Ubuntu Security :: Login By USB Key Only

Nov 28, 2010

I had a bit of a play with the pam-usb module today and thought it was very interesting. I can now log in to my computer using my SD card, which is pretty cool.I was wondering if it would be possible to make it such that the ONLY way to authenticate would be by means of this SD card. I realise that this probably isn't the wisest idea ever and I would be better off generating a really long, really complicated password and storing it away somewhere safe for when I lose my SD card (because it would happen).

View 1 Replies


ADVERTISEMENT

Ubuntu Security :: Login Panel Is Worse From Security View Point

Jan 19, 2010

ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?

View 5 Replies View Related

Ubuntu Security :: Updated Browsers Using Update Manager Have Lost Security Login Pages For Web Mail?

Mar 3, 2011

i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :

!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM

[code]....

View 2 Replies View Related

Ubuntu Security :: Bad Login Protocols - Graphical Login For Gnome Sizes Itself To Accommodate A User's Exact Password Length

Dec 14, 2010

I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.

And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.

View 9 Replies View Related

Ubuntu Security :: Startup Login Screen Security?

Aug 27, 2010

just migrated to Lucid from Jaunty and noticed that the login startup screen looks more like windoze (shows all authorized users).One of the endearing security checks with Unix was that if you had access to a console you had guess both userid AND password - the system wouldn't tell you which was wrong.I feel that we have lowered security by making the list of authorized users visible on a console. Is there any way to turn it off and force users to enter both userid and password?

View 4 Replies View Related

Ubuntu Security :: Security E-mails At Root Login?

Sep 8, 2010

Whenever I login as root, an e-mail with the subject "Security information" is sent outwhere the e-mail address for this message is configured? I need to change it (or perhaps disable it).

View 9 Replies View Related

Ubuntu Security :: SSH Login Is Using RSA Keys?

Feb 6, 2010

I'm having trouble logging in with SSH using RSA keys.

client: Karmic
server: FreeNAS (FreeBSD) ip: 192.168.0.100

I generated RSA keys on Karmic, added the id_rsa.pub to the authorized_keys file on FreeNAS, then removed the id_rsa.pub from Karmic (this is a poorly documented but necessary step I learned).My Karmic username is shawn, FreeNAS username is shawnboy.from Karmic it prompts me for my RSA key passphrase which it should do, but after I enter it, it fails and moves on to prompt me for my password. I know this isn't a FreeNAS forum, but this works perfectly using Putty SSH with RSA keys on Windows XP, so I figure it's more appropriate to ask here than in FreeNAS forums.

View 7 Replies View Related

Ubuntu Security :: 9.10 X64 Can't Login As Root

Aug 9, 2010

I've recently installed 64bit version of ubuntu 9.10 but the GDMsetup doesn't seem to be working as it was in 9.04 i mean to say when you type gdmsetup at console the login window pops up where i can check the check-box "Allow local administrator log in" under security tab. to enable login as root. since it is not working i've to type password every time when i install a package or create a folder in root directory or mount a drive which is quite irritating how can i login as root in gui mode etc... also is there some syntax which i can put into /etc/gdm/custom.conf so i can log in as root....

View 2 Replies View Related

Ubuntu Security :: SSH Login With Blizzard Authenticator?

Apr 27, 2010

I have seen that you can use PAM modules or recompiled versions of sshd to authenticate with a RSA SecurID token. But - they are kind of expensive to use at home.Would�nt it be great if you could use the Blizzard authenticator instead ? Its cheap and easy for home users to get their hands on !Link to the Blizzard authenticator Im refering to :

[URL]

View 2 Replies View Related

Ubuntu Security :: Log User Login Attempts Only?

Jun 29, 2010

How can I set up snort to only log and detect/capture logins using root or any of the "homeusers" login accounts or names?

View 9 Replies View Related

Ubuntu Security :: Unable To Login Using Su Or Sudo?

Oct 18, 2010

At the terminal prompt, I can't login using su nor sudo. I can only login as root at the dialog level. How do I correct this?

View 6 Replies View Related

Ubuntu Security :: SSH Login Attempts Using WINBIND ?

Oct 23, 2010

I have an SSH server on my laptop, and I'm using the default configuration file, but I added "AllowUsers <myUserName>". I get lots of login attempts like the ones below in my /var/log/auth.log.From Google, I find that pam_winbind allows some kind of Windows authentication. This leaves me with 2 questions. What does winbind do when I have not configured any Windows/Samba accounts? How can I turn it off?

Code:
Oct 23 20:01:49 muon sshd[24329]: User root from 201.116.17.163 not allowed because not listed in AllowUsers

[code]...

View 9 Replies View Related

Ubuntu Security :: Cannot Disable Auto Login?

Jan 22, 2011

I have tried everything to disable automatic login from the login screen (gdm). I've changed my password, I've changed the settings in System -> Admin ->Login Screen, and I've edited /etc/gdm/custom.conf (gdm.conf doesn't exist, but I created it just in case!).No auto login is set up, but I can't get it to ask for my password. This is affecting my ability to switch sessions, as I can't switch sessions without clicking on my name in gdm, and because it's set to auto login,

View 4 Replies View Related

Ubuntu Security :: Using Root As Daily Login?

Jan 22, 2011

It's my personal computer, no other users, no one else in the house. I'm behind a separate stand alone firewall (Checkpoint device). I'm the admin on my machine and I'm going to enter sudo, or login as root, every time I need it anyway.

There's no way that having to switch to root is going to make me stop and think about what I'm getting ready to do. In fact it's quite the opposite. If I'm in the midst of troubleshooting, I'm preparing to enter a command that I think is going to work, and I get "Permission denied"... The aggravation is more likely to reduce my logical thinking, and I'll immediately switch to root and type it anyway.

I DO understand the rational of setting users (even admin users) to a lower permission level. However I don't understand the lack of a command to make a user PERMANENTLY root equivilent. Switching back and forth is a waste of time. AND it means that I now have to deal with two home directories... /root and /home/user. Having to type sudo, or su to switch to root, does not protect my system. It only aggravates.

View 9 Replies View Related

Ubuntu Security :: How To Disable Login Prompt

Feb 17, 2011

How do I disable showing Usernames? I want to be prompted for BOTH un and pw. If it is necessary I could just change it so that it boots into a fullscreen terminal so that you would have to input "startx" and then username and password. Or I could just change it through gui or 3rd party software.

View 7 Replies View Related

Ubuntu Security :: Different Passwd LOGIN And ROOT

Mar 8, 2011

Is there anyway to have a different password for login and root? For example, my account is Bratu. I want a login password: ABCD and my root password: EFG

View 1 Replies View Related

Ubuntu Security :: HOTP Authentication At Login?

Jun 25, 2011

Does anyone know if/how its possible to integrate HOTP authentication into GDM login manager? Basically what I want to do is have it ask for the password of the account, then another prompt come up asking for the code for the account.

I know how to set it up, but I'm know if modifying the PAM module for requiring OATH/HOTP authentication will make this happen or if it will just break the system...and this is one thing I don't want to have to fix.

View 1 Replies View Related

Ubuntu Security :: How To Lock Terminal On Login For User

Apr 22, 2010

I recently set up a family computer for a friend, and now his son is "experimenting" with the terminal (randomly entering commands). since he could accidentally do something bad, I am supposed to prevent him from using terminals, but only as hi user. I tried vlock and away, but with vlock it says 'this terminal is not a virtual console', and away can't seem to lock all consoles.

View 9 Replies View Related

Ubuntu Security :: Setting Up Public Key For Passwordless Ssh Login

Sep 8, 2010

I can't get this to work on my machines.

So far I have:

1. created a key with ssh-keygen on the server to be logged in to
2. copied the .pub key to my local machine
3. chmod 700 ~/.ssh on both machines
4. chomd 600 ~/.ssh/ic_rsa on the server, and on known_hosts on my local machine
5. added the .pub key to ~/known_hosts on my local machine

my local machine doesn't have an "authorized_keys" file which is what everything is telling me I should append my .pub key to. The only thing that was in my .ssh folder was known_hosts, so I tried that. I also tried making an authorized_hosts file to no avail, changing permissions appropriatly on all files.

Should I/Can I reset ssh in some way? Is there are reason I don't have an authorized_keys file or is my known_hosts file my authorized_keys file?

Would it be better just to uninstall/reinstall ssh?

View 2 Replies View Related

Ubuntu Security :: Disable The Password Request When Login?

Sep 28, 2010

How can I disable the password request when i login? Not the password for the user but the password to connect to the net?

View 5 Replies View Related

Ubuntu Security :: Keyring Doesn't Unlock At Login?

Oct 11, 2010

I have a problem where I am asked to unlock the keyring every time I use Evolution.I enter my password on the user select screen and login and have evolution save my email password but whenever I open the program it asks for the same password as I use to login. For security reasons I need to have my password requested at login but don't feel I need it for evolution as I thought my email password was enough.

View 3 Replies View Related

Ubuntu Security :: Benefits Of Login At Boot Up After BIOS?

Oct 16, 2010

I just have a simple BIOS password when I boot into my machine. Should I also have the standard login password as well? In other words, what benefit does the login at the boot up, (after BIOS) really give and would you recommend a good or better security process?

View 2 Replies View Related

Ubuntu Security :: SFTP/SSH Alternative To Root Login?

Oct 20, 2010

On my Ubuntu 8.04.4 LTS webserver I desperately want to disable the Root account. But at the moment I am unable because I prefer to use Nautilus/Dolphin on my home laptop for SFTP. The graphical interface also helps when comparing multiple config files at once, something that being limited to NANO or PICO would make extremely painful. The problem is that if I don't use ROOT I can't perform any SSH or SFTP actions with a graphical interface, because I can't use SUDO without the terminal. Does anyone else leave root enabled? I have a non-standard port, disabled password authentication in favor of ssh keys, and I have a tarpit configured

View 2 Replies View Related

Ubuntu Security :: Different PWD For Login And Mounting Encrypted /home

Nov 13, 2010

I've just reinstalled my box with an encrypted home (used the encrypt home option when installing). I have a query in this regard - suppose I lose the box. Won't it be possible for someone to drop into root, reset my passwd and then access my /home. Is there anyway of having a different passwd for accessing /home? My ~ is on a different partition from /.

View 3 Replies View Related

Ubuntu Security :: 10.04 With LDAP Cannot Login Through GDM But Works Fine With Su?

Nov 16, 2010

I have a working LDAP-server (I belive!!) I want my laptops to authenticate against the server, when they logon. That works fine as long as the network is present. But I also want the users to be able to log on, when the network is down. When I go to a terminal (without network) I can su to another LDAP-user.I can login via graphical login-screen with the network attached, but not when it is disconnected.

In a terminal id john gives me information about the user john.

My conf. files looks like this:
/etc/ldap.conf
host 172.16.0.138:389
ldap_version 3
bind_policy soft

[Code]...

View 1 Replies View Related

Ubuntu Security :: Turn Off SSH Root Login On Version 10.10

Mar 10, 2011

I'm trying to turn off SSH root login on Ubuntu 10.10. However, changing PermitRootLogin=no (/etc/ssh/sshd_config) do not work. Here is the sshd_config:

[code]...

View 9 Replies View Related

Ubuntu Security :: Block Multiple Ssh Login Attempts?

Mar 22, 2011

I am running a ubuntu server 10.10 with SSH, and OpenVPN. I use it mainly for the VPN, but I have seen log in attempts such as:

Mar 22 14:52:53 UbuntuSvr sshd[2397]: Invalid user support from 85.217.190.69
Mar 22 14:52:55 UbuntuSvr sshd[2399]: Invalid user student from 85.217.190.69
Mar 22 14:52:57 UbuntuSvr sshd[2401]: Invalid user transfer from 85.217.190.69
Mar 22 14:52:59 UbuntuSvr sshd[2403]: Invalid user user from 85.217.190.69

[Code]...

Is it possible to make it so when some one has tried logging in 5 times with an invalid user/pass that the ip is banned for 10 minutes? I have password auth set to no and am using keys.

View 7 Replies View Related

Ubuntu Security :: Capture User Password On Login?

Apr 4, 2011

Second off, I'm trying to capture a user password on login (through gdm) such that I can re-use it for a service like Kerberos or AFS. The idea is that the user has to log in only once, and then I renew the tickets and tokens until they log out again. If there's a better way to do this

View 4 Replies View Related

Ubuntu Security :: [SSH] Gssapi-with-mic Password-less Kerberos Login?

May 13, 2011

I'm trying to login to a server using gssapi-with-mic authentication against one of my school's machines that supports this mode of authentication. I have these kerberos packages installed:

batrick@menzoberranzan:~$ dpkg -l | grep krb
ii krb5-config 2.2 Configuration files for Kerberos Version 5

[code]....

View 1 Replies View Related

Ubuntu Security :: Ssh Auto-login Only Works When Im Logged In?

Jun 1, 2011

i have setup auto ssh login for my server. And it works, but only when i have a active connection. if i use "ssh server.com" it asks for my password. If i then open a new terminal and issue "ssh server.com" it logs right in. I really don*t understand whats wrong.

I have tried setting up 2 virtual machines on my local computer and with the same setup it works fine.

SOLVED: my home folder was encrypted, so when no users were logged in the home folder was unmounted

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved