Security :: Lock Out Logins At The Console?

May 12, 2009

Is there a way to lock out logins at the console? I ask this because I can not login at the console but can remotely login to the system via ssh. I'm guessing I blindly implemented a security option and didn't know what I was doing when I did it.

View 2 Replies


ADVERTISEMENT

Slackware :: Automatic Logins To Virtual Console Using "a C Login Program" Method

Mar 23, 2010

I've been using this howto to set up automatic logins to virtual console using "a C login program" method. In slackware64-current updated till january it prompted me to enter a password before logging in, while now after installing latest updates and kde 4.3.5 from current it logs in automatically without any prompting.

View 3 Replies View Related

Security :: Detect All User Logins?

May 25, 2011

I would like to detect every login on my server. Not only ssh logins (virtual terminals) but also physical logins.There is a way to use nagios or a script to watch log files.But I would like to know is there a way to catch that information one step before.I thought about watching /dev/pts for changes but that is not different than log watching and everything does not appear in /dev/pts like a ssh tunnel (ssh -N user@server). These are only visible in logs because ssh tunnels do not open terminals.But I would like to be able to catch these on login.

View 8 Replies View Related

Security :: Monitoring Ssh - How To Get IP From Failed Logins

Nov 30, 2010

How do I monitor who is ssh'ing into a box (SLES) as well as failed attempts? How can I log their IP addresses, even if they're not in DNS?/var/log/messages I see their hostname but no IP address

View 13 Replies View Related

Security :: Setting Up Secure Remote Logins

Jun 17, 2010

I'm trying to secure the CentOS servers on our company network as the current situation is, shall we say, less-than-ideal: remote root logins with the same password across several servers (behind a firewall, on non-standard ports, but still) and several key processes running as root. My proposal to amend this consists of the following:

- setup a bare as possible SSH-gateway with only the normal user accounts to handle remote access
- disable the root login from anywhere else but LOCAL and create special accounts with root permissions for our ~4 system administrators, like admin.foo admin.bar that can only login from inside the company network, using SSH-keys.

So far my biggest obstacle seems to be creating the administrative users, how do I go about and do that? When I simply create a user adminfoo with uid=0 it will show on my shell as root, which makes it useless as a way to make our admins accountable for their actions. BTW, my initial proposal to use sudo unfortunately met with strong resistance, because it compromises usability.

View 7 Replies View Related

Security :: Huge Number Attempted Ssh Logins?

Sep 12, 2010

Lastb often shows me a huge list of attempted ssh logins.Such as this excerpt:

Code:
admin ssh:notty Sat Sep 11 23:47 - 23:47 (00:00) 184-154-37-12.Huge-DNS.COM
root ssh:notty Sat Sep 11 23:47 - 23:47 (00:00) 184-154-37-12.Huge-DNS.COM

[code]....

View 14 Replies View Related

Ubuntu :: Timed Lock On Virtual Console?

Mar 2, 2011

Something I find myself doing every once in a while is using Ctrl-Alt-F[x] to switch out to a virtual terminal, and the Alt-F7-ing back to X without logging out.

While I don't anticipate that too many people that might have access to my computer would know how to switch consoles, there is still some degree of security risk provided by a logged-in console session. I've found vlock, but that seems to lock the console immediately when called, rather than running as a daemon that locks inactive consoles. (Even it's -t option just gives a timeout before an optional (and separate) text-mode screensaver package activates, rather than an inactivity timeout).

Is there any vlock-like package out there that provides the timed locking services for text consoles that XScreenSaver provides for X? Either a lock on timeout or a lock on switchaway setup would be adequate.

View 4 Replies View Related

General :: Lock The Console After 5 Minutes Of Inactivity

Sep 16, 2010

How would i force The server console to be locked automatically after 5 minutes ?

I want it to happen for X as well as terminal session of the machine.

My Linux distribution details.

Code:

View 13 Replies View Related

Fedora Security :: Get Pam_tally2 To Block Failed Logins With Ssh?

Aug 1, 2011

I have been trying to get pam_tally2 to block failed logins with ssh. No matter how many failed logins I do I can still log in with the correct password using SSH. Anyone have this working?

Here are the configuration I am using. I have put this in sshd and password-auth-ac.

auth required pam_tally2.so deny=3 file=/var/log/tallylog lock_time=180 unlock_time=1200 magic_root account required pam_tally2.so magic_root In the /var/log/secure I do see messages related pam_tally2 and the counter going up.

View 1 Replies View Related

Security :: Failed Logins Are Logged To Syslog With The Login Id Set To UNKNOWN Or UNSET?

Jun 10, 2011

Failed login attempts are logged to syslog with the user id or login id set to UNKNOWN_USER or UNSET.Anybody know if this is configurable. I would rather it just pass the actual id that the user used. Doesn't matter if it exist or not, just want to know if someone is guessing at user names and what those user names are

View 1 Replies View Related

Ubuntu Security :: Hardened Baseline - Hook The Logins Into Either Enterprise Kerberos Or Active Directory (yuck)

Dec 14, 2010

I'm tasked with creating a base image of ubuntu (one for server, one for workstation) that is locked down and has all the fluff taken out (naturally workstation will have more fluff left in it than server). Task list looks about like this:

1. Create list of deb packages "allowed", write script to list/uninstall everything else.

2. Hook the logins into either enterprise kerberos or Active Directory (yuck).

3. Write scripts to check things like setuid/setguid, disabling su, checking sudo permissions, configure iptables, etc.

4. Use a scanner to scan the system from outside the system (was thinking of using backtrace).

5. Custom-compile the kernel to strip out all the unneeded modules.

Before embarking on this awesome task I figured I'd check with you guys to see if you know of some resources that would make this task easier/quicker. I'm sure someone out there has already headed down this branch.

PS My boss *loves* ubuntu and isn't to keen on going with a deb (or other) distro that is already "security trimmed" without some serious convincing. I'm sure there are some out there, and if you want to pass along a couple for consideration, I'll check them out, but no guarantees he'll let me use it.

View 4 Replies View Related

Security :: Lock Folder In Fedora 12?

Aug 15, 2010

I'm using Linux. I want lock a folder. Way for each use To request password. And end use. In the first case to go back again. (Sorry if I wrote bad. I'm not English speaking)

View 2 Replies View Related

Ubuntu Security :: Lock The CD / DVD When Absent

May 7, 2010

i tried to make a recommendation ( ups that link ain't comes from me - i only looked for a word in a dictionary ) about traveling around with a laptop. i talking about my own experinace ( sitting in a train go to dinner - chain my laptop but - DVD-drive?? ) for GUI user i think it will be a nice option in the screensaver setup to lock the CD/DVD drive and thus should be very easy to implement by the "eject" command. just have another buttom "lock/unlock" the drive in the menue. think it's usefull and easy to implement.
--> ecject -i 1 / 0. i use this on my sony - works. i know it possible to bypass this - but this will take some much more time.

View 3 Replies View Related

Ubuntu Security :: Lock Or Encrypt An Ext Hdd?

Jul 27, 2010

I have a ext hdd..seagate go. And my 14 yr old son likes to get into it without asking me; of course i dont care when he asks but i don't really want him to get in there and erase anything. I am about to leave for training for 18 weeks with the military. Is there a way i can "secure" the drive for the amount of time that I can't take it with me?

View 8 Replies View Related

Security :: Way To Lock Down Grub Loader

Feb 13, 2010

Is there a way to lock down the Grub loader so that no one can edit it at boot-up, unless they have a password?

View 3 Replies View Related

Ubuntu Security :: Lock PC With Flash Drive?

Nov 6, 2010

Is there a program like BlueProximity but works with a file on a flash drive which will lock up the computer if it does not detect a file on a flash drive. What I am wanting to do is make certain features inaccessible if the flash drive is removed so if anyone uses my computer they can't hurt anything.

View 1 Replies View Related

Ubuntu Security :: Getting Past Lock Without Restart?

Jul 28, 2011

I had a buddy that swore he was such a linux guru he could bypass the lock screen easily but refused to elaborate. Was he just being faseeshis or was he legit. I don't accept starting a new X session using the terminal or restarting and using recovery tool to change password as an answer.

View 1 Replies View Related

Ubuntu Security :: Modify The Firewall To Let In Certain Ip Addresses But Lock Others Out?

Jan 12, 2010

how do i modify the ubuntu firewall to let in certain ip addresses but lock others out.

View 6 Replies View Related

Ubuntu Security :: Make The Lock Screen Password?

Mar 12, 2010

Is there anyway to make the lock screen password (accesible when clicking the power icon) different from the username password ?Or to lock the screen, with a different, User defined password, seperate to the Default one ?

View 3 Replies View Related

Ubuntu Security :: How To Lock Terminal On Login For User

Apr 22, 2010

I recently set up a family computer for a friend, and now his son is "experimenting" with the terminal (randomly entering commands). since he could accidentally do something bad, I am supposed to prevent him from using terminals, but only as hi user. I tried vlock and away, but with vlock it says 'this terminal is not a virtual console', and away can't seem to lock all consoles.

View 9 Replies View Related

Security :: Account Lock After Failed Login Attempts

May 25, 2010

I'm trying to lock an account after a number of failed login attempts in a RHEL5.

This is the relevant configuration in /etc/pam.d/system-auth

In the logs I can see how the count of failed logins increase and exceeds my deny option but the account isn't locked

Do I need any other option in the PAM file? Is there any other way to lock an account?

View 5 Replies View Related

Security :: Pessulus Not Working / Not Able To Lock Other Users Profiles?

Nov 5, 2010

I installed Pessulus on my workstation and I'm not able to lock other users profiles? I see the little wooden shield when I click on them, excpet it isn't blocking anything?

View 1 Replies View Related

Security :: Lock User Accounts After Too Many Login Failures?

Jun 8, 2010

I am trying to disable accounts after 5 unsuccessful login attempts. I am following the guidelines in this article:

[URL]

This is on an Oracle Enterprise 5.4 box, which is essentially RHEL 5.4 Here is what my /etc/pam.d/system-auth looks like:

--------
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.

[code]....

Unfortunately, the account does not seem to be locked or disabled. As root, runninng 'su test2 -c <some-command>' always sucessfully runs <some-command>, and leaves the failed attempt count at 6. /etc/shadow does not have an * or ! anywhere in the encrypted password for the 'test1' user.

What am I doing wrong? I thought that with the max attempts set to 0 in faillog, that the deny= parameter would be used. I thought I should be using su <user> -c <command> from the root account to test if the disable feature is working.

View 1 Replies View Related

Ubuntu Security :: Automatic Login With Enforced Screen Lock

Aug 30, 2010

Is there a way to set Linux to automatically log in to a specific user account and at the same time lock the screen? I want to save time and trigger various software that always should start up on boot, while leaving the computer unattended during startup (extra important and practical for remote control boots), by enforcing a 'screen lock' so that no-one can see what happens behind the login screen without entering the login credentials.

View 4 Replies View Related

Ubuntu Security :: Lock Network Connection On Completed Download?

Oct 2, 2010

Let's imagine this can be done in Firstarter, as there already is a fine lockdown option there: A kind of RULE: on [program/service] exit/completion of download - then lockdown connection [usually the eth0].

[Edit:] Or for that matter, put a lockdown action on any premise like inactivity on port 80 or such (all the rest),

View 4 Replies View Related

Security :: Lock Down Individual Users From Setting A Proxy Server?

Feb 16, 2010

how to lock down individual users from setting a proxy server. Its a server not a WS so it should never go to the internet. I want to lock down the system side and firefox 5 settings.

View 14 Replies View Related

Ubuntu Security :: Enabling A Guest Session Under 9.04 Does Not Lock The Source User?

Jan 14, 2010

I noticed (the hard way) that enabling a guest session under 9.04 does not lock the source user. I enabled a guest session for someone and came back to find them rooting through my files. By quitting the guest session, it goes back to the source user's desktop without requiring a password. Shouldnt it go to gnome-screensaver automatically? Can this be changed? Is it a bug?

to replicate: log into source user's account use the menu to start a guest session quit the guest session root through files un-opposed.

View 6 Replies View Related

Ubuntu Security :: Program That Allows To Password Lock Single File Or Folder?

Apr 3, 2010

Is there a program that allows me to password lock a single file or folder?

View 5 Replies View Related

Ubuntu Security :: How To Install Firewall From Console

Apr 28, 2011

i want to install a firewall for my ubuntu server (vps)what the best firewall for ubuntu? my ram is 512 mb.how to install firewall from console ?

View 9 Replies View Related

Security :: Console Users Logging In Without Passwords?

Jul 19, 2010

Sitting at the console, I log in with any user name and NO PASSWORD IS REQUESTED. I get logged in automatically without entering the user's password.

I did:
passwd joeuser

To change his password and still he goes right in without being asked for a password!

Possibly related- 10 days ago, my smtp server was breached as a spam relay. The username they cracked was deleted. I added fail2ban for postfix. The logs show no further intrusion.

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved