Security :: PAM Module - Allow A User To Connect To A Server Via SSH With Any Login Name Or Password
May 5, 2010
My goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.
The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.
View 2 Replies
ADVERTISEMENT
Dec 14, 2010
I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.
And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.
View 9 Replies
View Related
Apr 4, 2011
Second off, I'm trying to capture a user password on login (through gdm) such that I can re-use it for a service like Kerberos or AFS. The idea is that the user has to log in only once, and then I renew the tickets and tokens until they log out again. If there's a better way to do this
View 4 Replies
View Related
Aug 26, 2010
I have a problem with my ubuntu account. I am running 4 virtual machines, based on jeos-8.04 and I am using a public key authentication to login to my account (via ssh). This is not the problem, I have the key and the passphrase. But when I am logged in, I can't sudo, because I forgot the password for the accout.
View 6 Replies
View Related
Mar 16, 2011
I have now been trying to find an answer for the following for a while and can't seem to get anything.On previous linux distros we had the option available "passwd -e" which allowed us to force the user to change their passwords upon the next login.s functionality however seems to be excluded from latest linux distros (currently using RHEL 5.4)...Does anybody know how the same effect can be achieved and perhaps any idea on why this option was removed as it was great for securing passwords
View 5 Replies
View Related
Dec 29, 2010
How to allow a user to login without entering a password?
If my question sounds wierd then check out m-net at www.arbornet.org/m-net.php and see how it works.
Telnet / SSH to m-net.arbornet.org and type in newuser and it won't prompt for a password.
View 11 Replies
View Related
Aug 10, 2010
Not able to login to a user account, even after clearing the password from root using passwd -d
[root@ivrsdb1_pnq /]# passwd -S oracle
Password locked.
[root@ivrsdb1_pnq /]# passwd -u -f oracle
Unlocking password for user oracle.
[code]....
View 3 Replies
View Related
Mar 18, 2010
I wanted to set up Computer Lab. loading Fedora 11 OS and one system acting as a Server to store Users(Student) Login Informations. When students do a programs, all programs (eg, C++ programs) files should be saved in the local fedora system but when login to the system, the login should be validate by a Server System.
View 5 Replies
View Related
May 4, 2011
i changed my password and whenever i log in i get a message that ur login keyring password and user password do not match, so how do i change my login keyring password!!
View 1 Replies
View Related
Jun 14, 2011
everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?
View 4 Replies
View Related
May 19, 2010
I have a NIS server and a web server as a client. I have a regular linux user (without root privileges) "techsupport1" on NIS server.
On the client web server, I have root user, and my clients. Now what I want to achieve is, allow my user "techsupport1" to access the web server, but instead of logging in using root user, I'd like the client to use username "techsupport1", but in the same time, give that user root privileges on the web server (client). The reason, is that I have more than one user who need to manage the web server (client), so I want to be able to clearly see in the bash_history, who has been running what commands. right now, when I login as a techsupport user to the web server (client) from my NIS server
[code]...
I don't have root privileges, also my gid is matching to gid of a customer who has the same 517 on the web server. How can I configure, so when a tech support agent 1, logs in to web server, NIS grants root privileges, but keeps the techsupport username?
View 2 Replies
View Related
Jul 23, 2009
I am an absolute Linux Beginner who is being required to do a bit of admin work because the boss just fired the old linux admin. Unfortunately, one of our employees cannot remember her password to her email account and as such I need to reset it on our linux server.What I want to check is that this email account is actually a linux user account and I simply will reset the password for it using the passwd command from the root login. Is that correct?
View 1 Replies
View Related
Jun 1, 2010
I want to do setting in RHEL5 such that user should able to change his password only once in a day.I have changed the fourth field (i.e. minimum number of days to change) in in "/etc/shadow" file for "root" to "1". But its not working. I am able to change the password of "root" using "passwd" command.Any one can help me out on this issue
View 5 Replies
View Related
Jun 18, 2011
My bose ask me to convert a CentOS system password like "LMPQSMTE0nHlQ" to postfix MySQL MD5 Hased password, I find CentOS seems has 2 kinds of password form, one is shorter and the other is very long like"$1$C2MSk16n$WT5JWnzYH7XpCCjsiE2bd1", however I find postfix is exactly the later long one, so does any one know how to convert the short form to the later one
View 1 Replies
View Related
Jan 19, 2011
I installed linux system into a USB stick, but it never asks me to enter login password (i am the default user "root") when booting. I checked the settings in "User and Group" panel, and found everything there is OK. What additional settings should I make to this problem?
View 4 Replies
View Related
Feb 11, 2010
My desktop won't come up automatically now on a hard disk of mine (see below for the Ubuntu version history). It does boot up with Grub etc; then the Ubuntu load up bar thing with the timer spinning around [I hope you can understand this technical language!] goes through ok but then instead of getting the user interface with the little boxes to enter my login and password, the whole screen is in black (as if it's in Terminal mode). This black screen then asks me for my login and password: when I entered them, it said:
Starting up......loading, please wait
19 + 0 records in
19 + 0 records out
kinit: [followed by a load of technical stuff and a series of numbers]
kinit: trying to resume from /dev/disk/ by-uuid/9b [then a whole series of numbers]
kinit: no resume image, doing normal boot.
[Code]...
View 2 Replies
View Related
Nov 9, 2010
Not sure how to do this on 9.10. After upgrading I noticed that the login screen is displying the users of the machine; however, I want to login screen to ask for username and password, without showing the users.
Is there a way to get the login screen to disable the saved users? Or a way to make the login screen ask for username and password?
View 2 Replies
View Related
Feb 26, 2011
With
Code:
sudo -u -i user
I can access their shell, but I how do I login into a gui?
By the way, how common among all the commands is the ability to combine options that do not require arguments in a single block after - ? I.e., sudo -i -u to sudo -iu.
Also, what happens when root is disabled and a basic user sudoes? A threat is displayed and mail is supposed to be sent to root, which is disabled, so?
View 5 Replies
View Related
Aug 31, 2009
Ubuntu 8.10 does not ask for a password to login. I have only one user set up. I have set the user password from System > Administration > Users & Groups. Still does not ask for password > logs in straight away.
View 2 Replies
View Related
Dec 27, 2010
i use ubuntu 10.04, is there a way to set two passwords for 1 user account
View 2 Replies
View Related
Jan 18, 2011
My daughter has forgotten her password on our desktop system. Note this is not the admin user (me) so I can sudo nautilus to recover her files. All info online seems to pertain to recovering administrators password is there any way of recovering a non admin password? Ubuntu 9.10 but about to be upgraded 10 10.
View 3 Replies
View Related
Feb 19, 2010
Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.
Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.
View 3 Replies
View Related
May 8, 2009
I just installed Fedora 10 on my laptop 2 days ago. I dont seem to remember the password i userd for my username. Is there a way to reset or change the password? I cannot login to the system.
View 4 Replies
View Related
Jan 20, 2010
Found a major security hole in one of my more crucial linux servers today. (Only locally) I can use the user name "root" and any string for the password. So I can literally type "poop" as the password and the server lets me in. I know how to set root password settings for SSH and sudo, but where are settings located for local access that would allow something like this?
View 14 Replies
View Related
Nov 25, 2010
Kernel 2.6.21.5, Slackware 12.0
GNU bash 3.11.17
Being in a text console (VT, that is, the screen with 25 x80 chars), say tty1, and just after booting linux, I logged in as usual,typing my password.What happened then astonished me. In Slackware distros, a small quotation from some book is written on screen just after typing the correct password. Well, after typing my password, I could see it split into two halves instead of the quotation.
View 13 Replies
View Related
May 5, 2010
There is this one server running CentOS5.4 Final which has certain application like Bugzilla. I have setup ssh on it and setup is for password less authentication. Have also setup PasswordAuthentication to no. So with password authentication should succeed. But it is. Though password less authentication is working fine, but I am also able to login using password.
Code:
RSAAuthentication yes
PubkeyAuthentication yes
PermitEmptyPasswords no
PasswordAuthentication no
View 4 Replies
View Related
Sep 30, 2010
I was just wondering about logging in to my remote server via SSHv2.
But I want to set a passphase key but not make the server ask for it when logging in, would this at all be possible?
I am well aware I may leave it blank but doesnt this pose a security threat possibly?
I have heard somewhere that you can get Linux Centos 4.8 to do this
View 1 Replies
View Related
Jan 26, 2010
I accedently typed in a command in the terminal that made my computer load up without typing in user name or password. i would love you have that back. is there a command that you can use to get back there login screen. i am using ubuntu 9.10. i also dont know what the command was that i typed...
View 1 Replies
View Related
Dec 22, 2010
One of my users has a bit of a problem. I forced password change for this user, and the user thought that it was simply asking for the password again. I had to use my godlike powers to change the users password again. And here comes trouble.The user cannot log in. The system accept the password and we can see the background screen and some messages, but that is all.Quote:Could not update ICEauthoroty file /home/user/.ICEauthorotyQuote:
There are problems with configurationsserver.(/usr/lib/libgconf2-4/gconf-sanity-check-2 exit with status 256)Quote:Nautilus couldn't create following folders necessary: /home/user/Desktop, /home/user/.nautilus.Please create these folders before you run Nautilus, or set permission so Nautilus can create them
View 4 Replies
View Related
Jan 12, 2009
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies
View Related
