Ubuntu Security :: Disable The SSH Key Access?
Jun 15, 2010
I currently have a user on my Ubuntu server that I want to block completely from login. I know right now they login with SSH keys so they don't need to enter their SSH password. Can anyone tell me how to remove the SSH key login for their username and root user which I believe they use too and block SSH access alltogether.I will then just change the root SSH password.I'm terrified they will do some harm so I need them blocked out ASAP.
View 7 Replies
ADVERTISEMENT
Aug 25, 2009
Does anybody know if there is a quick and easy way to simply disable samba security to avoid "Access Denied" errors when trying to access shares via Windows XP?
View 2 Replies
View Related
Jul 13, 2010
I am learning SELinux from LinuxCBT and I'm stuck at one place. Now video is on RHEL 4 (so tell me if things has changed since, cause I can't find anything related) shows how to disable SELinux security on httpd.first I don't know diff between initrc_t and uncofined_t; and second I don't know if something is wrong is everything is all right.
View 1 Replies
View Related
Mar 9, 2010
I need disable usb port access in ubuntu9.10. how to disable usb port in ubuntu9.10
View 9 Replies
View Related
Aug 9, 2010
Anyone know how to disable IPv6 but still use IPv4?
View 6 Replies
View Related
Sep 3, 2010
I've made an SSH server using OpenSSH on my desktop Ubuntu (10.4) for tunneling. However, I'm noticing that the public account I made for my SSH (one to give to friends to use proxy) has SFTP access to crucial system files. I'm okay with SFTP being enabled on my account, but not on this public account. Does anyone know of anyway to either disable SFTP to that user, or restrict access to important files?
View 4 Replies
View Related
Jun 19, 2011
Set up a few machines yesterday to test out some parallel code. Just for fun, I selected the "encrypt users files" option when setting up Ubuntu (10.10). I had never used the option in years past. Now I'm finding it a pain. EG., ssh requires me to already have a login to the machine before it will let me log in w/o a password (eg., using id_rsa.pub and authorized_keys).
Similarly, I have no reason to encrypt files on these machines. They're just crunching numbers. Is there an easy way to disable this? Or do I need to delete my original user and make another one (with all the su privelages, etc...) w/o an encrypted file system / home directory.
View 1 Replies
View Related
Feb 11, 2011
Is there a way to modify the ssh_config and sshd_config files so that a user can scp but will not be allowed to ssh. I have done a search and found a tool name scponly but I really do not want to install anything. Most of the books I have only discuss how to use ssh.
View 3 Replies
View Related
Mar 11, 2010
I've enabled the root account on Ubuntu 9.10, however I want to stop it from being used to login via GDM. 9.10 seems to have a different GDM version, how can I carry this out under 9.10
View 9 Replies
View Related
Aug 8, 2010
Inspite i have read through the sticky link but i have a query.
Example,
If you have your firefox under enforce mode in apparmor,are you still able to install an update / addon to it to a newer version.
If not,how to disable the apparmor in firefox.Is it as below?
Code:
View 9 Replies
View Related
Jan 22, 2011
I have tried everything to disable automatic login from the login screen (gdm). I've changed my password, I've changed the settings in System -> Admin ->Login Screen, and I've edited /etc/gdm/custom.conf (gdm.conf doesn't exist, but I created it just in case!).No auto login is set up, but I can't get it to ask for my password. This is affecting my ability to switch sessions, as I can't switch sessions without clicking on my name in gdm, and because it's set to auto login,
View 4 Replies
View Related
Feb 17, 2011
How do I disable showing Usernames? I want to be prompted for BOTH un and pw. If it is necessary I could just change it so that it boots into a fullscreen terminal so that you would have to input "startx" and then username and password. Or I could just change it through gui or 3rd party software.
View 7 Replies
View Related
Apr 3, 2011
having a slow internet connection, I bought the all maverick repository on DVDs, copied the files on a usb drive and modified the apt sources file to consider the local repository only:
Code:
# deb file:/var/www/ubuntu_local/ ./
deb file:/var/www/maverick/dvd1/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd2/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd3/ maverick main universe restricted multiverse
[code]....
Even though I am reasonably sure it is safe, this local repository is not authenticated and I can only install package through the command line or synaptic, the Ubuntu Software Centre giving an error message "Requires installation of untrusted packages"...I thus would like to disable the apt authentication check for this local repository.
View 2 Replies
View Related
May 11, 2011
I wish to prevent a user account with sudo rights from mounting attached storage, i managed todo this with ubuntu Version 8 using gnome-polkit i think it was, however i'm not able todo this in 11.04 now , has anyone got a direction i can look in, i googled alot but my searches all come up with auto mounting or how to mount drives
View 1 Replies
View Related
Sep 24, 2010
I opened a specific port in my router and manually configured Limewire to use the same port for all traffic, but I notice when I disable and turn off Firestarter when on limewire, my searches go really fast and dowaloads zoom really fast also I am not running as root. Is this ok to temporarly stop the firewall when I am on Limewire and then turn it back on when finished?
View 9 Replies
View Related
Sep 28, 2010
How can I disable the password request when i login? Not the password for the user but the password to connect to the net?
View 5 Replies
View Related
Feb 5, 2011
How do I prevent/disable a file from being copied?
I would want someone to be able to see the content of a directory, then open the relevant document, but just for viewing purpose. They cannot copy the file, either through copy + paste or File/Save As.
Is that possible under Ubuntu?
View 4 Replies
View Related
Mar 18, 2011
I'm the only user of my PC and as of upgrading to 10.04, I get a login screen, that requests only a password, when the PC goes idle.
View 8 Replies
View Related
Jan 9, 2010
is there any possible way to hide currently running processes from an user? This means I do not want him to know about what programs/processes does any other user but him run. In short words if that user runs 'ps -aux' he should get only his processes.
View 3 Replies
View Related
Jan 17, 2011
I have a Lucid Ubuntu installed on my home PC with two user accounts, AmHero and simple. I would like to have all internet access disabled when my kids login with the 'simple' userid. And yes, internet should work when I login using AmHero. I tried this:
[URL]
..but this does not work and gives some errors on the terminal.
I can paste the errors, though I am not sure this will even work as I found this in an old post.
View 6 Replies
View Related
Dec 15, 2010
I use Ubuntu on my netbook, which I uses for browsing and email. It's way faster than the Windows which came on the machine. That's a nice feature, as is the price.
I like it except for the constant, perpetual, ever-present, super-annoying need to be entering passwords and "becoming root user" and so on. I am the only one using this appliance. I don't even care if someone steals it, really. There must be some way (I hope) of disabling this idea that I am a CIA agent with TopSecret materials.
I just want a simple, easy to use appliance. If not Ubuntu, is there any distro that is aimed at normal people?
View 14 Replies
View Related
Apr 7, 2010
I just want to disable rm command for an user..Root only need to use that
View 14 Replies
View Related
May 4, 2010
I'm concerning about my web server, I use nikto to see where should I improve my configurations, then I just know my web server is enable directory indexing. I have searched and found that I should just put
Code:
Options -Indexes to disable directory indexing. I have already restart apache but directory indexing still enable here is my httpd.conf Where did I wrong ?
Code:
ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
[code]....
View 6 Replies
View Related
Mar 5, 2011
I am using Fedora. I want to disable Linux iptables permanently. Normally when I reboot my pc the iptable service is on. how can I disable even I turn reboot the pc.
View 6 Replies
View Related
Feb 5, 2010
I read somewhere that 'sync' and 'who' commands in linux should be disabled. While i can understand that for the 'who' command, why so for 'sync'?
I can find sync and who as one of shell commands, whereas also in /bin/sync and /usr/bin/who. Are the shell commands and those in bin directory meant to serve the same purpose?
Finally, how can i disable these commands?
View 4 Replies
View Related
Oct 31, 2010
I want to disable internet connection on my laptop but I want to keep the local lan connection. What would be the less hasssle way ?
View 8 Replies
View Related
May 15, 2010
I want to refuse access for some users to usb pen and audio. In previous releases (debian, ubuntu , debian-based ..) , it is enough to remove the user from the group.
that is in /etc/group
audio:x:29:bela
plugdev:x:46:bela,geol
with theses lines : bela can heard sound, but not geol, for bela and geol the usb pen is automatically mounted. But not for nobody else. It is NOT the case in the new release, I mean, even if I remove a user from the plugdev group, the usb pen is automatically mounted for that user.
View 1 Replies
View Related
May 12, 2010
Once again, nobody seems to understand security properly when they decide to add nifty new features. After upgrading to 10.04 from 9.10, I now have a listing of all the user accounts under "Switch from" when I go the the logout menu at the upper right side of the task bar. This is a terrible security hole that should never have been allowed in the first place, and is just as annoying as the default behavior of listing all the user accounts on the login screen.
View 5 Replies
View Related
Nov 13, 2010
The ubuntu installation came with my ubuntu (it does not matter which version etc.) Contains sshd_config file with this interesting lines:
# Change to no to disable tunneled clear text passwords
#PasswordAuthentication yes
The same lines are seen in many Ubuntu-related internet pages. This is quite surprising to see.
This seem to contradict to the fact that ssh was created specially to provide authentication (with passwords, of couse) but without sending them by internet as clear text like previous programs did. But I could not find any clear confirmations of that neither in Kubuntu-related documents no anywhere else. I put below fragment of a document from RedHat. This seem to imply that if one will use two "yes", the passwords will be passed in encripted form (and this is what is recommended by RedHat). Is that true? Is this true for Ubuntu too? Is the quoted line from sshd_config wrong? Or incomplete?
[URL] RSAAuthentication yes
The option RSAAuthentication specifies whether to try RSA authentication. This option must be set to yes for better security in your sessions. RSA use public and private key pairs created with the ssh-keygen1utility for authentication purposes.
PasswordAuthentication yes
The option PasswordAuthentication specifies whether we should use password-based authentication. For strong security, this option must always be set to yes.
View 9 Replies
View Related
Sep 4, 2010
Is there anyway I can disable an account from being logged in via Putty, but permits someone else to "su" into the account? For example, an application is being run as "app_account". Because there will be multiple people administering this application and the password is shared for this "app_account", I want to disable 1st level login for it. I want to make it such that only the permitted people can "su - app_account", once they have logged into their personal account. How can I do this? If I set app_account's shell to /sbin/nologin, the users are also not allowed to do "su - app_account".
View 2 Replies
View Related
