I wonder if it is possible to have two passwords for one user account in 9.10. I have a long login password (5 words about 45 characters with spaces caps). I would like to set a shorter password for Authentication, sudo, etc. While retaining the original for logging in.In short:Have long password to login to computer.Have short password for everything after login.
View 6 Replies
Is it possible to have more than one password simultaneously attached to a login account in Linux?I'd like to be able to add a temporarily-authorized user to an account on my web server, but don't want to have to change the login afterwards.Even cooler would be if this could be done with a timer of some kind so the temporary password would auto-die after, say, 24 hours.
View 1 Replies View RelatedIs it possible to have two passwords associated with one account, one that is the actual one, and another one, a duress password, that upon entering gives a similar (desktop) environment with "decoy data"?
The idea is to have the bogus password go to an encrypted home drive that looks as if it were the real deal, but it is wiping particular sensitive (encrypted) data that is visible only with the real password in the background, so that the actual data that need to be protected are not compromised. While the person who unlocked the computer tries to find the information on it between all the rubbish files, the real files are securely wiped. The files are very sensitive in nature, so it's better to have then destroyed than have unauthorized people access them, in the event of that happening.
I happen to know that TrueCrypt has a similar option but that requires an entire decoy operating system (and I think that might be a bit conspicuous), but is there a native linux way to do it?
I am having a problem with some users who get locked out after more than 3 failed attempts at login. This is exactly what I want to see - they will eventually remember those stronger passwords (maybe?) - but how do I re-enable their access? I haven't tried this on a live box but I can easily recreate the situation via vnc to the server in question and I assume the result would be the same. I like the policy that leads to this but I do need to let them back in - eventually. Where is the blacklist kept and how do I edit/reset it?
View 3 Replies View RelatedI have an ubuntu server set up in which i would like my shared media directory to be accessable with multiple usernames / passwords because I use my admisistrator username and password for samba as well, but I do not want to give out that password to all clients in my house. And, I would like to have write permissions but keep other users to read only. Is this possible or do i need to just make one separate username / password for samba sharing?
View 1 Replies View RelatedI'm planning to centralize users and passwords and also create controls for user access to some equipment, for example, Linux Servers, Switches, routers and firewalls. In case of failure of the link between the ACS and AD or equipment to the ACS, this device would use local username and password.
At the moment, my AD structure is a Microsoft, Cisco ACS servers and Linux Standalone. I wish that both linuxs servers and network equipment were authorized by Cisco ACS on the accounts that are in Microsoft AD.
The configuration of the Cisco ACS to use the AD is done and no problems, the network equipment is OK too, but am having difficulties configuring the server for this solution.
I'm trying to write a mass reboot script in the event of a power outage (servers go to UPS for some 15 minutes or so and shutdown uncleanly). What I have is a set of 6 common passwords which will be prompted for per ssh connection, is there any way I can cycle through this password list
Code:
#below is an example of how this is constructed, IP's are used instead of hostnames due to the possibility of a DNS server being offline.
SERVERSRM1="1 2 3"
SERVERSRM2="110 120 130"
For i in $SERVERSRM1; do ssh -n root@192.168.0.$i "hostname && shutdown -y -i5 -g0"; done;'
for i in $SERVERSRM2; do ssh -n root@192.168.0.$i "hostname && shutdown -y -i5 -g0"; done;'
Each time the code is executed I'm prompted for a password (it's always one of 6 passwords). It would be quicker to have the passwords be cycled through.
I realise this is basic code at the moment but it will eventually allow for a specific set of computers to be shut down based on what power supply they're using. Authorized keys not really an option given the scale of computers (some 300 or so).
On other editions of ubuntu server I had no problem saving multiple users and passwords with htdigest but now it seems it is only possible to save one user and password.
Code:
sudo htdigest -c /etc/apache2/passwords directory user
When I add a second username and password for the same directory it overwrites the first.
I was wounder if there is a way to add two different passwords for one user.
View 14 Replies View RelatedI am not very security minded...I'm aware of it, and always made sure I had up-to-date overall protection in Windows but firewalls, and the blasted passwords are largely a thorn in my side!When I got my iPhone last year I suddenly discovered password managers & "wallets" to keep all that kind of information in and syncable across different devices. My life got so much easier. Of course now I need to figure out encryption keys, and how they work (I'm clueless). I also need to find a program or system that I can move my existing low-tech info (mailnly user name & passwords) that will also accomodate the increased needs of Ubuntu security and still be sync-able. I started a little research weeks ago, but my current "wallet" only exports .csv so I quit since I'm going to have to do a lot of data entry whatever I go with.So here goes:
1) what is the difference (bare bones) between using an encryption key (e.k.) vs. a standard user created password? what situations are better suited for e.k.?
2) I have seahorse (default intall with Ubuntu I guess) but the only thing in it is Login under passwords which leads to a login keyring (?) and a drop-down list of about 6-10 of the gazillon passwords I use daily. The other tabs are for keys which I don't have any concept of.
3) I know FF also "remembers" user id & passwords as you choose to have it do so. Is that information transferable into seahorse or another program?
4)I'm also (today) getting ready to really set up my system for user names & security across my little home network. How can I integrate that into whichever program/app I go with to store my pwds and keys?
5)give me links to fairly current documentation on this stuff?
6) Any program/app recommendations.Pros/cons uses, what they can & can't do or be used for, etc.
I've just installed 10.04 x64 and I've had some problems with samba (cifs/windows file sharing). It seems like samba is forgetting user passwords, so on every reboot I have to add a password for the user that needs access: sudo smbpasswd -a tietze
I've tried restarting samba (sudo service sbmd restart), but it does not work. I have to add a new password for the user with the command above.
I tried to google a bit for a solution, but only found the following thread with a problem that seems related: [other] Samba forgets user
making samba remember passwords betweeen reboots/shutdowns?
I just did a clean install of Natty yesterday and have been setting it up for my children and myself. I am trying to set up desktop user accounts for them without them having to put in a password for themselves but have not been able to change this via system/administration/users and groups. Is this a bug or is this feature (turning off passwords at login) turned off in Natty?
View 4 Replies View RelatedI use Ubuntu on my netbook, which I uses for browsing and email. It's way faster than the Windows which came on the machine. That's a nice feature, as is the price.
I like it except for the constant, perpetual, ever-present, super-annoying need to be entering passwords and "becoming root user" and so on. I am the only one using this appliance. I don't even care if someone steals it, really. There must be some way (I hope) of disabling this idea that I am a CIA agent with TopSecret materials.
I just want a simple, easy to use appliance. If not Ubuntu, is there any distro that is aimed at normal people?
DRG SSH Username and Password Authentication Tag Clouds
View 3 Replies View RelatedLately I adapted my /etc/fstab to mount samba shared network drives. I had to put the password in the configuration file in order to log in automatically. Isn't there another way? It feels a little akward to me to put passwords in a plain text-file.
View 2 Replies View RelatedI was wondering if someone had a logical reason and therefore complete, hopefully that makes total sense, for why when I install Ubuntu I cannot use the 'sudo' command either with root or user passwords. Even if I try to edit the permissions for sudoers, I still recieve an error message that says access is denied and so as the root user on my pc I don't understand why I can't put my name in the sudoers file or use the sudo command with the correct password.
View 9 Replies View RelatedHow to I get linux to stop prompting me for a password and remember it? For instance, when using the root user, I always get prompted, but I would rather only be prompted once per user session.
View 1 Replies View RelatedI am doing samba file sharing. I got struct in problem relating reading passwords. I have to read password whatever user enter from web interface and process it. And through that password and username the user must log on from windows system. I have to write appropriate shell script for this. this is all i am doing for sharing files through samba.
View 2 Replies View RelatedI think ubuntu/canonical should start releasing a new flavour geared towards meeting needs of computer security professionals just like backtrack distro
View 9 Replies View RelatedHow would You encrypt Passwords [emails,forums,accounts] onto USB Flash the most Secure way? (It should be command line so I can use any Linux distribution on it.) Is gpg -c <filename> secure enough ? And what FAST distro would you install on it? I'm learning on old USB flash and found SliTaz pretty damn cool,I use it as a LiveUSB. Also I've tried Kubuntu but it's bit slow. Going to try Lubuntu soon too. Any other idea?
And I'd like to install some FAST distro onto new 8GB mini USB flash drive,maybe Kubuntu as well. How would you partition its Flash drive? Probably separate partition for stored encrypted files?
I downloaded a driver for my printer today and I opened it in the terminal. Then a window popped up saying "This opporation requires root (administrative) privileges. Please enter the administrative password below:" I typed in the same password that I use when authorizing the installation of programs from the Ubuntu Software Center and I tried it multiple times. Each time, it rejects the password. I even tried downloading something else from the software center, just to make sure the password was correct, but the system had no problem with the password when downloading from the software center. So, is my software center password different from my administrator password?
View 9 Replies View RelatedSitting at the console, I log in with any user name and NO PASSWORD IS REQUESTED. I get logged in automatically without entering the user's password.
I did:
passwd joeuser
To change his password and still he goes right in without being asked for a password!
Possibly related- 10 days ago, my smtp server was breached as a spam relay. The username they cracked was deleted. I added fail2ban for postfix. The logs show no further intrusion.
I have joined a number of websites over time and it seems harder to manage them. Would like advice on how to generate passwords and to store and keep track of them. I would like to hear of systems or programs that are good for this.
View 5 Replies View RelatedHow to make users, groups, paswords and their IDs be the same on several computers (for example, on cluster)?
View 6 Replies View RelatedAttempting to set up a Samba network from my SuSE 11.2 desktop to a windows laptop. Using YaST, a Samba server has been created, and allow users to share has been clicked. Identity is not a domain controller. no trusted domains have been set, and no LDAP settings have been set.
Right now, each computer can see the other over the network. When clicking on the network from windows, a window pops up requesting a user and password.
Konqueror sees both computers under smb://. It also has a window that pops up requesting user name and password. Where do I set up these user names and pass words?
I have couple of users in one machine. I can access the /etc/passwd,/etc/shadow and /etc/group files in this box. I have another box. I want to create some user accounts in the second box by just looking in the passwd, shadow and group files in the first box. I would just copy over the corresponding lines into the corresponding for whichever accounts I want to create as new and also change the lines for which I want to update the account information. Is this possible and will also the passwords work fine? Please also let me know there is any good tool for automatically doing this kind of stuff. Both the boxes that I have are Ubuntu machines though one is running Ubuntu 8.04 and the other is 10.04.
View 5 Replies View RelatedI would like to be able to store all my important details and passwords in such a way that it is encrypted, easy to get the information out and is cross-platform. Basically, I am thinking that if I kick the bucket that I would like to make it as easy as possible for others to be able to access this information using a pre-arranged password.
Ideally I would like the files to contain the program that is needed to extract the data i.e. importantinfoLinux.sh inportantinfoWin.exe (Just like a self-containing zip). I haven't found anything along those lines.
The things I am currently thinking of is:
1) A password database program that is cross-platform like KeePass. WIth the bundle contining the relevant installers for win, linux and OS X and the database file.
2) An AES encrypted zip of the data with relevant programs to open it e.g. 7-zip on windows, peazip on linux and OS X
Has anyone got any thoughts on this? Any self-containing java encryption apps?
As I am a paranoid bastard, I made a bash screencap-script for my Ubuntu-computer, so I can check if anyone uses my computer for things I don't want them to do (eg. checking if anyone is viewing passwords stored in FireFox, looking at private files, or other things I find disturbing). There might be other people than me that is paranoid and want to monitor what's going on on their computers while they are away or letting someone else use their computer when going to the bathroom.
This is a small script, I'd like to hear if there is any improvements that can be done, so I can learn more and become better at such scripting.
The script requires Imagick (sudo apt-get install imagemagick) and a folder in the ~-directory (/home/username) called ".screen" (hidden, as this makes it more difficult to "intruders" to find it and it looks more like a system-folder than a monitoring-folder).
The script:
Code:
#!/bin/bash
i=1;
j=`date`;
user=`whoami`;
[Code]....
Add this script to /usr/local/bin and then go to keyboard-shortcuts in GNOME and add a shortcut-key-combination of your own choice for the script. Call it whatever you'd like, and the command you want to run is simply "screen". To add a shortcut for stopping the script, you add another shortcut-key-combination to the command "killall screen".
This enables you to monitor activity on your computer while you're away, saving png-screenshots of your desktop every three seconds in the folder /home/username/.screen/date.
NOTE: I'm not taking any responsibility for what you do with this script. Remember that monitoring someone's activities is never the right way to handle anything. Also, it's illegal many places. Take care and use it only for educational and testing purposes.
if you go to Edit > prefs > security and choose to show saved passwords they are displayed without entering root pw. This seems to be a huge security hole. How do we fix this?
View 8 Replies View RelatedThe ubuntu installation came with my ubuntu (it does not matter which version etc.) Contains sshd_config file with this interesting lines:
# Change to no to disable tunneled clear text passwords
#PasswordAuthentication yes
The same lines are seen in many Ubuntu-related internet pages. This is quite surprising to see.
This seem to contradict to the fact that ssh was created specially to provide authentication (with passwords, of couse) but without sending them by internet as clear text like previous programs did. But I could not find any clear confirmations of that neither in Kubuntu-related documents no anywhere else. I put below fragment of a document from RedHat. This seem to imply that if one will use two "yes", the passwords will be passed in encripted form (and this is what is recommended by RedHat). Is that true? Is this true for Ubuntu too? Is the quoted line from sshd_config wrong? Or incomplete?
[URL] RSAAuthentication yes
The option RSAAuthentication specifies whether to try RSA authentication. This option must be set to yes for better security in your sessions. RSA use public and private key pairs created with the ssh-keygen1utility for authentication purposes.
PasswordAuthentication yes
The option PasswordAuthentication specifies whether we should use password-based authentication. For strong security, this option must always be set to yes.
