd rather use my graphical text editor.
Note 2: The server does not run X, so I can't just forward it.
I find FTP server software confusing in Linux. Using ServU for Windows for an example, all I need to do is to create users via the ServU interface and choose a folder I want that user to have access to and their permissions, and viola, they can connect to that directory, and that directory only.
But in the the land of Linux, it apparently can't be managed this easy. I have a web server with multiple domains, and therefore multiple users need access to their own web root. So with that in mind, what FTP server software should I use (there are plenty out there) and how would I go about to create a user per domain, so that they can log in using FTP to manage their site, and only have access to their own web root, and nothing else?
I did something silly and changed my root user access for mysql access to Any from localhost using webmin. I get an access dented when i try to open up the mysql editing page on webmin. Can any of you tell me if there is a way to change it back to hosts=localhost I am using webmin 1.5.30 on Centos 5.5. I am hoping I can change it by command line or if I can access the config files and change it that way?
View 2 Replies View RelatedI'm new in UNIX & trying to access the server using SSH but I encounter this error PAM Authentication Error. I use edit /etc/ssh/sshd_login & set the PermitRootLogin to yes. But didn't work. I used this command ps -ef | grep sshd & saying Process environment requires procfs(5). I don't know what to do now. What I want is access it by SSH but I got Access Denied. [MOD]Pruned from [URL]. create your own thread instead of resurrecting a five year old one.[/MOD]
View 1 Replies View RelatedIs it possible to restrict root logons to the SSH server to just a single ip address (or maybe a range?) I have other users connecting to the server daily so restricting ALL access to a single ip i cannot do. I need root enabled (for my own reasons) but want to lock it down a bit more.
View 9 Replies View RelatedYes, I know this is not a good practice, and this is only a short-term solution.I have a server with a web-file-server daemon running internally as root, so the permissions for all files it transfers/creates have a uid/gid of 0:0.This is fine for the daemon, but I would like to manage those files from another workstation - actually a few workstations on a very limited LAN subnet - through NFS. How would it be possible to have users from a certain subnet mount NFS with root read/write abilities?I have seen the anonuid/anongid options (for the /etc/exports file), but I'm not so sure this is the right way to go.
View 5 Replies View RelatedI'm trying to find a file access honeypot for our Fedora server.That is, if a local file is accessed, it should notify someone. Plain and simple..
View 8 Replies View RelatedAt our company we have a central server with client files. This server has a SSH server installed, and through Nautilus all employees can access the files. However, I have a few questions:
1. Most employees need access to all folders, because they might use them at some point in time. However, I want to make sure they are not accessing things they do not need. How can I do this? For instance, if somebody copies all of the folders to his/her computer, I want to be able to see this in some sort of log. Can this be done? Copying and accessing in general is what is of my concern.
2. Some employees only need access to specific folders. Can this be easily configured with SFTP?
3. Some also use SSH and type commands which I want to check every now and then (e.g. to make sure an intern is not again copying information or accessing folders they should not be in). What is a good way to do this?
on the following link [URL] section 2 says
Quote:
The following directories need to be readable, writeable and executable for everyone:
* dokeos/main/inc/conf/
* dokeos/main/upload/users/
* dokeos/main/default_course_document/
* dokeos/archive/
[Code].....
I am not at all convinced by the idea of giving permissions to read,write and execute as these Learning Management Systems say. Let me know what you people have to say? What is the best practise in such situations? I have to get all these LMS run on same web server.
a friend of mine is doing a small website-project in school (group of ~6 people). They want to use git as VCS and need acces to a server. I have an account on the server from university, but - of course - no root access.
I could create private/public keys for them, to SSH into my account, but I don't want them to have this power I found 'git-shell', which seems to be used for restricted access with git (although I'm not sure whether I understood the functionality).
My question is: Is it possible to configure SSH keys in that way, that the server runs them (and only them) in git-shell in a specified directory (using ~/.ssh/{config,authorized_keys})?
So that they can
- log in with their SSH key
- use git, execute scripts etc.
- use git push/pull from their private+school PC
- work only in a specific directory (like chroot) eg. ~/web-project/
[Code]...
We want to set up a Linux server (hosting Git or later SVN repositories) which should have all stored data strongly encrypted, so that if one steals the server the data cannot be read. For example, our notebooks have all important data stored on a "true-crypted" partition.
We plan to access it with SSH private keys and only after successful login should the data be readable. The server would be located in our office, shut down at night and not be connected to the Internet directly, but only accessible in our intranet.
I was looking for a way to protect my samba server for limiting access to certain domains.Can I use the parameterhosts allow = example.comor something like that or is there another way to do the job for domains
View 4 Replies View RelatedI have CentOS 5.5 distribution with Dom0 and DomU installed. I try to access Dom0 files during vsftpd server from DomU during ftp client. I successfully login with root and simple user, but when I try to list (or cd to some directory) in user home the SELinux prevent it from me. I get this in audit.log:
[Code]....
I'm trying to limit access to port 8443 on our server to 2 specific IP addresses. For some reason, access is still being allowed even though I drop all packets that aren't from the named IP addresses. The default policy is ACCEPT on the INPUT chain and this is how we want to keep it for various reasons I wont get into here. Here's the output from iptables -vnL
[Code]...
Note the actual IP we are using is masked here with 123.123.123.123. Until I can get everything working properly, we're only allowing access from 1 IP instead of 2. We can add the other one once it all works right. I haven't worked with iptables very much. So I'm quite confused about why packets matching the DROP criteria are still being allowed.
I set up a servber on my local machine, & also PHp - Both working fine.I'm trying to load up MYSQL i have installed it, & *can* start/stop the server. however if I do anything else with it, I get this error :-
Quote:
root@gordon-desktop:~# sudo mysqladmin -u root -h localhost password MYPASSWORD
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
Query :-
1) How do I know MYSQL is actually active ? (apart from the message it says that its statrted (or stopped).
2) Is there a way to
a) Find out the usernames that are recorded on the MYSQL server ?
b) set / RESET the 'root' username (I know MYSQL root user is different to PC root user)
c) anything else I can do on the PHP / website code to see if MYSQL is working
(as yet, no tables / databases etc have been set up - as I can't get past this error message - I get the same error when setting up a database.)
Ps I did allow my usermname (when logged in to ubuntu) to edit / create files in the /usr/www/ directory (but it is still OWNED by 'root' - that directory)
want to run VirtualBox with root permissions. Trouble is that only when run as root i can access attached USB devices inside of a virtual machine, otherwise, these a greyed out).Now running VirtualBox as a root user also changes the configuration folders, making all my virtual machines already defined disappear. I also don't want to copy all to the root configuration folders. Is there a way to give the VirtualBox root permissions but without actually running the application as a root user. Is it possible to do without changing the permissions of the non-root user, i.e. i don't want my user to have all root permissions, due to security considerations.
View 1 Replies View Related