Ubuntu Security :: Capture User Password On Login?

Apr 4, 2011

Second off, I'm trying to capture a user password on login (through gdm) such that I can re-use it for a service like Kerberos or AFS. The idea is that the user has to log in only once, and then I renew the tickets and tokens until they log out again. If there's a better way to do this

View 4 Replies


ADVERTISEMENT

Ubuntu Security :: Bad Login Protocols - Graphical Login For Gnome Sizes Itself To Accommodate A User's Exact Password Length

Dec 14, 2010

I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.

And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.

View 9 Replies View Related

Ubuntu Security :: Can Login With Public Key But Forgot User Password?

Aug 26, 2010

I have a problem with my ubuntu account. I am running 4 virtual machines, based on jeos-8.04 and I am using a public key authentication to login to my account (via ssh). This is not the problem, I have the key and the passphrase. But when I am logged in, I can't sudo, because I forgot the password for the accout.

View 6 Replies View Related

Security :: PAM Module - Allow A User To Connect To A Server Via SSH With Any Login Name Or Password

May 5, 2010

My goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.

The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.

View 2 Replies View Related

Security :: REDHAT Missing Functionality - Force User To Change Password On Login?

Mar 16, 2011

I have now been trying to find an answer for the following for a while and can't seem to get anything.On previous linux distros we had the option available "passwd -e" which allowed us to force the user to change their passwords upon the next login.s functionality however seems to be excluded from latest linux distros (currently using RHEL 5.4)...Does anybody know how the same effect can be achieved and perhaps any idea on why this option was removed as it was great for securing passwords

View 5 Replies View Related

Ubuntu :: Get A Message That Ur Login Keyring Password And User Password Do Not Match

May 4, 2011

i changed my password and whenever i log in i get a message that ur login keyring password and user password do not match, so how do i change my login keyring password!!

View 1 Replies View Related

Ubuntu Security :: Change Keyring Password To Match Login Password

Jun 14, 2011

everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?

View 4 Replies View Related

Ubuntu :: No Login / Password User Interface?

Feb 11, 2010

My desktop won't come up automatically now on a hard disk of mine (see below for the Ubuntu version history). It does boot up with Grub etc; then the Ubuntu load up bar thing with the timer spinning around [I hope you can understand this technical language!] goes through ok but then instead of getting the user interface with the little boxes to enter my login and password, the whole screen is in black (as if it's in Terminal mode). This black screen then asks me for my login and password: when I entered them, it said:

Starting up......loading, please wait
19 + 0 records in
19 + 0 records out
kinit: [followed by a load of technical stuff and a series of numbers]
kinit: trying to resume from /dev/disk/ by-uuid/9b [then a whole series of numbers]
kinit: no resume image, doing normal boot.

[Code]...

View 2 Replies View Related

Ubuntu :: Get 9.10 Login Screen To Ask User Name And Password

Nov 9, 2010

Not sure how to do this on 9.10. After upgrading I noticed that the login screen is displying the users of the machine; however, I want to login screen to ask for username and password, without showing the users.

Is there a way to get the login screen to disable the saved users? Or a way to make the login screen ask for username and password?

View 2 Replies View Related

Ubuntu :: Login Into Basic User Gui With No Password?

Feb 26, 2011

With

Code:
sudo -u -i user

I can access their shell, but I how do I login into a gui?

By the way, how common among all the commands is the ability to combine options that do not require arguments in a single block after - ? I.e., sudo -i -u to sudo -iu.

Also, what happens when root is disabled and a basic user sudoes? A threat is displayed and mail is supposed to be sent to root, which is disabled, so?

View 5 Replies View Related

Ubuntu Security :: Set Two Password For 1 User Account?

Dec 27, 2010

i use ubuntu 10.04, is there a way to set two passwords for 1 user account

View 2 Replies View Related

Ubuntu Security :: How To Recover User Password

Jan 18, 2011

My daughter has forgotten her password on our desktop system. Note this is not the admin user (me) so I can sudo nautilus to recover her files. All info online seems to pertain to recovering administrators password is there any way of recovering a non admin password? Ubuntu 9.10 but about to be upgraded 10 10.

View 3 Replies View Related

Ubuntu :: Login - Load Up Without Typing In User Name Or Password

Jan 26, 2010

I accedently typed in a command in the terminal that made my computer load up without typing in user name or password. i would love you have that back. is there a command that you can use to get back there login screen. i am using ubuntu 9.10. i also dont know what the command was that i typed...

View 1 Replies View Related

Ubuntu :: A User Can't Login To Its Desktop After Password Change?

Dec 22, 2010

One of my users has a bit of a problem. I forced password change for this user, and the user thought that it was simply asking for the password again. I had to use my godlike powers to change the users password again. And here comes trouble.The user cannot log in. The system accept the password and we can see the background screen and some messages, but that is all.Quote:Could not update ICEauthoroty file /home/user/.ICEauthorotyQuote:
There are problems with configurationsserver.(/usr/lib/libgconf2-4/gconf-sanity-check-2 exit with status 256)Quote:Nautilus couldn't create following folders necessary: /home/user/Desktop, /home/user/.nautilus.Please create these folders before you run Nautilus, or set permission so Nautilus can create them

View 4 Replies View Related

Security :: User Should Be Able To Change Password Once In A Day?

Jun 1, 2010

I want to do setting in RHEL5 such that user should able to change his password only once in a day.I have changed the fourth field (i.e. minimum number of days to change) in in "/etc/shadow" file for "root" to "1". But its not working. I am able to change the password of "root" using "passwd" command.Any one can help me out on this issue

View 5 Replies View Related

Security :: Login Password Upon Starting?

Jan 19, 2011

I installed linux system into a USB stick, but it never asks me to enter login password (i am the default user "root") when booting. I checked the settings in "User and Group" panel, and found everything there is OK. What additional settings should I make to this problem?

View 4 Replies View Related

General :: Enable Login Password For User?

Aug 31, 2009

Ubuntu 8.10 does not ask for a password to login. I have only one user set up. I have set the user password from System > Administration > Users & Groups. Still does not ask for password > logs in straight away.

View 2 Replies View Related

Server :: Allow A User To Login Without Entering A Password?

Dec 29, 2010

How to allow a user to login without entering a password?

If my question sounds wierd then check out m-net at www.arbornet.org/m-net.php and see how it works.

Telnet / SSH to m-net.arbornet.org and type in newuser and it won't prompt for a password.

View 11 Replies View Related

Ubuntu Security :: How To Add User Password In Shell Script

Mar 17, 2010

I'm currently creating a simple sh file which will copy the contents of a certain directory to / directory. in my sh file:

Code:

cd "$DIR"
for i in *.*; do
sudo cp -iv "$i" "$DEST"
done

but this requires user password. can i add the user password in my sh file? how? I'm trying to do this because I have an application to run the sh file and the application has no way to enter the password..

View 9 Replies View Related

Ubuntu Security :: Disable The Password Request When Login?

Sep 28, 2010

How can I disable the password request when i login? Not the password for the user but the password to connect to the net?

View 5 Replies View Related

Ubuntu Security :: [SSH] Gssapi-with-mic Password-less Kerberos Login?

May 13, 2011

I'm trying to login to a server using gssapi-with-mic authentication against one of my school's machines that supports this mode of authentication. I have these kerberos packages installed:

batrick@menzoberranzan:~$ dpkg -l | grep krb
ii krb5-config 2.2 Configuration files for Kerberos Version 5

[code]....

View 1 Replies View Related

General :: How To Disable Login Password Security In Ubuntu 10.04

Mar 18, 2011

I'm the only user of my PC and as of upgrading to 10.04, I get a login screen, that requests only a password, when the PC goes idle.

View 8 Replies View Related

Ubuntu Installation :: 11.04 Requires User Login And Password To Install

Aug 22, 2011

When booting from the Ubuntu 11.04 CD, it asks for user name and password to install. I downloaded the iso twice and did a checksum. Do I need a user name and password before installing? What is the user name and password? I read the documentation and cannot find any entry about user name and password needed when booting fron CD.

View 3 Replies View Related

Security :: Sudo Non-user/non-root Password?

Feb 19, 2010

Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.

Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.

View 3 Replies View Related

Fedora Security :: Forgot Login Password?

May 8, 2009

I just installed Fedora 10 on my laptop 2 days ago. I dont seem to remember the password i userd for my username. Is there a way to reset or change the password? I cannot login to the system.

View 4 Replies View Related

Security :: Able To Locally Login As Root With ANY Password ?

Jan 20, 2010

Found a major security hole in one of my more crucial linux servers today. (Only locally) I can use the user name "root" and any string for the password. So I can literally type "poop" as the password and the server lets me in. I know how to set root password settings for SSH and sudo, but where are settings located for local access that would allow something like this?

View 14 Replies View Related

Security :: The Login Password Echoed - How To Correct It

Nov 25, 2010

Kernel 2.6.21.5, Slackware 12.0
GNU bash 3.11.17

Being in a text console (VT, that is, the screen with 25 x80 chars), say tty1, and just after booting linux, I logged in as usual,typing my password.What happened then astonished me. In Slackware distros, a small quotation from some book is written on screen just after typing the correct password. Well, after typing my password, I could see it split into two halves instead of the quotation.

View 13 Replies View Related

Security :: SSH Login Without Password Not Working As Expected?

May 5, 2010

There is this one server running CentOS5.4 Final which has certain application like Bugzilla. I have setup ssh on it and setup is for password less authentication. Have also setup PasswordAuthentication to no. So with password authentication should succeed. But it is. Though password less authentication is working fine, but I am also able to login using password.

Code:

RSAAuthentication yes
PubkeyAuthentication yes
PermitEmptyPasswords no
PasswordAuthentication no

View 4 Replies View Related

Security :: SSH2 No Password Login With Passphase Key?

Sep 30, 2010

I was just wondering about logging in to my remote server via SSHv2.

But I want to set a passphase key but not make the server ask for it when logging in, would this at all be possible?

I am well aware I may leave it blank but doesnt this pose a security threat possibly?

I have heard somewhere that you can get Linux Centos 4.8 to do this

View 1 Replies View Related

Ubuntu Security :: Change The User Password On A Regular Basis?

Mar 30, 2010

is it considered standard practice to change the user password on a regular basis and if so how often?

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved