On Ubuntu 10.04 with x11Vnc server, if the screen requires logon (such as if locked or upon reboot), through the VNC terminal, I always get authentication error (incorrect password). Sitting at the keyboard, I can logon just fine. Once logged on, I can access everything through VNC just fine.
Error in auth.log (username = bob):
unix_chkpwd[3926]: password check failed for user (bob)
gnome-screensaver-dialog: pam_unix(gnome-screensaver:auth): authentication failure; logname= uid=1000
I have succesfully set up authentication manually in Ubuntu so users can log on with Windows Active Directory accounts and have their network drives mapped automatically using pam_mount.
Please note due to the setup I can't make any changes to the Windows 2k3 server.
If a user wants their password reset I can change it to a generic password. When they next log on to a Windows computer with the generic password it will automatically ask them to change it to something else.
Is there anyway to get this to work with Ubuntu 10.10? At the moment when logging onto Ubuntu with an account that is in this state the message Please change your password appears, it then proceds to log on without prompting to change the password and natually it won't map the drives etc.
Lately I have been receiving this in my auth.log file. It seems to be repeating over and over, and I didn't know if was anything normal or something I should be worried about...
Our system is based on RH4 and is using pam_tally and faillog to record failed attempts and to lock users out after 5 attempts. We have a requirement to provide a normal (non-root) user logging onto our system, with information regarding the number of failed logon attempts made on their account before the current successful logon (similar to the functionality provided by HP Protect Tools on Windows). My first idea was to add 'faillog -u $USER' to the bashrc, however by the time the bashrc is run - the user has been successfully authenticated and the faillog has been reset back to zero.
i had configured mail server in linux. i had configured sendmail in linux client . i have error while sending mail through thunderbird smtp auth error how can i resolv the issue .....
I login as normal user. I can 'su root' fine - password authenticates. However, If I try to run System->Administration->Users/Groups, when it asks for root password, it is rejected. When I run updater, it reports failure to authenticate, but doesn't even ask for root password beforehand. Is there a cached password someplace?
All has been fine with my emails but today morning when i tried to log on I got an error message "You must be logged in to access this page, go to logon page" I dont understand why even when i supply my correct user name and password.
I've been using CentOS for quite a long time, and I've recently switched to Ubuntu 10.10 as a desktop. I'm having one small stumbling block, I can't seem to setup LDAP authentication via a GUI. I found this post here.
[URL]
Is there a GUI application that allows LDAP configuration similar to the Cent OS one?
I have a problem with the logrotate of auth.log, it is not working. I tried using 'kill -HUP `cat /var/run/sshd.pid`'. This restarts sshd but does not create a new auth.log. Also tried "/etc/etc/init.d/ssh restart" and "/etc/init.d/ssh reload"
Been a while but have a few scripts that need to hit a website that's local to that network, but also a public site. Currently there is an .htaccess in that folder with this lockdown;
I don't think it would be harmful to run ssh on the default port of 22. Especially since the machine will only accept key-based logins and only accept traffic on port 22 from external IP addresses that I specify.
I'm trying to add the -audit option to X Server. I run ps -ef | grep -v grep | grep "bin/X" and get: root 2511 2506 0 10:35 tty7 00:00:09 /usr/bin/X:0 -br -verbose -auth /var/run/dgm/auth-for-gdm-sScn1P/database -nolisten tcp vt7 So I'm thinking that I need to add -audit to the /usr/bin/X file, but I believe that it's binary and created by something else, but I can't find that "something else". How on earth can I add this option? I have opened up 1,000,000,000,000,000,000,000 files (slight exaggeration) and I've come up empty.
I recently installed Fedora 13, Xfce, on my HP netbook. It's using AR9285. When i try to connect to my network with WPA enabled it will not work despite the password info being correct. I'm using a DI-514 router, with no updates to firmware. It only works, if I change the password, then use said password, then, when I disconnect, said password no longer works. WEP works just fine, open network works fine, why wont WPA-PSK work?
I'm getting relay access denied to an email outside of my domain. It seems the passwords are authenticating because I'm not getting invalid password prompts.
I want to configure NTLM for my Apache webserver, so that it uses active directory login credentials. Additional info : my listen port will be 82 (http://xxxx.com:82)
I'm currently using Fedora 13 x64 and have noticed a strange problem with my wireless.
At random intervals it will disconnect, be it 5 minutes or 3 hours and then it will not re-auth no matter how long I leave it. The wireless is running WPA/WPA2, With TKIP/AES encryption. The router only supports b/g and the Wireless NIC is only b/g.
Not sure what driver/software it is using. I noticed I do have wpa_supplicant installed but there doesnt seems to be much happening in /etc/wpa_supplicant/wpa_supplicant.conf apart from the below.
Code: [daniel@Enterprise ~]$ su -c 'cat /etc/wpa_supplicant/wpa_supplicant.conf' Password: ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel
I am using auth_param basic program /usr/lib/squid/squid_ldap_auth to authenticate users using squid from ldap. The user and pass is in clear text over the network between the browser and the squid server. Any way to send it in an encrypted format??
operating system: CentOS 5.5 git version:1.7.3.4 ldap server:OpenLdap Http server:Apache 2.2 the software above have been installed. How to config /etc/httpd/conf.d/gitweb.conf file to let git authed by ldap?
I am a bit of a linux newbie, but have been gradually teaching myself how to set up Sendmail 8.13.8 on a CentOS system to handle our MX mail for various domains we own on our local server. Configuration has gone well so far, except I cannot seem to get Outlook to authenticate with the SMTP server and I must readily admit to some large gaps in my knowledge. For testing purposes, I have tried to authenticate using Telnet with the following results:
Code: 220 my.domain.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 3 Aug 2011 14:27:00 GMT ehlo my.domain.com 250-my.domain.com Hello mytelnethost.btcentralplus.com [109.xxx.xxx.xx], pleased to meet you 250-ENHANCEDSTATUSCODES
I want to use squid Proxy to ask username password to user for internet usage and if username password not correct squid stops user access.I use following installation commands and configuration but still squid not asking for username password, and I can use Internet browsing by defining proxy in my client proxy.I use following installataion commands one by one but non of them works, and configure squid to use ncsa_auth../configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies
with following squid.conf configuration one by one.
htpasswd /usr/local/squid/etc/passwd testuser New password: Re-type new password:
[code]....
No error received in access.log or /var/logs/messages files, nor on client screen, client still using internet browsing without asking username password by squid,
A few minutes ago I was using google chrome when suddenly the scroll-lock indicator on my keyboard turned on... I pressed the scroll-lock key, but nothing happened, the light remained. I opened a terminal and ran "top" to find what processes were running when I was automatically logged out. I logged back and checked the logs and found the following entries in my auth.log:
Code: CRON[2971]: pam_unix(cron:session): session opened for user root by (uid=0) CRON[2971]: pam_unix(cron:session): session closed for user root
New machine, need to append my id_rsa.pub to my remote SSH box, cannot use ssh-copy-id because I cannot specify the port I've got the machine running on.
I am trying to setup 2-factor authentication for SSH with PAM. Its working well, but if the password is incorrect, it does not ask for validation code, but rather asks for the password again. Any way not to warn about an incorrect password?
I'm a bit lost with the PHP/Sendmail configuration, maybe somebody could help me getting back on the right track. Following situation:
Postfix:
* accepts smtp on port 25 but from his own domains. Some policy and spamchecks through amavisd are made.
* accepts submission on port 587 and 465 from authenticated users only. Quota and spamchecks prevent outgoing spam.
So I'm enforcing a very strong outgoing spam-policy but the users are still able to use the php mail() function to send spam through the /usr/sbin/sendmail command. My users have access to their own php.ini so my idea was to somehow enforce the delivery through the local postfix on port 587 or 465 and just let them enter their user/pass in their php.ini. (I suppose, their might be a cleaner-solution ).
Unfortunately, my configurations like smtp_host, port, user etc. are getting ignored if the sendmail_path line is active. But if I comment this line out, php just uses the default, which is the same as configured in the sendmail_path line - so it's active whether i use the line or not (setting it to an invalid command breaks the mail() function completely).
how can I enforce my anti-spam policy on the php mail() command?For my ssh users I just blocked the outgoing connection to localhost on port 25 which seems to work so far, but somehow the postfix-sendmail-wrapper just ignores this.
