Server :: My /var/log/secure File Is Not Getting Updated With Ssh Logins?
Jul 17, 2010my /var/log/secure file is not getting updated with ssh logins from yesterday.Even the login from my own ip is not updated.
View 2 Replies
ADVERTISEMENT
Server :: Secure Remote Server From Unwanted Ssh Logins?
Jul 2, 2010we have a remote linux server and its /var/log/secureile is fully filled with unauthorized ssh users,of course they cannot able to log in successfully but they were making continuous ssh requests to log in, it some times results in server down problem. so how to secure our server from their ssh attempts.i know blocking unauthorized ip addresses can solve this problem and we can also change the ssh port numbers but what are the other possible ways of solving this.
View 4 Replies View RelatedSecurity :: Setting Up Secure Remote Logins
Jun 17, 2010I'm trying to secure the CentOS servers on our company network as the current situation is, shall we say, less-than-ideal: remote root logins with the same password across several servers (behind a firewall, on non-standard ports, but still) and several key processes running as root. My proposal to amend this consists of the following:
- setup a bare as possible SSH-gateway with only the normal user accounts to handle remote access
- disable the root login from anywhere else but LOCAL and create special accounts with root permissions for our ~4 system administrators, like admin.foo admin.bar that can only login from inside the company network, using SSH-keys.
So far my biggest obstacle seems to be creating the administrative users, how do I go about and do that? When I simply create a user adminfoo with uid=0 it will show on my shell as root, which makes it useless as a way to make our admins accountable for their actions. BTW, my initial proposal to use sudo unfortunately met with strong resistance, because it compromises usability.
Ubuntu Servers :: Secure File Server Setup
Dec 29, 2010I am going to set up a file server on Ubuntu. I have searched a while, but can't seem to find a guide to what I want. The requirements specifications are the following:File server: possible to upload, change and download files.Linux (Ubuntu) clients, Windows clients if possible.Access restriction to deny access to other than registered users.Only the user should be able to read the content of the files.Ideally root should not be able to see the individual files, but in worst case it is ok for root to see the files.Root should not be able to open the files.Point 1-3 is easy to find out how to set up. But I can't seem to find a way to deny root to view the files. The only solution I can think of is to encrypt files or a whole folder, but I don't know how to set it up.
The setup is for a home network, but the server used as a file server will have a web server as well. If someone manages to get access to the server I don't want them to be able to read the files.
Red Hat :: Connecting To Server For File Transfer Using GFtp Is Secure
Nov 21, 2010if connecting to my server for file transfer using gFtp is secure. I told gFtp to connect to the server using SSH2 and it works. It says it uses this command "ssh -e none -l wordpress -p 1883 IPADDRESS -s sftp." Is this more or less secure then using ftpes or ftps? What I thought was weird was that I could shutdown vsftpd and still connect. Does SSH2 SFTP use its own ftp server?
View 4 Replies View RelatedServer :: How To Store Password In Encrypted File / Retrieve It In Secure Mode?
Jul 14, 2011there are some configuration files where linux require the password of application user, to do something.how can i to encrypt the password in these files? Or how can i to store that password in encrypted file and retrieve it in secure mode?
View 2 Replies View RelatedSecurity :: Secure And Automated Backups - Add Public Key To Authorized_hosts File On Prod Server?
Mar 13, 2010I'm trying to find a secure way to backup files on my Prod Server to Backup Server. It must be automated, so I will need to run a command with cron which will login to Prod Server from Backup Server and backup data. 1. Do you think it would be secure enough to do this by creating an passwordless RSA private key on Backup Server and adding it's public key to authorized_hosts file on Prod Server? I can't think of a way to Automate this without having to enter any passwords without passwordless RSA key. Is there another. more secure way? 2. Should I create a special user for backup, which will only have read access to all files in the directory that I am backing up? If so, How can I run a check that this new backup user indeed has read access to ALL files in the folder that I intent to back up? How can I ensure the backup process will not skip files due to some permission problem? 3. I'm thinking of using rsnapshot tool, which uses rsync.
View 10 Replies View RelatedFedora :: Where Configuration File To Change Root Logins?
Nov 5, 2009Can someone tell me where the configuration file is to change root logins?
View 1 Replies View RelatedServer :: Securing Ssh Logins ?
Sep 15, 2010We have a public server and it can be accessed from any where through ssh.
My question is my server should not allow anyone directly to login as root user. First he should login as normal user then he should switch to root user.
I also have another questions is there any specific linux command is there to end other users ssh session without rebooting the server.
Server :: Logins Via SSH To Server Are Extremely Slow
Jun 13, 2010Running RHEL 5.5 x64 with the latest updates. Running Oracle 11gR2. Server has 8gb ram 2xcpu 2.4 xeon.Only running one fresh instance of Oracle, no applications are even pointed at the DB.Two Issues...
1. Logins via SSH to server are extremely slow, about 30 seconds after typing password
2. Once I am logged in, launching sqlplus is very slow. After typing password, sqlplus hangs for 15 or so seconds.
Even when I am actually at the console, login of course is instantaneous.. but sqlplus still has the same issue. CPU is at 0% no swap is being used. Shouldn't be a network issue, on the same network.
Server :: Limit The Number Of Logins For A User To Only One?
May 3, 2011I ran into a user today that indicated that their company only allows them to log in through a terminal session once (no multiple logins). On second try their login window terminates. They are using putty.Is this being accomplished through PAM or sshd ( or some other method)?
View 1 Replies View RelatedServer :: Samba Not Accepting User Logins?
Feb 23, 2011I have a samba server that I had setup using the default smbpasswd backend, and it worked fine. So long as I remembered to use smbpasswd/passwd to setup a user with a username and password matching the account name of a Windows 7 user, then that windows 7 user would be able to navigate the shares with their permissions correctly.I have switched over to using ldap, and: the console/ssh of the machine can correctly use any of the ldap logins getent passwd/group both show the complete listing my Windows 7 machines can all ping the samba server by its netbios name my Windows 7 machines all prompt for authentication if I type \MACHINENAME into explorerHowever, all attempts to access the shares now continually ask for you to enter your username/password, and then fails anyway.No errors appear to be generated on the server (unless I'm missing a log somewhere). Having hunted around on the web, I'm wondering if it has to do with generation of machine accounts (since it tries to access from MACHINENAMEUSER). Without ldap setup, I didn't need to worry about the machine name, but I'm thinking that maybe smbpasswd took care of this somehow.I use the smbldap-useradd tool to setup a user account, which appears to correctly setup the user in ldap, such as:
Code:
dn: uid=sharer,ou=Users,dc=intbus,dc=net
objectClass: top
[code]...
Server :: Primary Domain Controller Would Be A Better Way To Manage Logins?
Feb 17, 2011We have a LAN with mixed Windows workstations win 2000, winxp, vista, win 7, linux servers all in a workgroup. Most applications used on the LAN are windows based, with a growing number of python apps. A friend suggested a Primary Domain Controller would be a better way to manage logins, resources etc. I don't wont to use a Windows based PDC, what would you suggest as a linux based PDC? I have heard about TURNKEY PDC, but it uses Samba 3 and apparently doesn't handle Active Directory in Windows.
View 5 Replies View RelatedServer :: Proftpd - Set Retry Delay After Failed Logins ?
Aug 17, 2010How do you configure proftpd so that once a user has failed to login and reached the MaxLoginAttempts. That they can not retry logging in for another 4 hours ?
View 6 Replies View RelatedServer :: VsFTPd - ReverseDNS IdentLookups - Slow Logins
Dec 17, 2010Question on vsFTPd. I just switched to it from ProFTPd. With ProFTPd clients on the LAN that connected to the ProFTPd server on the LAN had slow logins with their FTP client until in the ProPFTd config file I uncommented these two lines:
#UseReverseDNS off
#IdentLookups off
Now that I"m using vsFPTd, I was wondering if there were similar settings since I see logging into the vsFTPd server is slow (20 second delay).
Security :: Ways To Secure Sendmail Or Secure Alternatives To Send Mail
Dec 1, 2010I'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
Server :: Upgrade Server With All Updated Packages And Patches?
Jun 27, 2011Currently our Production Server version is Fedora8. I know its very old version, i was newly joined as server admin for this company.. my first task need to Upgrade Server with all updated packages and patches..Without production time down..because we have nearly 400 clients accessing our server.
1. Is it possible to do Without Production loss??
2. before upgrade what are the things i need to do??
3. is there any possibles the working function not working in new upgrade packages??
Software :: Finding When / How Any File Is Updated
Apr 1, 2011For some reason, a configuration file is being rewritten by "make" but the makefile is a bit big and I can't figure out where/when it happens. Is there a tool in Linux that would let me stop execution of "make" just before it tries to modify that configuration file? I read about inotify, but I don't know if it's the right tool.
View 3 Replies View RelatedUbuntu Security :: Secure File Transfer
Feb 4, 2010If I need to get a file to someone I could place it on the server and somehow automate an email telling them there is a file available. They could login to the server based on their email address and a randomly generated key combination and down load the file.I also need it to preform the same function going the other way. Login into my server and place files going to me.
View 2 Replies View RelatedUbuntu Security :: Missing Secure.log File?
Jul 11, 2010I seem to be missing a secure.log or security.log file. have Ubuntu 10.04 and can't find this file. I looked in the /var/log and ran a search command to no avail. Does anyone know where this file is or is it called something else.looking for a file that logs any change to the security settings of the system.
View 6 Replies View RelatedServer :: Ntpdate - Keep Updated The Time On A Server?
Nov 25, 2010What is the right way to keep updated the time on a server? Using ntpd daemon or ntpdate by crontab? I've two server in two different locations.. I've used
Quote: # ntpdate ntp1.ien.it
on both server, and the two times were staggered by ten minutes. How is it possible?
Server :: How To Know If My Box Is Secure
Apr 16, 2011I now have a windows box connected to the internet via the server.
Question is - how do I know if the linux box is secure?
Are there any things that I have to config now - I am slowly moving on to configuring the dns and dhcp server - but is there anything else I should have done?
Ubuntu Security :: How Secure Are The Default File Permissions
Feb 5, 2010What do the default file permissions in ubuntu 9.10 protect/deny access to?
View 9 Replies View RelatedUbuntu Servers :: How To For Secure Web Based File Hosting
May 5, 2011Know any documentation or software packages to do a open source "File Hosting" or also known as "one-click hosting" server.I want to create my own private secure site to easily have clients download sensitive files. If it could be setup to use SSL that would be great.
View 1 Replies View RelatedGeneral :: File Share Security The Setup Is Not Secure At All?
Jan 7, 2010Been messing around with Ubuntu 9.1 for the last few weeks and am loving it so far. Been trying to get in the terminal and learn a little something, to no avail. LOL I have been googling and searching the site today for info on networking. My Linux box is a desktop, with my main HDD mounted with music, and movies and some other stuff. My intent is to network the two laptops in the house (Windows XP and Windows 7) to the Linux box so I can listen to my music and watch movies when not in the office. I have found some info, mostly involving Samba, and plan to install Samba tonight and fiddle with it. My issue was with security. I have read a few posts and they talk about the fact that if you share files in this manner, the set up is not secure at all. Is this something i should really be concerned about? If the folders I share only have my music and videos in them,
View 4 Replies View RelatedGeneral :: Secure FTP Of A File To The Root Directory On CentOS?
Nov 2, 2010I am running WHM and CPANEL on centos.I would like to upload a file to the root user directory. To be honest, my only experience uploading and downloading files with FTP has been with domain related accounts that were set up under WHM to be managed under CPANEL. This is quite simple, because all you do is set FileZilla or Dreamweaver up with the FTP address of the domain account and the username and password.How can I do something similar to FTP a file into the root or home directory?
View 1 Replies View RelatedSoftware :: Secure Log File Entries Not Appearing In LogAnalyzer
Oct 4, 2010I am testing LogAnalyzer 3.0, with several Linux servers configured to send their log files to the central server. All Linux servers use syslog as the daemon of choice. While it does appear that LogAnalyzer to be working somewhat, I noticed that a particular log file present on all servers, secure, does not have any entries appearing at the central server. The configuration of the secure file, via the /etc/syslog.conf file, on all servers is shown below:
Code:
# The authpriv file has restricted access.
authpriv.* /var/log/secure
Do I need to make any additional modifications to the syslog.conf or any other file?
Fedora :: Audacious Updated - No Decoder Found For MP3 File
Jan 30, 2011I just updated Audacious to 2.4.3, and now when I try to play mp3's, I get this: No decoder found for file "my song." Ogg files still play fine though. I know I can downgrade, but I'd rather this just be fixed.
View 2 Replies View RelatedGeneral :: Command To Update Terminal As File Is Updated
Mar 13, 2011I'm looking for a way to have the access log for my nginx install scroll up the terminal as lines are added to the log. I think I need a command like cat access.log | diff but I'm not sure exactly what it should be.
View 1 Replies View RelatedUbuntu :: 9.10 - User Cannot Login (ICEauthority File Not Updated)
Jan 16, 2010I am using Ubuntu 9.10. I currently have two users myself and my wife. Yesterday morning when I tried to log in I receive the following messages:
"Could not update ICEauthority file /home/david/.ICEauthority"
then
"There is a problem with configuration server /usr/lib/libgonf2-4/gconf-sanity-check-2 with status 256"
and finally
"Nautilus could not create the following required folder /home/david/Desktop/.nautilius"
I searched the forum and followed some stuff about chmod 755 for the gconf file etc but still have the same problem. My wife can still log in with no problem by the way.
