I was apparently invaded this morning via my private FTP server. The invader logged in with my user name and apparently knew the password for the account,The system is Hardy LTS 8.04.4, fully updated. I have backups that pre-date the intrusion, stored on another system, so am not totally averse to reformatting and reloading everything -- although I'd like to avoid it if possible.The "passwords.txt" file contains only a few passwords for online forums, including this one; it does not include anything critical such as banking information. I'm most concerned about the implications of the ssh config data...
My case is that, the LADP user connected could not login via SSH. This user could login in the system console. And all the other users could login within ssh. And I was wondering whether any one could suggest which place to check next. And here is the detail: I was using SUSE 11.3 when I met this error. PAM module is used, and the corresponding files in /etc/pam.d/ have all been updated. Here is what I've added:
I made a Desktop User account. When I went on that account, it allowed me to execute sudo as if I was an administrator. I don't know what might be causing this. I do have ufw set up and blocking incoming connections. Do you guys know what might be at the root of this?Also, when I used sudo from the user account (which I shouldn't have been able to do), I provided the password for my admin account.
created a user but i forgot to change the home directory permission.so after user created when i go to the user and group mangement i cant see that permission filed related to the home permission directory.my purpose is to stop accessing other user to my home directory,how it can be possible??
I've been looking for this feature for months and couldn't find a solution for this. Does anyone know how to create users and limit the user to a specified directory?
I've got a samba share on a linux server, connecting to it with a windows 2k3 server via tools > map network drive. The goal is to be able to use windows to change the security of the samba share. The good news is it works! The bad news is it's not QUITE perfect:
The share is called /company. I started with the following to give everyone access to everything, set the owner of the share to administrator (my domain admin on the Windows domain), and set the group owner to domain users (group that everyone on the domain is part of):
I then mapped the drive as a regular user, and of course, can access/modify/delete/rename/create anything I want. Then I picked a folder to lock down. Let's call it /company/myFolder. I did this on the Windows server by mapping the drive as administrator (the owner), right click > properties > security tab > advanced > highlight "domain users" and "everyone" and click edit > clear all (i.e. remove all access). Go back to Linux and
[Code]..
The only issue that remains is that I am able to rename/delete "myFolder" as a regular user. I thought this was coming from the "acl map full control = true" parameter in smb.conf, but I changed it to false and verified the change and it still happens. If I remove group and world write access to /company, I am no longer allowed to rename/delete myFolder, but then I can't create a new folder. If I add group write access back in I can create files but can also rename/delete folders within /company that have --- specified for group access. Any ideas what I need to tweak to make this right?
I'd like to limit ps aux command outputs to current user only(the one, who invoked "ps". I've recently saw this feature on FreeBSD systems and on at least one Linux system running on shell.sf.net. I run Linux 2.6.33, I wanted to know how to make that. Any advice? Googling around wasn't too successful, perhaps I don't know how to query that, recently tried with "limit ps outputs" "ps aux current user", etc... had no luck.
This is probably trivial, but i can't seem to find the solution myself. I have donated my old laptop to a "public" one for everyone that hangs around my house. I've made a extra user account on it, so now it has two, one for me (fafler) and one for everyone else (bruger). Fafler can sudo to do stuff as root, bruger cannot, as i wrote the password on the laptop and i don't want anyone to mess it up beyond making another clean account.
Now, to get root access from the bruger account, i need to
Code: bruger@carbon:~$ su -c "sudo whoami" fafler Password: [sudo] password for fafler: root bruger@carbon:~$ and i need to sype my password twice.
So, how do i setup sudo to ask for fafler's password instead? Or are there any other neat tricks to get around this?
I have (my) main account, which I have root access. I also have other users which can login, I setup wvdial shortcut on their desktop, but it won't allow them to use it because they aren't in sudoers list. I do not and don't want them to have access to other hard drives or root. How do I accomplish this? I did a chown on the wvdial file in ppp to myself, and added read access for other users, but still won't let them use wvdial due to sudoeers.
This is in ubuntu hardy with a multiboot vista/xp/hardy laptop. BTW, wvdial works great in my account/desktop.
Having trouble adding a regular user with ssh access on Hardy 8.04. I can ssh into root, but not into the newly created regular user with the same ~/.ssh/authorized_keys
Code:
sshd_config has: AllowGroups sshlogin AllowUsers user root
[code]....
what could be preventing ssh login to ~user? And yes I would like to disable root ssh access, but it would be nice to be able to ssh into user first
I wanna make a small web server for local use , I've installed apache, every thing works fine I'm the root
I wanna protect the folder that contain the htdocs files (www), i don't want any users that not in root group to access (not even read)
I changed the permission of the htdocs folder as next
Owner: www (apache user) per: creat , delete group: root per: creat , delete other: none
it only works on the main folder that i changed its permissions ! not all sub folders and files ! were my steps right ? and are their anyway to change all folders and files at once ?
When james logs in he access his folder BUT he can also access other user's folders. How can I prevent his access to others? I wish to restrict his account to his folder only (he can read/write).
I have searched somewhat this forum but haven't yet found a similar post using the keywords I entered but perhaps there is already a similar post then please refer me to it.I am trying to add a user account "Guest" to allow people on my laptop without giving them access to vital parts of the computer. Basically, I want them to only be able to view their own home directory and access internet. Nothing more.I have set the group to "guest" and changed the other home directories of other users to owner access only.
Guest still has access to root and is still allowed to perform actions in various critical areas (deleting files from for example my Windows 7 partition). This I also want to prevent. I was thinking to set each directory's permissions to Owner and Group only and remove Others access.My questions:
1. Will this have any undesirable impact (programs of main user accounts not able to access certain directories)? For guest user I don't care as long as internet works. 2. When I start User Manager and disable for Guest all options except "access internet" (so I also disable access to CDROM), the guest can still access the CDROM. Does this mean the User Settings menu has no effect or is overruled by something?
What would be the effect of setting ProFTPd's user and group to the same user and group that Apache use? Are there any security risks in doing this, or is this safe to do?
My daughter has forgotten her password on our desktop system. Note this is not the admin user (me) so I can sudo nautilus to recover her files. All info online seems to pertain to recovering administrators password is there any way of recovering a non admin password? Ubuntu 9.10 but about to be upgraded 10 10.
I would like to allow a user to login through SSH but with differentpermission coming from different ipaddress.For example, a user "tester" login to SSH through 192.168.1.1 andanother user login with the same login id "tester" but from differentip 192.168.1.2.How do I restrict 192.168.1.2 to only allow for viewing the content inthe home directory while giving 192.168.1.1 full access?I got a suggestion from some oneApproach 1) Based on the ip you change the shell. If it's just for read only ajail would be fine.but how do I change shell based on IP?Approach 2) to have two ssh instances. Let's say port 22 and port 24. Port 22 isfor read only, while port 24 is for full accessso how can it be possible to give port 22 only read only access to SSH
I started up my computer and suddenly, I saw that there was a new user account. I didn't create it and no one else uses my computer (let alone has access to user account creations). It was called dtc. It didn't seem to have any privileges and the only file in its home folder was called Examples. Should I worry that I might have some kind of malware? I deleted the user and the folder (and it came back after a while). It's main group is dtcgrp. The User ID is 1004.
Suddenly I am not in the sudoers file. I am not sure how to recover from this. I have no grub screen at bootup, so I can't boot into single user. I think I am going to have to boot a live version of ubuntu to start with. Is that right? What's next after that? Also, how could this happen, I haven't touched the sudoers file or added users or anything like that (well not that I am aware of) I am a little concerned that this may be the result of someone breaking in? Would this be a likely symptom?
perform below activities please guide how to do perform below activities.Make sure the Guest account is disabled or deleted.-Disabled or deleted anonymous accessSet stronger UserID policiesSet Key Sensitive UserID Default enable in linuxCombination of numbers, letters and special characters (*,!,#,$,etc.)
set a Linux user (RHEL 3.x and RHEL 5.x) to no direct login via ssh but still allow an su to it from other accounts. setting the shell for the user to /sbin/nologin, which, according to the Google hit, should not affect an su to the account. I tried that and when I attempt an su to the account, the message received is "This account is not currently available".
I have recently moved back to Linux as my primary desktop platform and have begun to use ssh keys for a lot of things. Logging into remote machines but also things like github, bitbucket, and a mercurial-server instance. The managing of my keys has become a little cumbersome. For example, I have the following OSs that I may use on any given day:
- Primary Linux Desktop - Laptop w/ Windows 7 - Laptop w/ Linux - Local Linux Server - Production Linux Server
On each of those OSs, I have a user and from any of them I might need to pull code from a mercurial-server instance. That means I have to setup five "users" on the mercurial-server instance to give just one person (me) access from all locations. So, I was wondering what the best practice for this setup is. Can I use just one key pair for "me" and install the .pub key on all my systems? If I do that, then on most of those systems, the .pub key will be installed and also be in the authorized_keys file (i.e. I want to be able to login to the production server from my local linux box but also be able to login to mercurial-server from the production server), is that a problem?
Finally, I have been wondering about the wisdom in using the same public key for all services. For example, I currently use the same key to login to my production linux server as I use to login to bitbucket. If there was a malicious admin at bitbucket, or any third party I am using a key with, then they can get access to my user on my production system b/c they know my .pub key.
I've written an article on my site which lays out steps for installing Wine and running it under its own, separate user account, so that Windows applications cannot access personal files (particularly those in your home directory).[URL}..i'm hoping that there are people on this forum who know Ubuntu inside-out, as I'd like to know how effective the described method is at trapping Windows applications so that they cannot read or write personal files or directories.
The way I understand it, once the process is running under user account wine, it's stuck with the access privileges of user wine. But are there ways in which a rogue application could break out of this prison and gain access to whatever it wishes? I'm guessing that such behaviour would mean someone customising Windows software to recognise Linux, and that such a thing is very unlikely, but I'm still interested to hear what gurus of the Ubuntu internals think of this method.
Any Linux machine (except PCLOS) that I log into as root user seems to not start networking. I haven't tried sudo /etc/init.d/networking restart , to see if it does start, because anytime I DO this, it's for 'local' work. How about default root user configuration settings???
I'm currently creating a simple sh file which will copy the contents of a certain directory to / directory. in my sh file:
Code:
cd "$DIR" for i in *.*; do sudo cp -iv "$i" "$DEST" done
but this requires user password. can i add the user password in my sh file? how? I'm trying to do this because I have an application to run the sh file and the application has no way to enter the password..
I recently set up a family computer for a friend, and now his son is "experimenting" with the terminal (randomly entering commands). since he could accidentally do something bad, I am supposed to prevent him from using terminals, but only as hi user. I tried vlock and away, but with vlock it says 'this terminal is not a virtual console', and away can't seem to lock all consoles.
I'm trying to edit a "xl2tpd.conf" file but it always says I have no write permission tried to add my account to admin group but it says something about not able to lock on password try later.
