Ubuntu Security :: Getting A Users Password ?
Aug 30, 2010
I need to be able to capture a users password when they login. I am well aware of the security issues with this and I'm ok with this.
We run a call center and I am working on migrating from windows to Kubuntu for the callers. It's policy that all callers must report their password to me, so I already know of everyone's password. There has to be some variable/script that I can "hack" to get the password they typed in to the login screen.
What I'm trying to do is that when a user logs in in for the first time, their profile is automatically created and set up. Setting up network drives, email, pidgin (which the password is stored in plain text anyway, so forget about security on that one), web apps, etc.
Trying to find information on How to capture a users password and all have been responded with the usual lecture on why you shouldn't do this. So I've heard it all before and I know of the risks. Like I said, I already have the callers password on file. If I could capture it, I wouldn't have to manually setup each profile every time we get a new caller, which is often since turnover is quite high in call centers.
View 5 Replies
ADVERTISEMENT
Dec 23, 2010
How to allow users to change their password in chrooted ssh as long as the modifications in the shadow file in the chrooted environment will not be applied on the system itself ?
View 2 Replies
View Related
Jul 17, 2010
I use the following method for preventing the users from changing their passwords , is there any other method other than this ?ls -l /usr/bin/passwd-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwdso we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwdnow normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
View 9 Replies
View Related
May 11, 2010
I want the users to access servers via ssh public key only. By default they don't know their initial password and do need to change that when performing administrative tasks.For changing their passwords without knowing the old they need to switch to root for this special case.The only case it seems I don't have control is that users can not only change their password but also the password of other peoples. Does someone sees a solution (without apparmor/selinux and special /usr/bin/passwd.sh) to restrict users to only change their password?I miss the feature of using environment variables in sudoers file.
View 9 Replies
View Related
Mar 10, 2011
I've set up a user account for friends & colleagues that does NOT require a login password. Unfortunately, in this OS some things don't work unless you login -- sudo Must regular users have AND use Root's password?
View 9 Replies
View Related
Dec 3, 2010
The title says it; I want to prevent users from viewing the wireless network password.
View 9 Replies
View Related
Jan 2, 2010
I recently was able to network 2 computers at home and I wanted to make my password more secure. When I try to edit my password via System>Administration>Users and Groups, it doesn't workI am able to edit my user settings. When I change my password I enter my old one and it accepts my new one. Problem is when I try to install programs, login and do other things it only accepts my old password. How can I change my password?
View 3 Replies
View Related
Jan 7, 2011
I don't know if this is Just my Machine, or not. But here is it:
Ubuntu 10.01
Acer Aspire 7740
When the computer is locked. I can smiply go to switch users. when the list of users logins are shown all i have to do is click on my user name and it allows me into my account without typing in a password. I can lock the computer manually or wait for it to time out it doesn't matter. the switch users method allows me to bypass the password protection.
View 3 Replies
View Related
Nov 1, 2010
We are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
View 3 Replies
View Related
Oct 15, 2010
To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies
View Related
May 12, 2010
I have an environment with multiple projects that have a variety of government and commercial sponsors. We have been satisfied to this point with a netapp serving nfs/cifs and keeping a tight reign on nfs exports.Some of these projects have started asking us to provide access restricted sub-folders of the project space based on different groups that contain a user subset of the primary group.
We have a linux machine that serves as a version control front end to the netapp, mounting the project spaces via nfs. People are now mounting their project space via sshfs to this "front end" and sharing the root password of this sshfs client with everyone in their project, in turn creating a security hole to access the so called restricted sub-folders. I know all the obligatory responses referring to irresponsible user behavior but would like to see how others have addressed something like this where user behavior seems out of control.
View 12 Replies
View Related
Jun 14, 2011
everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?
View 4 Replies
View Related
Jun 26, 2009
Im trying to config my intranet to be accessible from inside the network (lan) without need of password and ask for a passwd for those who are viewing from Wan ....
Today my intranet can only be accessed from Lan, external access give me an Unauthorized message, I took look around, try #irc and still can get the appropriated help, I hope that someone here could help me on that...
A piece of my config:
Code:
View 4 Replies
View Related
Oct 22, 2010
I know this has probably been asked too many times here but I need to secure my emails. Personal matters of course. But yeah. I use the program "Password and Encryption Keys" to generate a key to sign my emails with but I do not know what to do. To be blunt, I'm stupid when it comes to this. IF not, steps in creating a key? and giving it (my public key) to the significant other? Finding where both keys are? Implementing it into Thunderbird? If it helps any here's some extra information: Ubuntu distro: Ubuntu 10.04 Email client: Thunderbird
View 7 Replies
View Related
Jan 13, 2010
How can I force passwd to use a simple password?I want to change my passwd & delete passwd history (if stored).I plan on creating a Virtual Appliance that uses another password besides my testing password.
View 5 Replies
View Related
Aug 3, 2010
I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.
View 9 Replies
View Related
Oct 1, 2010
I have a database created by an older program (not Access) that I need to open and retrieve information for my business. The manufacturer put a password on there so that only it's program could open it. I do not use that program, but it has information I need. Is there a way to find that password or circumvent the password altogether?
View 1 Replies
View Related
Jul 17, 2010
I use the following method for preventing the users from changing their passwords , is there any other method other than this ?
ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwd
so we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwd now normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
View 4 Replies
View Related
Feb 19, 2010
Is it possible to completely disable the password change for users accounts in linux?? (I don't mind account lock)
View 2 Replies
View Related
May 6, 2010
I am on ubuntu server and its joined to an W3k Domain thru winbind/samba. However everything works fine and Windows and Local users can login to the machine without any problem. However when I wanted to create a local user X and change his password I couldn't. It created the local user X but I could not change the password.
View 1 Replies
View Related
Oct 9, 2010
Is there a way I can allow all users to mount internal media without entering a password, without using sudo, and without making edits to my /etc/fstab file.
View 9 Replies
View Related
Feb 7, 2010
I have to add my students as a user to a class-server to have them work on some TCP/IP-related questions. The server is Debian Lenny.
It would be easy if I could make some kind of script to add them, even with a standard password like 'abc123'. I want to show them the way FTP uses clear-text passwords as opposed to SFTP. Or the differences between telnet and ssh.
I know something about scripting with bash, but how can I add the same standard password to each user, without having to type it for everyone?
View 2 Replies
View Related
Sep 23, 2010
I am new in Linux.Problem is that how to add a more then one users in a one command and also add a password to them?
View 2 Replies
View Related
May 17, 2011
I need to create a script that returns a list of the users who have never changed their password from /etc/shadow.
As I know on linux there is a command "chage" used for find last password change. Any idea about solaris command?
View 1 Replies
View Related
Mar 12, 2010
I'm a newbie running Ubuntu 9.10. I have two users (wife and me), and each user's screensaver is set to lock so that on wakeup, we get to choose which user's desktop to go to. However, Ubuntu requires a password, so this is pretty tedious.I'd like to switch users without entering any password. I know about this trick that works for the boot login, but it doesn't deal with multiple users.Is it possible to set empty passwords for users in Ubuntu, or skip the password in other ways?(I'm expecting real Linux users to suggest that passwordless users must not get any rights and there be an admin user with a strong password.
View 2 Replies
View Related
Mar 12, 2011
Is it possible to switch users in Debian without entering a password, as in Ubuntu Maverick? I already tried adding a nopasswdlogin group but it did not work, even though the "don't ask for password on login" entry in the login manager is no longer greyed out. Replacing gdm3 with gdm also did not work.
View 5 Replies
View Related
Oct 21, 2009
I'm using opensuse and i'm trying that users cannot change his own password (mantaining /bin/bash users active). Do you know how can I do it?
View 10 Replies
View Related
May 6, 2010
I am on ubuntu server and its joined to an W3k Domain thru winbind/samba. However everything works fine and Windows and Local users can login to the machine without any problem. However when I wanted to create a local user X and change his password I couldn'tIt created the local user X but I could not change the password. Here are the outputs:
Pam configs:
Common-account:
account sufficient pam_winbind.so
[code]...
View 2 Replies
View Related
May 6, 2011
I am using Mandriva 2010.2 KDE. When I try to change my password, using the Welcome>About Me>Change Password, I am asked to type in my current password, after I press OK, the dialogue box just seems to hang, nothing happens, the computer does not freeze, just the password dialogue box kind of stops responding.
View 3 Replies
View Related
Jul 31, 2010
regarding the file permissions of /etc/passwd in fact it has permissions like rw-r--r--so it says others have only read only permissions but my questions is if others has read only permissions on /etc/passwd file.how they are able to change their password i.e others are able to change their passwords then how it is possible.
View 3 Replies
View Related
