Security :: SSH User/passwd Or PPK Secure Key?
Apr 22, 2010
we are trying to make a policy decision whether to go with SSH user/passwd or PPK secure key ? our servers are hosted remotely by a hosting service. we were wondering which of these two models are more secure.e.g. i would tend to think that user/passwd with account lockouts upon failed attempts would be more secure because the other option exposes your server in case someone sneaks the PPK file or steals your whole computer.however, what makes me doubt myself is that Amazon Web Services EC2 cloud hosting uses PPK by default (although an instance's SSH config can be change to accommodate logging in but they don't endorse it).
View 3 Replies
ADVERTISEMENT
Apr 23, 2010
I am using Red Hat and was wondering how to disable username and password only login and require that a PPK secure key file be used for authentication ? I can log in using the secure private key and the public key that is in ~/.ssh/authorized_keys but i can still log in using the plain username and password login.
View 2 Replies
View Related
Jul 28, 2010
In what cases would a user appear in /etc/shadow and not /etc/passwd
View 2 Replies
View Related
Jan 26, 2011
Is it possible to log in secure shell (openssh ) using a username and password which is not present in "/etc/passwd" .The shell created after authentication should be owned by the logged in user . Is it possible to store the user infromation like uid , gid , home dir , shell in some remote machine instead of /etc/passwd and then retrive the these these information when a session is created for the logged in user .
View 2 Replies
View Related
Jan 14, 2011
we know that /etc/passwd - is a replica of /etc/passwd file and acts as a backup in any damage done to /etc/passwd file..i have observed a strange thing in RHEL 5.4....for example... if /etc/passwd has 100 accounts.. then /etc/passwd - is having only 99 accounts....when i add 101 useraccount with "useradd" then /etc/passwd has 101 accounts and /etc/passwd is having the 100th account of /etc/passwd - ..when i delete /etc/passwd and recover it with /etc/passwd - from runlevel 1 the lastly created user is not having his account after recovery.. what is the solution? this is same case even with /etc/shadow and /etc/shadow -
View 2 Replies
View Related
Apr 13, 2010
perform below activities please guide how to do perform below activities.Make sure the Guest account is disabled or deleted.-Disabled or deleted anonymous accessSet stronger UserID policiesSet Key Sensitive UserID Default enable in linuxCombination of numbers, letters and special characters (*,!,#,$,etc.)
Status of UserID
Type
User Name
[code]....
View 3 Replies
View Related
May 7, 2010
I want to restrict a user accessing my ftp site.
1) i can block the user in ftp configuration file
2) i can block the user in PAM or /etc/host.deny
i heard that if pam is denying the user and ftp is allowing the user the user can get the access it means that ftp conf file is stronger than host.deny
View 6 Replies
View Related
Dec 1, 2010
I'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
View 1 Replies
View Related
Oct 15, 2010
One user in my company wants to run some flush cache queries on a MySql database, it needs "reload" privileges of Administration, how secure is to give this rights to a normal user ?
View 2 Replies
View Related
Dec 20, 2010
All servers mentioned below run OpenSuSE, either 10 or 11.I am currently working on a few scripts that are meant to be used as part of a continuous integration setup. I am trying to keep these scripts reasonably secure, and so I have made sure that all the servers run these scripts only as a specific user (user1) that has permissions to basically nothing else. The problem I am currently running into is that I need to start and stop tomcat as user1 but this user doesn't have permissions to the tomcat rectory (only tomcat has execute permissions). I have a temporary workaround in place while I work on the scripts (I have an SSH key in place that allows me to SSH from user1o tomcat without a password and execute my commands that way) but it is not very secure. I have tried adding the following line to /etc/sudoers:
Code:
tomcat localhost = NOPASSWD: /opt/tomcat/bin/startup.sh, /opt/tomcat/bin/shutdown.sh
but it doesn't work as I expected it to. I tried a few different syntaxes for that line,
[code]...
View 6 Replies
View Related
May 16, 2011
I have just got my Openldap server up and running howerver, I admit I'm a little confused about authenticating a client mechine to the server. When I create an account on the ldap server, does this mean that the server creates a user account in the /etc/passwd, or somewhere else on the server?
View 2 Replies
View Related
Oct 15, 2010
How we can take username from the /etc/passwd which have UID more than or equal to 500.
View 3 Replies
View Related
Mar 8, 2011
Is there anyway to have a different password for login and root? For example, my account is Bratu. I want a login password: ABCD and my root password: EFG
View 1 Replies
View Related
Mar 25, 2011
How I can do a ftp connection putting the user and passwd, and I would do! Today, I need to know how can I do this, but in SFTP!
View 1 Replies
View Related
Feb 4, 2010
I started to work on building a ftp by vsftpd in our lab (that's only for our lab members). I am going to setup some the virtual users for each of the member. We have a CentOS5 (without upgrade after the fresh installation). I try several ways to setup the vsftpd for virtual users. 1) with db4 2) with mysql 3) without database and use htpasswd. But all fails. Actually, I don't want to use database, so I am going to find out the reason of failure on 'htpasswd' method
My vsftpd is installed in /etc/vsftpd (for only using ftp account, it is no problem to login).
1) I setup an account called vftpuser and build the corresponding home (/home/vftpuser), and then I setup another account call usera and also create a directory within /home/vftpuser.
2) I use htpasswd to add passwd to usera and store the passwd in /etc/vsftpd/passwd.
3) I added the name of usera to /etc/vsftpd/user_list
4) I create a directory /etc/vsftpd/user to store a unique conf for each user (for usera, the conf named usera) which contains the local root for users, which is
[Code]....
View 1 Replies
View Related
Jul 2, 2010
I work for a seismic company that has recently experienced a security issue. Because we have an isolated network that is used for HPC work we have a very open security structue ie password less accounts rsh rlogin etc. We had, seemingly,a user that has maliciously deleted another user's files but I still haven't figured out how. So far I have been able to prove that this user has remotely logged into another host under that user's account... or at least that their workstation did. The /var/log/message file shows logins from their workstation as that user multiple times durring the times that these files were being deleted. There are wildcard searches for these files in the history in this host. There is a vi session initiated on this host for a file called delme (delete me) and then a chmod +x for this file. and then a deletion of this file (rm delme). Funny things: this user has no business in this acct. this user was bounced off the other host (permission denied) when trying to log into the other host and then as root logged into the other host as the other acct. repeatedly... ie. rsh -l xxx (permis den) then as root rsh -l xxx (logged in) why not su xxx and then rsh? password less acct?! why use root privs (which they sholuld not have) to log into a passwd less acct? Can't see any remote logins to their workstation from elsewhere. can't find smoking gun. no execution of delme script or any other rm /*/xxx/* sort of command that proves when file deletion of striped files happened?!
changing root passwd soon.need proof that no remote logins to a CentOS 5.3 workstation could be responsible.
Could mean someone gets fired.how can I be sure that no other users logged into this machine and then into another machine for sure?
View 2 Replies
View Related
Sep 24, 2009
I am trying to write a remote access module. Is there any function in linux where I can give string (password entered by user) and compare it with the actual user password stored in /etc/shadow. Since the password is stored encrypted in /etc/shadow I cannot parse and compare. So I want some method to compare if my user entered the correct password..Is there any function for that..
View 6 Replies
View Related
Jul 11, 2010
I seem to be missing a secure.log or security.log file. I have Ubuntu 10.04 and can't find this file. I looked in the /var/log and ran a search command to no avail. Does anyone know where this file is or is it called something else. I'm looking for a file that logs any change to the security settings of the system.
View 1 Replies
View Related
Feb 18, 2010
is it possible to create a shell script that adds user and password in the passwd and smbpasswd?
View 3 Replies
View Related
Dec 25, 2010
when loggin as a normal user and search for a file passwd under /etc. i get few errors with permission denied.how to ignore this permission denied errors.
csh hostname 109 % find . -name passwd
find: ./lvm/backup: Permission denied
find: ./lvm/archive: Permission denied
[code]....
View 4 Replies
View Related
Aug 10, 2010
Not able to login to a user account, even after clearing the password from root using passwd -d
[root@ivrsdb1_pnq /]# passwd -S oracle
Password locked.
[root@ivrsdb1_pnq /]# passwd -u -f oracle
Unlocking password for user oracle.
[code]....
View 3 Replies
View Related
Mar 13, 2011
i have just updated to openSuSE 11.4 [64 bit]; rkhunter is giving these Warnings :
Warning: User 'rtkit' has been added to the passwd file.
Warning: User 'pulse' has been added to the passwd file.
Warning: User 'statd' has been added to the passwd file.
Warning: Changes found in the group file for group 'audio': User 'pulse' has been added to the group
Warning: Group 'rtkit' has been added to the group file.
Warning: Group 'pulse' has been added to the group file.
Warning: Group 'pulse-access' has been added to the group file.
Warning: Suspicious file types found in /dev: /dev/shm/initrd_exports.sh: ASCII text
Warning: Hidden directory found: /dev/.sysconfig
Warning: Hidden directory found: /dev/.mount
Do these look Normal, Are these False-Positives??
View 4 Replies
View Related
Feb 21, 2011
I want to change my user name, pretty my replace my user name completely so that it is reflected all around the OS. What is the less dangerous and most secure way to do it? I guess I can create a new user copy stuff all over but if there is an easier way I am going to prefer it.
View 7 Replies
View Related
Dec 23, 2010
How to Centos 5.5 very secure for mail server. how to its performance very fast.
View 2 Replies
View Related
May 30, 2011
how to secure opensue? Or point me to some good articles etc?
View 9 Replies
View Related
Jan 26, 2010
I set up my ubuntu server with iptables that only allows ssh in the input chain (and of course established connections) with only the mac adress of my laptop allowed to connect, set up a key with a long passphrase and installed pam_abl plugin. ICMP echo is blocked by default.
The only problem is i log all other attempts to connect to the server and i see a lot of traffic going to ports 445 and 5900.
My question is: Is there a possibility that these attempts could succeed and is there any way to further ensure this server?
View 9 Replies
View Related
Feb 11, 2010
A) Pc-bsd
B) Ubuntu
And also which OS is more reliable?
View 9 Replies
View Related
Mar 11, 2010
How can i secure grub 2.0 ? with grub 1 just do : grub-md5-crypt then we write password --md5 <crypted_password> in /boot/grub/menu.lst
View 9 Replies
View Related
May 10, 2010
Is it possible at all to secure transmission?
View 9 Replies
View Related
Jun 14, 2010
Newbie here,
I'm thinking of moving mostly to linux to get away from the security holes in Windows. And I have some questions...
How secure is Firefox for doing online banking?
Sometimes I have run into a situation where the bank doesn't support anything but Windows explorer when accessing my accounts. Can this be gotten around safely in Linux?
If so, How?
View 9 Replies
View Related
