Security :: The Login Password Echoed - How To Correct It
Nov 25, 2010
Kernel 2.6.21.5, Slackware 12.0
GNU bash 3.11.17
Being in a text console (VT, that is, the screen with 25 x80 chars), say tty1, and just after booting linux, I logged in as usual,typing my password.What happened then astonished me. In Slackware distros, a small quotation from some book is written on screen just after typing the correct password. Well, after typing my password, I could see it split into two halves instead of the quotation.
View 13 Replies
ADVERTISEMENT
Aug 12, 2011
Just started happening this week -- I boot into a terminal (no GUI by default, but I use GNOME when I need it), and when I'm asked to login, I type my username <ENTER>, then I'm prompted for my password...
And the password is now echoed to the screen in cleartext. as I type it
Haven't changed any settings (although I have been keeping up with the updates).
I've searched the forums, and the occasional new user will complain nothing shows up in the PW field which is the expected behavior. Unfortunately, I have the opposite behavior -- something shows up, and I don't want it.
View 2 Replies
View Related
Apr 1, 2010
So on one of the Linux systems here (2.6 kernel if it matters), there's some weirdness regarding trying to ssh into the system. Basically, if you give it the wrong password on the first ssh attempt, it will give you two more attempts, but even if you give it the correct password, it still won't let you in on those subsequent attempts. (If you give the correct password on the first attempt, it will let you in.)
Example:
Code:
user1@machine1# ssh user2@machine2
user2@machine2's password: <wrong password>
Permission denied, please try again.
The system has sshd configured to use pam (i.e., UsePAM set to 'yes' in sshd_config), but I'm kind of a PAM dummy.
View 2 Replies
View Related
Aug 3, 2010
One of my servers is displaying the error as login incorrect even after giving the correct password. Once I restarted the Virtual Machine and after that it is accepting the same password to login. I am not able to find out the problem, why the server is not able to validate the password until the virtual machine gets rebooted.
View 2 Replies
View Related
Sep 16, 2010
I'm running eeebuntu on a Toshiba Satellite R10, I installed the Netbook Remix Package which was apparently a horrible idea. I cant click properly. I tried to open synaptic package manager to uninstall it but it tells me my password is wrong, which i know it is not. Is there anyway to fix this, i can open terminal.
View 3 Replies
View Related
Jun 14, 2011
everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?
View 4 Replies
View Related
Dec 14, 2010
I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.
And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.
View 9 Replies
View Related
Jan 19, 2011
I installed linux system into a USB stick, but it never asks me to enter login password (i am the default user "root") when booting. I checked the settings in "User and Group" panel, and found everything there is OK. What additional settings should I make to this problem?
View 4 Replies
View Related
May 8, 2009
I just installed Fedora 10 on my laptop 2 days ago. I dont seem to remember the password i userd for my username. Is there a way to reset or change the password? I cannot login to the system.
View 4 Replies
View Related
Jan 20, 2010
Found a major security hole in one of my more crucial linux servers today. (Only locally) I can use the user name "root" and any string for the password. So I can literally type "poop" as the password and the server lets me in. I know how to set root password settings for SSH and sudo, but where are settings located for local access that would allow something like this?
View 14 Replies
View Related
May 5, 2010
There is this one server running CentOS5.4 Final which has certain application like Bugzilla. I have setup ssh on it and setup is for password less authentication. Have also setup PasswordAuthentication to no. So with password authentication should succeed. But it is. Though password less authentication is working fine, but I am also able to login using password.
Code:
RSAAuthentication yes
PubkeyAuthentication yes
PermitEmptyPasswords no
PasswordAuthentication no
View 4 Replies
View Related
Sep 30, 2010
I was just wondering about logging in to my remote server via SSHv2.
But I want to set a passphase key but not make the server ask for it when logging in, would this at all be possible?
I am well aware I may leave it blank but doesnt this pose a security threat possibly?
I have heard somewhere that you can get Linux Centos 4.8 to do this
View 1 Replies
View Related
Jan 27, 2010
Can't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
View 3 Replies
View Related
Sep 28, 2010
How can I disable the password request when i login? Not the password for the user but the password to connect to the net?
View 5 Replies
View Related
Apr 4, 2011
Second off, I'm trying to capture a user password on login (through gdm) such that I can re-use it for a service like Kerberos or AFS. The idea is that the user has to log in only once, and then I renew the tickets and tokens until they log out again. If there's a better way to do this
View 4 Replies
View Related
May 13, 2011
I'm trying to login to a server using gssapi-with-mic authentication against one of my school's machines that supports this mode of authentication. I have these kerberos packages installed:
batrick@menzoberranzan:~$ dpkg -l | grep krb
ii krb5-config 2.2 Configuration files for Kerberos Version 5
[code]....
View 1 Replies
View Related
Mar 18, 2011
I'm the only user of my PC and as of upgrading to 10.04, I get a login screen, that requests only a password, when the PC goes idle.
View 8 Replies
View Related
Mar 20, 2010
When installing the latest Distro of Mint (I believe this is not much different, if at all, from Ubuntu as far as this goes) I chose to have my Home folder encrypted using the login password. This was a function of the installation. What I was wondering about was how secure this was and if I should maybe use something to do a better encryption or not.
View 1 Replies
View Related
Aug 26, 2010
I have a problem with my ubuntu account. I am running 4 virtual machines, based on jeos-8.04 and I am using a public key authentication to login to my account (via ssh). This is not the problem, I have the key and the passphrase. But when I am logged in, I can't sudo, because I forgot the password for the accout.
View 6 Replies
View Related
Oct 6, 2010
Lucid Lynx clean install.I do not seem to get the login screen from powerdown now. I do after logging off and logging back in again.From switched off, I get taken to my desktop and it is only a little while later, usually when starting Thunderbird or FireFox that I get asked for my password with this massagePlease Unlock The Login KeyringThe Login Keyring Did Not Get Unlocked When You Logged On
View 2 Replies
View Related
May 5, 2010
My goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.
The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.
View 2 Replies
View Related
May 17, 2010
I found a way some times ago to mount a truecrypt volume when opening the session by insertion of the login password in the mounting script instead of putting it in clear in the script. I don't remember to command to read/transfer the password.
View 2 Replies
View Related
Mar 16, 2011
I have now been trying to find an answer for the following for a while and can't seem to get anything.On previous linux distros we had the option available "passwd -e" which allowed us to force the user to change their passwords upon the next login.s functionality however seems to be excluded from latest linux distros (currently using RHEL 5.4)...Does anybody know how the same effect can be achieved and perhaps any idea on why this option was removed as it was great for securing passwords
View 5 Replies
View Related
Jan 7, 2011
I don't know if this is Just my Machine, or not. But here is it:
Ubuntu 10.01
Acer Aspire 7740
When the computer is locked. I can smiply go to switch users. when the list of users logins are shown all i have to do is click on my user name and it allows me into my account without typing in a password. I can lock the computer manually or wait for it to time out it doesn't matter. the switch users method allows me to bypass the password protection.
View 3 Replies
View Related
Jun 4, 2011
just installed fedora 15 on my dell inspiron mini 10. I used the livecd to install it to the harddrive with the wizard. I need to use the root account to get the yum to install the wifi drivers and such. i set the root password as "root01" the first time. it didnt work so i figured maybe i made a mistake. so i reinstalled it making sure i used "root01". it still doesnt work. anybody had this problem or heard of this problem before? i am under the impression that the passwd file could be recovered by using Grub to load it under a singleuser setting. however grub wasnt installed
View 3 Replies
View Related
Aug 8, 2011
I was hoping that someone could point me in the right direction. I just did an install and the os is up and running. During install, I set a root password and also set up a regular user account. The only option at login is the regular user acct. Needless to say, the os asks me to provide the root pw for just about everything I need to do.get an authentication failure. (I assume that this is the same as permission). I can find plenty of info on how to restrict access but nothing relevant to my problem. Just to rule out an install problem, I installed the os a 2nd time. I am very sure I have my passwords correct. One other thing to note is that on the 1st install, I used a different pw for root and regular user. On the 2nd, just to keep is as simple as possibl I used the same pw for root and reg user account. I am new to debian, but the distro that I have been using (slackware)
View 5 Replies
View Related
Jan 12, 2010
The problem: when kpackagekit would prompt me to update packages, it would ask for my password. I would enter it, and the dialog would reject it with the message "incorrect password, please try again". Over and over. The password WAS correct -- it worked in Synaptic and on the command line using sudo, and obviously it also worked for logging in.
I suddenly had a hunch that kpackagekit might not be the culprit, and that authentication was being done by a different program -- and lo and behold, the dialog actually said policykit up there...
So, searching for policykit problems out there, I ended up seeing someone reinstalling theirs for their problem (which happened to be different from mine). The code to do that, in the command line:
Code:
sudo apt-get install --reinstall policykit
After that, entering the password after kpackagekit prompts me to has worked fine and the updates happen as nature intended.
View 4 Replies
View Related
Oct 13, 2010
I try to connect to my access point and after a long wait of maybe 30 seconds to a minute it will prompt me to enter my password. I entered it correctly and it still keeps on asking me to enter it. So just then I entered it with the password showing and double checked over it before trying again and it still didn't connect.
I need to have internet on my netbook working by tonight or I will have to go back to windows.
What can I do to make my laptop connect to my access point? Its not a problem with my access point, my desktop running windows, it connects just fine to my wireless.
Here is part of my syslog
Quote:
Oct 13 15:46:04 mark-eeepc NetworkManager: <info> Activation (wlan0/wireless): connection 'Auto vor' has security,
Oct 13 15:46:04 mark-eeepc NetworkManager: <info> Config: added 'ssid' value 'vor'
Oct 13 15:46:04 mark-eeepc NetworkManager: <info> Config: added 'scan_ssid' value '1'
[Code].....
View 9 Replies
View Related
May 30, 2010
When I press Ctrl-C in any pseudoterminal (xterm, gnome-terminal, rxvt, text console and SSH) in Karmic Koala, the string ^C gets echoed to the terminal in Ubuntu Karmic Koala. This hasn't happened in Ubuntu Jaunty Jackalope. I'd like to get rid of the extra ^C. Example:
$ cat
foo
foo
^C
$ _
I got the above by typing C, A, T, Enter, F, O, O, Enter, Ctrl-C. I want to get rid of the ^C, and get this for the same keypresses:
[Code]...
I tried setting stty -echoctl, which solved the problem for rxvt and xterm outside SSH, but it created a single-character HT when SSHing from an Ubuntu Hardy system, and it created a box with Unicode 0003 in it instead of the ^C in gnome-terminal. I want to see absolutely nothing when I press Ctrl-C. I'm using. Linux linux 2.6.31-20-generic-pae #57-Ubuntu SMP Mon Feb 8 10:23:59 UTC 2010 i686 GNU/Linux I have these terminal settings in all systems and all terminal emulators:
ioctl(0, TCGETS, {c_iflags=0x2502, c_oflags=0x5, c_cflags=0xbf, c_lflags=0x8a3b, c_line=0, c_cc="x03x1cx7fx15x04x00x01x00x11x13x1ax00x12x0fx17x16x00x00x00"})
View 2 Replies
View Related
Mar 29, 2010
I'm using Ubuntu 9.04 on my eee pc 901, as mentioned above, I been trying to connect to my home WIFI(WPA enable) yet it keep asking for password,
View 8 Replies
View Related
