Ubuntu Security :: HOTP Authentication At Login?
Jun 25, 2011
Does anyone know if/how its possible to integrate HOTP authentication into GDM login manager? Basically what I want to do is have it ask for the password of the account, then another prompt come up asking for the code for the account.
I know how to set it up, but I'm know if modifying the PAM module for requiring OATH/HOTP authentication will make this happen or if it will just break the system...and this is one thing I don't want to have to fix.
View 1 Replies
ADVERTISEMENT
Mar 9, 2010
I have installed CentOS 5.2. I want to login automatically for an user without authentication.
View 2 Replies
View Related
Jan 27, 2010
Can't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
View 3 Replies
View Related
Jan 10, 2010
I want to configure SSH key-based authentication and SSH password Authentication in same machine for different user .
View 1 Replies
View Related
Jan 17, 2011
I need to make a choice on what authentication protocol I want to use for Authentication and Authorization. I was looking at Radius and then literature suggested that Diameter was a better protocol. Keep in mind I need this on a hetrogeneous setup ( linux & windows together). Diameter seemed like a good fit until I discovered that the open source code no longer seems to be maintained ( C/C++).
I was also looking at Kerberos as an option though there is alot overhead with the server. SSL/TLS or EAP? I am looking for simple but secure and am new at the security protocols.
View 2 Replies
View Related
Feb 2, 2011
What security mechanisms are used by recent versions of the Linux operating system during user authentication?
View 3 Replies
View Related
Mar 20, 2010
the laptop of my friend runs ubuntu through wubi. The system suddenly freezed and she restarted it manually. After doing a check disk and automatically repaired some packages(unfortunately she doesn't remember what exactly, only just inode information appeared), she can't log in as when she types her username and password the answer is authentication failed. We tried to change the password through recovery mode but nothing happened.
1. Do you have something to propose to solve the login problem?
2. If not how can i access and back up her ubuntu documents through windows?
View 5 Replies
View Related
Jun 15, 2010
I'm looking for an solution to get an automatic authentication and login to my FON hotspot. I did some search on this but I can't find an solution on this. Is there a way to get it work? I'm running on Ubuntu 10.04.
View 3 Replies
View Related
Jan 7, 2010
How can I remove authentication completely from my pc?
How can I edit the files present in the patrician filesystem?
View 8 Replies
View Related
Apr 3, 2011
having a slow internet connection, I bought the all maverick repository on DVDs, copied the files on a usb drive and modified the apt sources file to consider the local repository only:
Code:
# deb file:/var/www/ubuntu_local/ ./
deb file:/var/www/maverick/dvd1/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd2/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd3/ maverick main universe restricted multiverse
[code]....
Even though I am reasonably sure it is safe, this local repository is not authenticated and I can only install package through the command line or synaptic, the Ubuntu Software Centre giving an error message "Requires installation of untrusted packages"...I thus would like to disable the apt authentication check for this local repository.
View 2 Replies
View Related
Jan 19, 2010
ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?
View 5 Replies
View Related
Mar 3, 2011
i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
View 2 Replies
View Related
Aug 31, 2010
Earlier today I was setting up ssh on a new computer. I modified permissions on the Passwd folder to complete the setup. I few hours later when I went to sudo something in the terminal I received the notice of an incorrect password (after using sudo prior to this), even though it was typed correctly.
I tried to restart the computer to solve the issue, but was met with an Authentication Failed message, regardless of the user I tried to log in with. I was hoping I could log in with recovery mode but was unable to do that as well. I have searched a substantial amount and have not found a solution. Could this be an issue with permissions on either the Passwd or Shadow folder? If so, could these be changed if I ran a Live CD?
View 1 Replies
View Related
Jan 6, 2011
Given that my public key is a pre-shared secret is sshd made in a way that this negates the possibility of a man in the middle attack? In other words, if the known_hosts file were to be deleted, would it be safe to ignore the fingerprint of a server that already has my public key in authorized_keys?
View 5 Replies
View Related
Jan 26, 2011
Running Ubuntu 10.10 and I'm getting annoyed by the password authentication each time I want to do something. I find this more annoying than Windows 7 and UAC
View 9 Replies
View Related
Mar 7, 2011
I'm using Ubuntu Lucid Lynx and every time I search for updates it ask for authentication. I'd like to search and apply updates without confirmation. Is it possible in some manner?
View 1 Replies
View Related
Mar 27, 2011
I have been unable to access the key file since installing Firefox 4 Tuesday. I have no authentication key for Firefox. [URL]
View 3 Replies
View Related
May 1, 2011
Yesterday I installed a program called localepurge to remove the locales I don't need, I've chosen only en and ar to maintain and removed the rest, after restarting, can't access the ubuntu, I wrote the password manytimes and checked the upper and lowercase. I'm using Ubuntu 11.04 on a Toshiba L500 laptop
View 1 Replies
View Related
Dec 14, 2010
I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.
And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.
View 9 Replies
View Related
Jul 3, 2010
I cannot login as root or su in graphical mode (haven't tested cmd line as i'm still newbie ). What i have read is that this is by default disabled... can this be enabled?.. if so how please? I am running core13 on toshiba laptop (this issue also on "live" cd)if above is not possible have u a section/training pages for us "newbies"
View 14 Replies
View Related
Jun 19, 2010
I just installed Red Hat 6 but when I try to login it prompts me to enter a "Smartcard Authentication" instead of a user name.Does anyone know how to get pass this? and just login with the user name I created or the root? I tried logging using root and a regular user but it always keeps asking me to enter a smart card.Here's a screenshot of the login screen:Code: i901.photobucket.com/albums/ac211/0xGFX007/smart.png
View 1 Replies
View Related
Jun 19, 2010
I just installed Red Hat 6 but when I try to login it prompts me to enter a "Smartcard Authentication" instead of a user name. Does anyone know how to get pass this? and just login with the user name I created or the root?Here's a screenshot of the login screen:[URL]
View 3 Replies
View Related
Dec 22, 2010
I have configured a ldap server and trying to login to same ldap server using a ldap user. However, I am not able to login and getting the following in /var/log/secure:
Dec 22 20:06:29 redhat5 sshd[7241]: Invalid user ldapu1 from 192.168.85.1
Dec 22 20:06:31 redhat5 sshd[7242]: input_userauth_request: invalid user ldapu1
Dec 22 20:06:37 redhat5 sshd[7241]: pam_unix(sshd:auth): check pass; user unknown
Dec 22 20:06:37 redhat5 sshd[7241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.85.1
Dec 22 20:06:37 redhat5 sshd[7241]: pam_succeed_if(sshd:auth): error retrieving information about user ldapu1
Dec 22 20:06:39 redhat5 sshd[7241]: Failed password for invalid user ldapu1 from 192.168.85.1 port 4461 ssh2
I can see that if I use the ldapsearch with same filter, I am not able to locate the user "ldapu1". However, if I change the filter to (|(objectClass=posixAccount)(uid=ldapu1))", it shows me the ldap user:
[root@redhat5 ~]# ldapsearch -x -b "ou=Users,dc=homeldap,dc=com" -D "cn=Manager,dc=homeldap,dc=com" -W -H "ldap://127.0.0.1/" "(|(objectClass=posixAccount)(uid=ldapu1))"
Enter LDAP Password:
# extended LDIF
# LDAPv3
# base <ou=Users,dc=homeldap,dc=com> with scope subtree
# filter: (|(objectClass=posixAccount)(uid=ldapu1))
# requesting: ALL
# ldapu1, Users, homeldap.com
dn: cn=ldapu1,ou=Users,dc=homeldap,dc=com
objectClass: inetOrgPerson
cn: ldapu1
sn: ldapu1
uid: ldapu1
userPassword:: bGRhcHV1MQ==
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Where I have made a mistake?
- Is it necessary to create an account on Linux box and then migrate it to ldap?
- I was just wondering if I can somehow change the default filter from AND to OR at the time of login. I used "pam_filter |objectClass=inetOrgPerson" in ldap.conf.
However, it didn't change the filter.
View 5 Replies
View Related
Mar 19, 2010
I was trying to configure user authentication in SSH using certificate method.As u all know the usual way of authentication is using the ssh-keygen method. But i want the another method where we create a certificate key and send it to the CA, which signs it and send back etc etc.I cannot find any unique procedure in the net to configure this method.
View 3 Replies
View Related
Oct 25, 2010
I have squid proxy authenticating Internet users with LDAP. It's working well. But I have problem when I authenticate to squid proxy to login to Yahoo Messenger. Each time, I login to YM application, the squid proxy popups many authentication windows. These confuse users when they you YM. I checked in squid access log and see that: when users use YM application, the application requests the following links:
[code]...
With each link, squid requires one authentication window. Do you have any ways to squid require only one authentication window when users use YM?
View 2 Replies
View Related
Jul 9, 2010
I'm working on a work project related to Web (Client) authentication and DOD Common Access Cards. But I'm having difficult getting the details about what happens on the CAC side of things.
I familiar with the PKI system as it applies to e-mail. (Correct me if I err, of course.) If you want to sign an e-mail (i.e., so it can be authenticated by the receiver) you use your private key to add a digital signature to the message. Then, the receiver uses your published public key to determine if the digital signature is valid, i.e., was created using your private key (even though the receiver never actually has access to your private key).
So... my questions:
1) When a person with a DOD CAC visits a CAC-enabled web site, and the server grants access after the CAC is inserted, is the authentication process fundamentally the same as what happened with the e-mail authentication?
2) If the private key is used in this process (it would have to be, correct?) is the signature created on the CA Card electronics (i.e., the private key remains on the CAC)? Or is the private key copied onto the computer, which uses it to create the signature?
View 1 Replies
View Related
Aug 27, 2010
just migrated to Lucid from Jaunty and noticed that the login startup screen looks more like windoze (shows all authorized users).One of the endearing security checks with Unix was that if you had access to a console you had guess both userid AND password - the system wouldn't tell you which was wrong.I feel that we have lowered security by making the list of authorized users visible on a console. Is there any way to turn it off and force users to enter both userid and password?
View 4 Replies
View Related
Sep 8, 2010
Whenever I login as root, an e-mail with the subject "Security information" is sent outwhere the e-mail address for this message is configured? I need to change it (or perhaps disable it).
View 9 Replies
View Related
Oct 8, 2010
if you go to Edit > prefs > security and choose to show saved passwords they are displayed without entering root pw. This seems to be a huge security hole. How do we fix this?
View 8 Replies
View Related
Mar 1, 2011
I keep getting the above message when trying to login to my server using a private key,is there something I am missing from the configs here?Quote:
#$OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
[code]...
View 8 Replies
View Related
