Ubuntu Security :: SSH Keys - Can I Create With Root Account

Aug 25, 2010

Can i login to my server using my root account and create a public+private key for one of my users and then manually paste it into his authorized_keys file and give him the private key?

The user im giving it to has a chrooted FTP account...

Is it still ok that i used the root account to create it? He is not going to have root access or nothing is he? This is not a security breach in any way is it?

The user doesn't have shell access to create their own so this is the only way i can think of doing it...

Also what access should the user have to their .ssh folder + the authorized_keys file...?

Are they allowed to read the key? What about write?

View 9 Replies


ADVERTISEMENT

Software :: How To Create Root User Account

May 24, 2011

I try to create a user who has the 100% permissions and roles as the root with following command:

Code:
useradd -c "ANOTHER ROOT" -d /home/root2 -g root -m -s /bin/bash root2

But it seems the user just in the group of root but doesn't have all the rights as the root.

View 8 Replies View Related

Server :: Create Backdoor Account To Use To Get In If Divulge Root Password

Nov 23, 2010

I have a Debian VPS webserver running a forum, and I'm currently looking for a secondary tech-admin. Since they'll have to have the root password for the server, I'm looking for a way to create a backdoor account that I can use to get in if they divulge the root password, or go crazy and lock me out. Is there a way to do it?

View 14 Replies View Related

Ubuntu Security :: Break In Through Disabled Root Account?

Nov 11, 2010

If root is disabled by default, how is it possible that someone managed to SSH into my computer using root? I never enable/set password for root, it's always left as the default as per a fresh install and I always use sudo for any admin tasks.Auth.logFirst there are a whole load of failed attempts then...

Code:
Nov 8 11:07:32 Morris-Desktop sshd[3601]: Failed password for root from 94.243.50.53 port 4360 ssh2

[code]...

View 9 Replies View Related

Ubuntu Security :: Guest Account Able To Authenticate As Root

Jun 25, 2011

I am trying to use a guest account in Ubuntu 10.10 however I am unable to stop the guest account from authenticating as a superuser and gaining root permissions dispite removing all permissions from the user-group control panel. The new guest account I created is not part of the admin group. However, with my new guest account I am unable to start a guest session from the panel, AND if I use the guest session from the panel I dont have the problem with the guest session being able to authenticate. How do I prevent super user authentication from an account in this situation? It seems that any account can authenticate and my /etc/sudoers file looks like this:

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL

# Allow members of group sudo to execute any command
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

View 9 Replies View Related

Security :: Create Fully Isolated User Account?

May 16, 2010

I need to create such an account that the user wouldn't be able to r/w any file which doesn't belong to it, even if access mode is set to o+rw. I guess normal chmod/chown won't help here... How can i do this?

View 2 Replies View Related

Security :: [LDAP] Account To Manage/create Only Specific Users?

Oct 19, 2010

Is there a possibility in openldap to allow a user to only create/manage specific LDAP users?For example user "mailadmin" may only create/manage mail accounts in LDAP that are named like "m1342895"? Or a specific list of user accounts that are in a specific group?

View 1 Replies View Related

Ubuntu Security :: Desire - Create A Bash Script That Launches Skype Under A Separate User Account?

Mar 13, 2010

I want to jail Skype into its own process and not the one I login with. That way, if a hacker breaks in, it's limited to this process and only the limited functionality that that user account has. The thing is this -- thousands of Linux guys run Skype, but Skype is hardly ever updated or have security patches, and we run it all the time. It seems like an easy avenue for an exploit. As well, my iptables firew all blocks input connections that I have not established, but Skype is an established connection. How do I create a Bash script that launches Skype under a separate user account?

View 3 Replies View Related

OpenSUSE Install :: Get Root Privileges On User Account Without Using Root Login?

Feb 5, 2011

i am having problems with privileges i have created a new user with my name, but i cant get root privileges on it. i need the same privileges as the root profile.

View 9 Replies View Related

Server :: Fedora Sending Mails From Root With Non-root Account?

Jul 14, 2011

I've started to get emails that would typically come from [URL] as [URL]. These emails come from services that send out emails (backup programs) directly, or from cronjobs. I've logged in as the non-root account and either sudo su - or su - to root and the restart the service at one point or another. If I login directly as root and bounce the service or cron the emails come across as from root. I don't see anything in my environment variables after I su to indicate what would cause this. I'm not sure where else to look? A pam setting? This seems to have happened between Fedora 10 and 14 (did a bunch of overdue upgrades recently) I've only got Fedora so I don't have anything to compare to. In Fedora 10 I did not have this problem.

View 2 Replies View Related

Ubuntu Security :: Security, Passwords & Encryption Keys?

Jun 7, 2011

I am not very security minded...I'm aware of it, and always made sure I had up-to-date overall protection in Windows but firewalls, and the blasted passwords are largely a thorn in my side!When I got my iPhone last year I suddenly discovered password managers & "wallets" to keep all that kind of information in and syncable across different devices. My life got so much easier. Of course now I need to figure out encryption keys, and how they work (I'm clueless). I also need to find a program or system that I can move my existing low-tech info (mailnly user name & passwords) that will also accomodate the increased needs of Ubuntu security and still be sync-able. I started a little research weeks ago, but my current "wallet" only exports .csv so I quit since I'm going to have to do a lot of data entry whatever I go with.So here goes:

1) what is the difference (bare bones) between using an encryption key (e.k.) vs. a standard user created password? what situations are better suited for e.k.?

2) I have seahorse (default intall with Ubuntu I guess) but the only thing in it is Login under passwords which leads to a login keyring (?) and a drop-down list of about 6-10 of the gazillon passwords I use daily. The other tabs are for keys which I don't have any concept of.

3) I know FF also "remembers" user id & passwords as you choose to have it do so. Is that information transferable into seahorse or another program?

4)I'm also (today) getting ready to really set up my system for user names & security across my little home network. How can I integrate that into whichever program/app I go with to store my pwds and keys?

5)give me links to fairly current documentation on this stuff?

6) Any program/app recommendations.Pros/cons uses, what they can & can't do or be used for, etc.

View 9 Replies View Related

General :: Using SSH To Log Into A Non-root Account Using Root Password

Feb 10, 2010

I am trying to log into a server with a particular account. Let's say I don't know the password for that account. Can I do this using ssh? I am wondering if it is possible to do it in one command, instead of logging in as root and running su.

View 4 Replies View Related

Security :: Security Of OpenVPN With Premade Keys?

Jan 2, 2010

Im a total beginner when it comes cryptography and networking. Finally managed to create a connection with OpenVPN on Ubuntu to a vpn provider called ivacy. On this page:http://ivacy.com/en/doc/user/setup/winxp_openvpn they give configuration files and keys, which I used. The question is, if someone wanted to see my network traffic, could they do it using the keys provided on that page. Reading the OpenVPN documentation i saw that it is also possible to create your own keys. Would that be more secure?

View 10 Replies View Related

Ubuntu :: How To Create A New Account

Mar 17, 2010

I making another user account. I checked in the System Settings (in the "Computer" tab in the Kickoff Application Launcher) and found nothing. Do I need to take a closer look, or is there another way to go about doing this?

View 4 Replies View Related

Ubuntu :: Can't Create New Account?

Dec 27, 2010

I want to create a new account (just so that I can change the uid of my current account to match my afs id)I have started out using the gui system->admin->users and group Everything seems to work but I could not login. I finally tracked ti down to the account being marked disabled. I unchecked the box in the disable account box (in the advanced settings) and apply, etc. but when i come back in it is re-checked

I tried in the command line
sudo passwd -S account_name
and i get back
account_name P 12/27/2010 1 90 7 -1
i think the -1 means it is disabled

[Code]...

View 3 Replies View Related

Ubuntu Security :: Where To Put SSH Keys

Jan 13, 2010

I have generated SSH *.pub and *.ppk keys.

Where should I put them so that they are automatically used and available when e.g. issuing an ssh ....

command in Terminal?

View 9 Replies View Related

Ubuntu :: Create A New User Account?

May 9, 2010

how can I create a new user account?

View 2 Replies View Related

Ubuntu Security :: SSH Login Is Using RSA Keys?

Feb 6, 2010

I'm having trouble logging in with SSH using RSA keys.

client: Karmic
server: FreeNAS (FreeBSD) ip: 192.168.0.100

I generated RSA keys on Karmic, added the id_rsa.pub to the authorized_keys file on FreeNAS, then removed the id_rsa.pub from Karmic (this is a poorly documented but necessary step I learned).My Karmic username is shawn, FreeNAS username is shawnboy.from Karmic it prompts me for my RSA key passphrase which it should do, but after I enter it, it fails and moves on to prompt me for my password. I know this isn't a FreeNAS forum, but this works perfectly using Putty SSH with RSA keys on Windows XP, so I figure it's more appropriate to ask here than in FreeNAS forums.

View 7 Replies View Related

Ubuntu Security :: Difference Between GPG And SSH Keys?

Feb 9, 2010

Short description of the difference between GPG and SSH keys?

Also, is it possible to combine the two keys? Meaning I can just use one key for both applications?

View 5 Replies View Related

Ubuntu Security :: Ssh Keys Can't Be Found

Sep 29, 2010

Scenario 1. I am doing this from /home/deploy directory I am trying to set up ssh with github for capistrano deployment. this has been an absolute nightmare. when I do ssh git@github.com as the deploy account I get Permission denied (publickey). so may be the key is not being found, so If I do a ssh-add /home/deploy/.ssh/id_rsa Could not open a connection to your authentication agent. (i did verify that the ssh-agent was running) If I do exec ssh-agent bash and then repeat the ssh-add then the key does get added and I can ssh into github. Now I exit from the ssh connection to my server and ssh back in and I can't ssh into github anymore! Scenario 2 if I login to my remote server and then cd into my .ssh directory and ssh into github then it all works fine I guess there is a problem with locating the key and for some reason the agent isn't funcitoning correctly.

View 2 Replies View Related

Ubuntu Security :: Single Use SSH-RSA Keys?

Jul 20, 2011

My primary Ubuntu server has SSH exposed to the internet so I can remotely access it. I have configured OpenSSH to use only RSA key authentication. Each computer I use has a separate RSA key unique to it. I also have a unique RSA key on a USB thumb-drive I carry with me. The purpose of the USB key is for emergencies if I have to access the server from some remote system. The problem is that I may not trust the remote machine (university/public library computer for example).

What I would like to do is have a set of one-time use RSA keys that, after I log in to SSH with them, are removed from the authorized_keys file. This would hopefully keep my system safe even if the remote machine I was using was compromised and had copied my private key and key-logged the password I used to decrypt it. I would like to have these keys be separate from the keys I have for my trusted computers.

View 3 Replies View Related

Ubuntu :: Create New Administator Account In Terminal ?

Mar 30, 2010

Whilst playing around with my computer the other day i accidentally set the workspace feature to have 36 workspaces. This subsequently caused my computer to run very slowly and both panels and the bar at the top of the windows (with the close and minimise things) to dissapear. This means that i can no longer open programs easily (i have to open a folder from the desktop and then navigate to filesystem/usr/shared/aplications and then open them from there and only a few have full functionality. They also run very slowly. I have been looking for options to change it back but cannot. I have managed to use terminal to create a new working account although it is not an administrator account which i need it to be.

How to do one of the following:

A) Fix the first account (restore it to working order)

B) Make the new account an administrator in terminal (I have tried to using users and groups but it freezes)

C) Create a new administrator account in terminal

View 9 Replies View Related

Ubuntu :: Create A Limited User Account?

Jul 19, 2011

Can we create a limited user account in ubuntu like XP where user can not be able to change its networking settings (like changing IPs / enable & disable netwrok interface).

View 9 Replies View Related

Ubuntu :: Skype Just Grayed Out When Try To Create Account / Fix It?

Feb 22, 2009

So Skype installed after an error with msttcorefonts (it seemed to resolve itself - not sure how), but now I am unable to create a Skype account. On the "Create a new Skype Account" screen I fill in all of my information and check the little box saying that I've read all of the licensing conditions, but the "Sign Up" button does not activate for me to click...it's just grayed out. My original installation error said that it was unable to install all dependencies, and that errors were encountered while processing msttcorefonts. Could these issues be related? How do I fix it?

View 4 Replies View Related

Ubuntu :: Can't Log Into Root User Account

Feb 5, 2011

I was changing my GUI settings in XFCE in my root user account on Xubuntu when suddenly I was logged out and the computer shut down.

(I have done this before with no such trouble...)

Now I can't log into my root account all I get is a blank screen for a few seconds then I'm back at the log-in screen, the other account works fine.

(This is on my Xubuntu 10.10 laptop BTW...)

View 5 Replies View Related

Ubuntu Servers :: FTP Without The Root Account?

Mar 3, 2011

I try to use FTP to put new files and catalogs on my server and I always run into problems that I have not the right to create catalogs and files in the named catalogs and so on, it is very annoying.Is there a way around this problem or do I have to activate root account to not run into these problems all the time? I have worked with different UNIX-versions and variants for the last 15 years at least and have always had access to root account, why is it so dangerous to have access to root account in ubuntu?

View 3 Replies View Related

Programming :: Python: Create Variables From Dictionary Keys?

Jan 31, 2011

I have a situation where i need to turn a dictionary entry into a variable. I think i'm close, but am getting a syntax error (quoted at bottom)...

Code:
## Parameters.py
def dictionary_function():
p = {}
p['param_1'] = 10

[Code].....

View 5 Replies View Related

OpenSUSE Install :: Create A Root Backup Image Of The Root Partition ?

Oct 12, 2010

Since I installed MS2 I messed up grub. Finally I got 11.3 back to its old glory.

What would be the best procedure to create a backup image with all settings and permissions ...just in case ?

View 5 Replies View Related

Ubuntu Security :: SSH Keys Only Good For Specific PC?

Feb 11, 2010

I have enabled ssh key based logins for one of my servers and disabled normal password based logins. It just occurred to me that the public key which I generated on my pc, and uploaded to the servers authorized_keys, may in fact only apply to my local PC / user account. So basically if my system crashes I would have no way to login to the server...? Is it not possible to "share" public keys so other people (PCs / accounts) can use them?

View 3 Replies View Related

Ubuntu Security :: Removing 'trusted' Keys Ssh?

Feb 19, 2010

I've installed the ssh server on my Ubuntu desktop and the very first time I accessed the server from my laptop, it got a message asking me whether to permanently add the key of the server. After I added this, it gave me a message saying that the key had been permanently added. My question is how do I remove this key? I just want to know how to do this because I'm going to disable password based logins and I want to start anew.

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved