Ubuntu Security :: How To Disable Apt Authentication Check
Apr 3, 2011
having a slow internet connection, I bought the all maverick repository on DVDs, copied the files on a usb drive and modified the apt sources file to consider the local repository only:
Code:
# deb file:/var/www/ubuntu_local/ ./
deb file:/var/www/maverick/dvd1/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd2/ maverick main universe restricted multiverse
deb file:/var/www/maverick/dvd3/ maverick main universe restricted multiverse
[code]....
Even though I am reasonably sure it is safe, this local repository is not authenticated and I can only install package through the command line or synaptic, the Ubuntu Software Centre giving an error message "Requires installation of untrusted packages"...I thus would like to disable the apt authentication check for this local repository.
View 2 Replies
ADVERTISEMENT
Jan 10, 2010
I want to configure SSH key-based authentication and SSH password Authentication in same machine for different user .
View 1 Replies
View Related
Jan 17, 2011
I need to make a choice on what authentication protocol I want to use for Authentication and Authorization. I was looking at Radius and then literature suggested that Diameter was a better protocol. Keep in mind I need this on a hetrogeneous setup ( linux & windows together). Diameter seemed like a good fit until I discovered that the open source code no longer seems to be maintained ( C/C++).
I was also looking at Kerberos as an option though there is alot overhead with the server. SSL/TLS or EAP? I am looking for simple but secure and am new at the security protocols.
View 2 Replies
View Related
Aug 16, 2010
I have a problem with ssh.I followed this guide:and no matter what I try, I still can't disable password authentication. I want users to require a private key to prevent from brute force hackers.
View 6 Replies
View Related
Dec 20, 2010
I am the only user.So i would like to disable authentication for software center and update manager which is being asked everytime when i install softwares/updates..How to acheive it?
View 5 Replies
View Related
May 27, 2011
We have installed the Centos on server. I have enabled the ssh key authentication in that server. Now we can connect through ssh only with key file.Since this server is protected with SSH, I am unable to use the SCP command. If I use this command it says "Permission denied (publickey,keyboard-interactive).". Please let me know How Can I disable SSH Key or why SCP command is not working ?
View 4 Replies
View Related
Jan 6, 2010
I'm dual booting Ubuntu 9.10 and win7. I have an NTFS partition on my disk and whenever i want to browse files on that partition I'm required to enter my password. my problem is that my music folder is located on that partition, and as a result, whenever I open rhythmbox, it cant access the files on that partition and begins to remove them from the library. in order to prevent this i must browse to that partition manually and enter my password upon request, prior to opening rhythmbox.
on a side note - shouldn't the spell checker on the Ubuntu forums recognize "Ubuntu" as a legit word ?
View 3 Replies
View Related
Mar 27, 2010
So after tinkering for a while, I was able to configure ssh for private/public key authentication and disabled Password-Authentication. In the past I had some issues with people brute force trying passwords/usernames so I want to avoid this, but I need some form of secure FTP that now doesn't work due to the aforementioned setting.
View 2 Replies
View Related
Oct 13, 2010
I set up a debian lenny in vmware on my windows machine. The network interface is set to bridged, so the virtual machine is connected directly to the university network i am connected to. I want to be able to ssh into the vm.I installed sshd via "apt-get install ssh", generated a key pair with puttygen and copied the public part to "/home/user/.ssh/authorized_keys", set rights to 600 and then tried to disable password authentication completely, following the "securing debian" documentation.this is how my /etc/ssh/sshd_config looks now:
# Package generated configuration file
# See the sshd(8) manpage for details
# What ports, IPs and protocols we listen for
[code]...
View 7 Replies
View Related
Feb 2, 2010
Is there a way to disable password authentication completely? The command line is the following:
ssh -o KbdInteractiveAuthentication=no -o PasswordAuthentication=no machine"
it STILL asks for a password. Of course I would like to do this without touching the server, if possible.
View 2 Replies
View Related
Feb 2, 2011
What security mechanisms are used by recent versions of the Linux operating system during user authentication?
View 3 Replies
View Related
Jan 1, 2010
I using rhel5 i installed&configured nagios ofter loged in the nagios server when i m enter hosts & services i m getting this error # it appears as though you do not have permission to view information for any of the hosts you requested. If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI and check the authorization options in your CGI configuration file.
View 9 Replies
View Related
Aug 25, 2010
Is there a way to to check if the system has the available security updates installed? Specifically, I am looking to do this programmatically.
View 1 Replies
View Related
Dec 19, 2010
How to disable the NTFS drives root password authentication?When I try to access the NTFS drives for the first time after logging in, the system is asking for root password authentication.How can I disable this?
View 1 Replies
View Related
Aug 22, 2011
how can I disable the automatic file system check after power outages or system crashes? The check sometimes prompts for a key (ignore, repair etc.) but the panels do not have a keyboard.
View 9 Replies
View Related
Jan 19, 2010
I have a custom modified Ubuntu LiveCD. Sometimes when I boot from the CD, after it detects the HDDs it starts automatically scanning and repairing them even if the partitions are windows partitions. What do I need to modify to make it not scan/repair any partitions/drives at boot?
View 2 Replies
View Related
Jul 13, 2010
I am learning SELinux from LinuxCBT and I'm stuck at one place. Now video is on RHEL 4 (so tell me if things has changed since, cause I can't find anything related) shows how to disable SELinux security on httpd.first I don't know diff between initrc_t and uncofined_t; and second I don't know if something is wrong is everything is all right.
View 1 Replies
View Related
Aug 6, 2010
Is there a way to disable disk checks in a mounted usb drive? I have a 500GB usb mounted drive in my CentOS machine and everytime I reboot my system, it does disk checks which is a long painstaking process.
/mnt/sdb1
View 4 Replies
View Related
Jan 7, 2010
How can I remove authentication completely from my pc?
How can I edit the files present in the patrician filesystem?
View 8 Replies
View Related
Jun 25, 2011
Does anyone know if/how its possible to integrate HOTP authentication into GDM login manager? Basically what I want to do is have it ask for the password of the account, then another prompt come up asking for the code for the account.
I know how to set it up, but I'm know if modifying the PAM module for requiring OATH/HOTP authentication will make this happen or if it will just break the system...and this is one thing I don't want to have to fix.
View 1 Replies
View Related
Jan 6, 2011
Given that my public key is a pre-shared secret is sshd made in a way that this negates the possibility of a man in the middle attack? In other words, if the known_hosts file were to be deleted, would it be safe to ignore the fingerprint of a server that already has my public key in authorized_keys?
View 5 Replies
View Related
Jan 26, 2011
Running Ubuntu 10.10 and I'm getting annoyed by the password authentication each time I want to do something. I find this more annoying than Windows 7 and UAC
View 9 Replies
View Related
Mar 7, 2011
I'm using Ubuntu Lucid Lynx and every time I search for updates it ask for authentication. I'd like to search and apply updates without confirmation. Is it possible in some manner?
View 1 Replies
View Related
Mar 27, 2011
I have been unable to access the key file since installing Firefox 4 Tuesday. I have no authentication key for Firefox. [URL]
View 3 Replies
View Related
May 1, 2011
Yesterday I installed a program called localepurge to remove the locales I don't need, I've chosen only en and ar to maintain and removed the rest, after restarting, can't access the ubuntu, I wrote the password manytimes and checked the upper and lowercase. I'm using Ubuntu 11.04 on a Toshiba L500 laptop
View 1 Replies
View Related
Mar 19, 2010
I was trying to configure user authentication in SSH using certificate method.As u all know the usual way of authentication is using the ssh-keygen method. But i want the another method where we create a certificate key and send it to the CA, which signs it and send back etc etc.I cannot find any unique procedure in the net to configure this method.
View 3 Replies
View Related
Oct 25, 2010
I have squid proxy authenticating Internet users with LDAP. It's working well. But I have problem when I authenticate to squid proxy to login to Yahoo Messenger. Each time, I login to YM application, the squid proxy popups many authentication windows. These confuse users when they you YM. I checked in squid access log and see that: when users use YM application, the application requests the following links:
[code]...
With each link, squid requires one authentication window. Do you have any ways to squid require only one authentication window when users use YM?
View 2 Replies
View Related
Jul 9, 2010
I'm working on a work project related to Web (Client) authentication and DOD Common Access Cards. But I'm having difficult getting the details about what happens on the CAC side of things.
I familiar with the PKI system as it applies to e-mail. (Correct me if I err, of course.) If you want to sign an e-mail (i.e., so it can be authenticated by the receiver) you use your private key to add a digital signature to the message. Then, the receiver uses your published public key to determine if the digital signature is valid, i.e., was created using your private key (even though the receiver never actually has access to your private key).
So... my questions:
1) When a person with a DOD CAC visits a CAC-enabled web site, and the server grants access after the CAC is inserted, is the authentication process fundamentally the same as what happened with the e-mail authentication?
2) If the private key is used in this process (it would have to be, correct?) is the signature created on the CA Card electronics (i.e., the private key remains on the CAC)? Or is the private key copied onto the computer, which uses it to create the signature?
View 1 Replies
View Related
Oct 8, 2010
if you go to Edit > prefs > security and choose to show saved passwords they are displayed without entering root pw. This seems to be a huge security hole. How do we fix this?
View 8 Replies
View Related
Aug 17, 2010
My server is connected to the Internet for ssh on port 22 with root logon disabled, a single non-dictionary word user name allowed, and pki authentication only (about as secure as I can make it). I've previously run fc5 and 9 servers using the same sshd config since 2006 and had no security troubles, so I'm happy, but.. After the fc13 install and configuration, logins from a host on a remote network are taking about 1m 30s to complete! A (partial) console output for ssh -vv appears below. The lines marked with "**" were the lines after which significant pauses happen. This is fully repeatable.
Code:
debug1: Next authentication method: publickey
debug1: Offering public key:
debug2: we sent a publickey packet, wait for reply
[code]....
View 3 Replies
View Related
