The title says it all. Is there a way to just click ok to administrative tasks instead of having to enter my password every time? Sort of like Windows 7's UAC.I'm using ubuntu 10.04 LTS. I don't want to log in as root
View 9 RepliesI often get responses from people who first say: "Are you sure? You want your network to be exposed to the outside world?" I am not experimenting on a Production Server of NASA or any Security Concern Department. Friends, there is no harm in experimenting on your personal computer or on a test computer which is isolated from the production environment. Look at hackers! What do they do? If they don't know how security is breached then how would they come up with security measures?
If my question reads... "How to let any user perform Administrative Tasks on a Linux System irrespective of his/her privileges on that particular system?" then I would not get the right answers in the first place. They will say... "You are letting everyone destroy your system... are you sure you want to do that?" My question is: Why should we restrict ourselves from experimenting even if it sounds weird to other people?
I give you an example where it is desirable to let an unprivileged user perform certain tasks. You want to know if there are any employees in your office who are storing videos in their home directory and filling up the disk space to a great amount. You have a department called "Command Center or Data Center Operations or Help Desk" call it whatever you would, whose work is to monitor such activities, and you create an account "monitor" for them to monitor such activities but they are not able to do them:
[Code]..
I find myself using SSH from my mobile phone to manage administrative tasks when I'm away--completing updates and the like, things that can be done during normal usage but sap my RAM and CPU to the point of frustration, given the hardware I've got to work with. It's convenient, I can do what I wish (without the benefit of an X session) while I'm at work. The issue I run into is the fact that my auth.log is littered with items like this:
Code:
May 16 12:53:17 BETA sshd[18941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.111.184.180
May 16 12:53:19 BETA sshd[18941]: Failed password for invalid user lala from 200.111.184.180 port 41787 ssh2
May 16 12:53:25 BETA sshd[18943]: Invalid user master from 200.111.184.180
Which tells me that some inconspicuous person and/or botnet keeps trying to get into my system. This is generally annoying; at this point, my system isn't used for anything particularly critical; however, the fact that only failures or questionable successes--such as those from my mobile, the IP and Host of which can vary a fair bit (and the host resolution almost always fails, based on the way the IP/Host advertisement is presented to an external host is established--it's essentially manufactured)--doesn't tell me who/what has figured it out. I've done what I can to tamp down SSH access to the system, root is blocked via SSH (a moot item, since root isn't allowed locally), I've limited only my own username as allowed to connect via SSH...all it would take, though, is an alphanumeric dictionary that hits the right combination to get a password prompt, and to be able to brute-force it from there.
Overall, I know there's few, if any ways, to prevent someone attempting to get into my system via SSH; what additional steps can I take to minimize the possibility that I might end up compromised?
Over the past few days, I've noticed that administrative tasks sometimes fail to start. I'm asked to enter the administrative password, "Granting rights" appears in the bottom panel for a few seconds, but then disappears. I'm using Debian Lenny. This is only an intermittent problem, and if a task does fail to start, it will start on the next attempt. Tasks which have failed to start are:
*Launching Synaptic form the System menu.
*Launching a root terminal from the Applications menu.
*Launching Nautilus with root privileges from a terminal using gksu.
After coming across the following post, I thought maybe it was an issue with kernel 2.6.32-bpo.5-686, because I'd recently upgraded to that kernel too, but I'm advised that that isn't so.It was suggested that something else from backports might be causing the problem.
I am a student at DeVry University, newly introduced to Fedora and Linux in general, and have a project whereby, we have been asked to consider some administrative tasks that we could automate via a script.I was wondering if there were any thoughts or directives from the community on what admin tasks you guys find to be of inestimable use in automating via a Linux script.
I am new to the Linux commands but have done a wee bit of programming before in C++ and others.I have also done basic DOS batch files before.
i have a triple boot of windows XP,7 and ubuntu10.10 netbook remixis it possible to require a password to mount the windows drivesthere is no log on password on the ubuntu but i dont want people to access the other drives unless they have my password
View 3 Replies View RelatedHow can I configure my SSH server (OpenSSH on Debian 5) so that it requires public key authentication *and that the keys are password protected*?
View 8 Replies View RelatedIs there a way to do this? I disabled the log in screen for my Ubuntu 10.10 for convenience with remote desktop (so the machine starts up right away and connect to vnc). But doing this means anybody at my house can just access my computer and application (brother's friends are a little curious) and they could easily access Keyring and grab all my passwords. So is there a way to require a password everytime an application is opened?
View 5 Replies View RelatedIs there any way torequire a password for anything to be installed onto my computer? For example, lately, I clicked on an image in googleimages that ended up installing something onto my pc. If a password was required for any installation, this would not have happened.
View 9 Replies View RelatedIs there a way in Lucid to require a sudo password to mount all external drives (e.g. thumb drives, USB CD/DVD drives, USB hard drives)
View 1 Replies View RelatedI thought these were the same password?In-fact, they WERE the same password on the set-up I currently have.But now, weirdly, I can log in fine but I the exact same password is not using in order to perform admin tasks.I've tried a recovery mode, console, and then "password (username)" in order to reset the password.This does reset the password I need to use to log in, but the password still does not work for performing admin tasks
View 4 Replies View RelatedHow to fix the problem that is happening with gksu. It prompts me for the administrative password. I don't (for advised security reasons) have a password associated with the root account.
The sudo works fine and accepts my sudo password. Gksu fails with "incorect password... try again." error.
This is a new install of the Ubuntu Server 10.10 x64 Maverick edition.
I am a new Linux user and have a question about the administrative authentication. When I am logged in as a user and I need to do something that requires root privileges the little password window comes up and I enter the root password. My question is how long are the root privileges granted for?I noticed that a few minutes after finishing checking out the firewall configuration tool and closing the window that I was still able to re-enter the fire wall tool and other administrative tools. How do I log out of the root privileges without logging out and then back into my account?
View 2 Replies View RelatedI installed a Rednotebook 1.1.6. Naturally it's personal, but for some reason after years in development it lacks password protection. I intend to launch it from the Unity dock.How can I restrict access to rednotebook (specifically, the rednotebook.desktop file) via a simple password prompt?
View 9 Replies View Relateddoes anyone know how to make ubuntu 10.04 ask for a password when inserting a thumb drive / flash drive
View 8 Replies View RelatedIs it possible to configure Apache with password security (AuthConfig), yet allow certain IP addresses access without being prompted for a password?
View 3 Replies View RelatedIt appears that Lucid has done away with the gksu prompt that used to greet you when you try to mount a partition. Is there any known way of restoring this? I have a number of partitions which I would rather have protected by a password (even though I know that booting a live cd will give anyone access to any mountable partition, no questions asked). I've had a quick look in gconf and found nothing that looks like it would control this behaviour, but it's quite likely that I overlooked something.
View 9 Replies View RelatedI'm usingg Ubuntu 10.04. When i start gnome-terminal (from terminal or gui) at the first i see invite to enter sudo pass: Terminal window is opening and i see the string:
[sudo] password for tenhi:
Yesterday i changed .bashrc file and some settings in User and Groups management.
A few weeks ago, I installed Ubuntu 9.10 on a Dell Insprion 8600 as a dual boot to try out Ubuntu. I let the setup configure partitions for me. During the install, I was asked once for a password. Last week, Win XP would not boot up; that's OK as I was planning a re-partition and reinstall of both win and Ubuntu.
I wanted to get files off the NTFS partitions (I have one for win, one for the swap file and two more fore files etc.), so I wanted to mount the NTFS partitions. I was asked for a password for the administrator. My regular password, the only one I have set up, would not work. I tried rebooted two more times and still no luck with my only password.
However, I was able to boot up from the set-up disk and mount the NTFS partitions without a password. I was able to move all the files I needed to one partition that I plan to keep (I will reinstall win xp then back up those files on the separate partition).
A question and a comment...
1. How do I install Ubuntu so that I make sure I have the passwords to do administrative level things (like mounting a drive)?
2. Being able to do administrative work off the Ubuntu test-drive disk while being denied access after signing in seems like a security issue (unless I screwed up somewhere).
I often want to have mythtv running on one display while I continue with work on the main display, as I CAN chew gum and walk at the same time. When the task is administrative, such as running update manager, I am asked for my password so Ubuntu (10.04 amd64) can authenticate me as an administrator. Good, but I think I would like it not to freeze the desktop, including the mythtv, while it does so. Is there a good reason not to want that? If not, can it be done (avoid freeze when authenticating) and if so, how?
View 1 Replies View RelatedIs there a way to make Mozilla Thunderbird not allow anyone to view my offline storage without my password and to make it so whatever data it does store on my computer is encrypted with my password? Or is there another client that will do this better? I don't like the idea that anyone could waltz into my office and read my old emails.
View 5 Replies View RelatedI am running ubuntu 10.04 64 bit with Centos Directory Server centralizedauthentication tool. I can log in just fine with my ubuntu client, however when go to my Directory Server and tell it to require a password change on reset for any of my users, the ubuntu client doesn't require the user to reset their password. the reason I need this to work is so I can reset a users password from the Directory server and then have it use what I set it to for their next login attempt but then require them to set their own password. After days of searching I have only found out that it can be done by setting the option in Directory Server but Ubuntu 10.04 seems to just ignore the option. I am using the libnss-ldapd and libpam-ldapd packages on the Ubuntu client because the libnss-ldap and libpam-ldap didn't work at all, what am I missing?
View 1 Replies View RelatedI'm in the process of configuring a "guest" account for houseguests tose my computer. I've got the file permissions set, but I'd also like to restrict their access to the terminal. It seems to me that most of the damage that can be done to a computer goes through the terminal.I downloaded Pessulus (I use Gnome)but it doesn't require a password. the profiled user can just open Pessulus and alter their profile -- what's the point?Is there a way I can require a user to enter a password, either for any terminal or Pessulus?I like Pessulus -- it's concise and easy to use. But it doesn't seem very secure as I understand it.
View 5 Replies View Relatedphp. I am developing a web-interface for an application that sometimes needs root privs. Editting /etc/sudoers is not an option since the web interface needs to be portable to other users when they install my application. Is there any workaround ?PHP Code:
php code:$command = "./script.sh /dev/$DISKNAME &";$shellOutput = shell_exec($command);
Code:
[code]...
I'm using Ubuntu 9.04...How do i setup a broadband connection that DOES NOT require a username and password i tried pppoeconf but it wont let me proceed without entering something in the username and password fields. on XP i jus plug in my Ethernet cable and it works but it doest on ubuntu.
View 9 Replies View RelatedIs it possible to somehow setup an ssh server that doesn't require a username,password or cert to login?I wish to provide shell access to a console program, which will prompt for a username and password.Encryption is essential though, and users must not be able to snoop in on each other
View 9 Replies View Relatedeverytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?
View 4 Replies View RelatedI know this has probably been asked too many times here but I need to secure my emails. Personal matters of course. But yeah. I use the program "Password and Encryption Keys" to generate a key to sign my emails with but I do not know what to do. To be blunt, I'm stupid when it comes to this. IF not, steps in creating a key? and giving it (my public key) to the significant other? Finding where both keys are? Implementing it into Thunderbird? If it helps any here's some extra information: Ubuntu distro: Ubuntu 10.04 Email client: Thunderbird
View 7 Replies View RelatedHow can I force passwd to use a simple password?I want to change my passwd & delete passwd history (if stored).I plan on creating a Virtual Appliance that uses another password besides my testing password.
View 5 Replies View RelatedI already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.