Ubuntu Security :: Startup Login Screen Security?
Aug 27, 2010
just migrated to Lucid from Jaunty and noticed that the login startup screen looks more like windoze (shows all authorized users).One of the endearing security checks with Unix was that if you had access to a console you had guess both userid AND password - the system wouldn't tell you which was wrong.I feel that we have lowered security by making the list of authorized users visible on a console. Is there any way to turn it off and force users to enter both userid and password?
View 4 Replies
ADVERTISEMENT
Jan 19, 2010
ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?
View 5 Replies
View Related
Mar 3, 2011
i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
View 2 Replies
View Related
Sep 8, 2010
Whenever I login as root, an e-mail with the subject "Security information" is sent outwhere the e-mail address for this message is configured? I need to change it (or perhaps disable it).
View 9 Replies
View Related
May 12, 2010
I've got an HP Netbook with Jaunty installed, and I've got an older Dell laptop running Debian.A friend of mine, on several occasions, has told me that when I left my computers unattended he could do some kind of series of key-strokes, and then a window comes up and he says that he can change the password for my account.I've asked him to show me how he does it, but he never will because he doesn't want me to be able to thwart himIs he lying, or is it for real? if it's for real, how do I go about changing it so that it can't happen anymore?
View 5 Replies
View Related
Jun 30, 2010
I've had a password on my 10.04 installation since I installed it (when it was released) and since last week it has disappeared. My computer seems to log in automatically. When I check the login screen settings, it is set to "show the screen for choosing who will log in".
View 5 Replies
View Related
Aug 30, 2010
Is there a way to set Linux to automatically log in to a specific user account and at the same time lock the screen? I want to save time and trigger various software that always should start up on boot, while leaving the computer unattended during startup (extra important and practical for remote control boots), by enforcing a 'screen lock' so that no-one can see what happens behind the login screen without entering the login credentials.
View 4 Replies
View Related
Jul 29, 2009
Is there any way to hide my username in login screen (GDM)? I ask this because in Ubuntu I have seen that you need manually enter your username.
View 5 Replies
View Related
Oct 10, 2009
If I leave the computer running for a few minutes without doing anything on it, this screen appears demanding that I enter my password, otherwise I can't get back to Fedora. I understand the necessity for this security feature in a work environment, but I'm just a home user and this security screen is just a nagging problem I don't know how to get rid of.
View 1 Replies
View Related
Oct 31, 2010
I have a dual-boot with windows and linux. Sometimes if I reboot from windows into linux, I notice that when X is starting up before the login screen comes up it will flash a screenshot from Windows. Has anyone ever noticed this?
View 4 Replies
View Related
Dec 14, 2010
I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.
And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.
View 9 Replies
View Related
Dec 12, 2010
I recently switched from KDE to Gnome, and when i setup Kubuntu I checked "Do not require login at startup", so i didnt get the screen. When i switched to gnome, it still didnt show it, and for various reasons i want the login screen at startup. I am running Ubuntu 10.10.
View 1 Replies
View Related
Jan 25, 2010
Looking to add lines to these files that echos date/time pwd and who am I to a log file so I can see if they ever get altered.
View 4 Replies
View Related
Aug 9, 2011
I have quiet splash disabled so I can see what boot processes are run on startup, and I notice that on every time I boot my computer the Firefox profile is skipped. Here's the message: Code: Skipping profile in /etc/ apparmor.d/disable: usr.bin.firefox,I checked /etc/apparmor.d/disable, and see that there is indeed a link to usr.bin.firefox. So I'm wondering how/why it got there. I haven't touched anything in AppArmor since my clean install of Natty.
View 6 Replies
View Related
Feb 4, 2011
I'm a beginner with Linux. I'm using the version of Ubuntu 10.10 installed in a notebook HP Pavilion tx 2000 (Turion 64 x2). My Ubuntu is 32 bits.
I'm passing for the following situation:
When I turn on my notebook, if it is running on battery (even with the battery has 100% of charge), a login / password screen does not appear, and the screen goes dark and nothing more I can do (that I knew!). So I re-start the machine.
However, if the notebook is plugged into electrical energy (with or without battery), a login / password appears normally.
If, with the notebook plugged into electrical energy, I log in Ubuntu operating system, then great. After loaded the operating system, I can turn off electrical energy and the notebook works normally (only with battery). In other words, just the login screen that is with this electrical energy problem.
View 4 Replies
View Related
May 3, 2010
I installed Startup Manager but the appearance and security tabs are missing. I really want to be able to change the resolution of the splash screen cause it looks all pixelated and I want to have the splash screen that 9.10 had.
I tried reinstalling and restarting but the issue remains. I know its somewhat functional because I am able to change the seconds that grub takes but when I try to change the resolution of the purple ubuntu startup screen it looks like it tries to change it but it fails.
View 9 Replies
View Related
Jan 19, 2010
For some time now (actually, since I migrated to KUbuntu) the fonts at "log in" / "start up" are way to small to read.After start up / log in every thing is normal. Normal or proprietary drives makes no difference
Current setup:
Kubuntu 9.10 64 bits
Ati Video card
Monitor: Sony LCD screen (a TV)
View 6 Replies
View Related
Apr 12, 2010
I'm connected to a domain, but I want ubuntu to bring up an AD login screen on startup. How can I do this?
View 1 Replies
View Related
Nov 28, 2010
I had a bit of a play with the pam-usb module today and thought it was very interesting. I can now log in to my computer using my SD card, which is pretty cool.I was wondering if it would be possible to make it such that the ONLY way to authenticate would be by means of this SD card. I realise that this probably isn't the wisest idea ever and I would be better off generating a really long, really complicated password and storing it away somewhere safe for when I lose my SD card (because it would happen).
View 1 Replies
View Related
Jan 25, 2011
I've been trying to make sense out of this error report. I get it every once in a while on startup of my machine.
Code:
Summary:
SELinux is preventing /usr/sbin/ntpd access to a leaked netlink_route_socket
file descriptor.
Detailed Description:
[ntpd has a permissive type (ntpd_t). This access was not denied.]
SELinux denied access requested by the ntpd command. It looks like this is either a leaked descriptor or ntpd output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the netlink_route_socket. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ [URL]
Additional Information:
Source Context system_u:system_r:ntpd_t:s0
Target Context system_u:system_r:firstboot_t:s0
Target Objects netlink_route_socket [ netlink_route_socket ]
Source ntpd
Source Path /usr/sbin/ntpd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ntp-4.2.6p2-7.fc14
Target RPM Packages
Policy RPM selinux-policy-3.9.7-3.fc14
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name leaks
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.35.6-45.fc14.i686
#1 SMP Mon Oct 18 23:56:17 UTC 2010 i686 i686
Alert Count 1
First Seen Fri 21 Jan 2011 02:01:09 AM PST
Last Seen Fri 21 Jan 2011 02:01:09 AM PST
Local ID fb73799a-8d3c-4d9a-8c06-a0c1b6d4814e
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1295604069.730:15): avc: denied { read write } for pid=1731 comm="ntpd" path="socket:[14643]" dev=sockfs ino=14643 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:system_r:firstboot_t:s0 tclass=netlink_route_socket
node=localhost.localdomain type=SYSCALL msg=audit(1295604069.730:15): arch=40000003 syscall=11 success=yes exit=0 a0=8a1ad60 a1=8a1b040 a2=8a1b2c8 a3=8a1b040 items=0 ppid=1730 pid=1731 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
View 2 Replies
View Related
Oct 6, 2009
Trying to install the Suhosin module with the php 5.2.9 c5-testing repo...it won't run with the php 5.2.9 testing build (there isn't an updated suhosin package against the 5.2.9 build)
PHP Warning: PHP Startup: suhosin: Unable to initialize module
Module compiled with module API=20050922, debug=0, thread-safety=0
PHP compiled with module API=20060613, debug=0, thread-safety=0
What's the best way to handle this from an admin best practices standpoint? I want to do everything possible to keep the suhosin module tracked by yum for future updating etc. Is it best to try to find a suhosin rpm that is built for 5.2.9 and install it with yum localinstall? If not, if I build the module myself, what's the best path to keeping yum/rpm in the loop on this install for future updating via yum?
View 3 Replies
View Related
Jul 19, 2010
I'm trying to backup a whole startup disk to another with GRSYNC but I don't need some files or directories. For example, I don't want to backup my 'swapfile1' (I do not have a dedicated swap partition) or the 'media' directory' in order to no enter a looping sync.I've searched the web for the correct syntax of the --exclude command but none have worked if applied in the advanced option "before" rsync starts. These a sample of NOT workin syntaxes:
exclude /media or -- exclude 'media' or -- exclude "media"
same for swapfile1:
exclude swapfile1 or -- exclude 'swapfile1' or -- exclude "swapfile1"
View 7 Replies
View Related
Mar 31, 2011
I'm not referring to "Gnome Login Sound" I'm referring to the login screen sound. Those 2 drum pats you hear when you start up Ubuntu, before logging in. I was using Macbuntu, and have switched back, however it never changed my login sound back to what it was suppose to be. I knew how to change everything else back, so i didn't just run a script with out knowing how to clean up after it, however this is the only thing I don't know how to do. It keeps looking into the macbuntu folder to get the sounds before i log in. Probably being able to simply set the sound theme in the login screen would fix this issue. I've tried using Ubuntu Tweak, but no such luck. If no one can't find a solution I'll just have to use the other folder from now on >.< However I'm quite certain there's a script somewhere, that I can edit. I just need to know where it's at.
View 7 Replies
View Related
Feb 6, 2010
I'm having trouble logging in with SSH using RSA keys.
client: Karmic
server: FreeNAS (FreeBSD) ip: 192.168.0.100
I generated RSA keys on Karmic, added the id_rsa.pub to the authorized_keys file on FreeNAS, then removed the id_rsa.pub from Karmic (this is a poorly documented but necessary step I learned).My Karmic username is shawn, FreeNAS username is shawnboy.from Karmic it prompts me for my RSA key passphrase which it should do, but after I enter it, it fails and moves on to prompt me for my password. I know this isn't a FreeNAS forum, but this works perfectly using Putty SSH with RSA keys on Windows XP, so I figure it's more appropriate to ask here than in FreeNAS forums.
View 7 Replies
View Related
Aug 9, 2010
I've recently installed 64bit version of ubuntu 9.10 but the GDMsetup doesn't seem to be working as it was in 9.04 i mean to say when you type gdmsetup at console the login window pops up where i can check the check-box "Allow local administrator log in" under security tab. to enable login as root. since it is not working i've to type password every time when i install a package or create a folder in root directory or mount a drive which is quite irritating how can i login as root in gui mode etc... also is there some syntax which i can put into /etc/gdm/custom.conf so i can log in as root....
View 2 Replies
View Related
Apr 27, 2010
I have seen that you can use PAM modules or recompiled versions of sshd to authenticate with a RSA SecurID token. But - they are kind of expensive to use at home.Would�nt it be great if you could use the Blizzard authenticator instead ? Its cheap and easy for home users to get their hands on !Link to the Blizzard authenticator Im refering to :
[URL]
View 2 Replies
View Related
Jun 29, 2010
How can I set up snort to only log and detect/capture logins using root or any of the "homeusers" login accounts or names?
View 9 Replies
View Related
Oct 18, 2010
At the terminal prompt, I can't login using su nor sudo. I can only login as root at the dialog level. How do I correct this?
View 6 Replies
View Related
Oct 23, 2010
I have an SSH server on my laptop, and I'm using the default configuration file, but I added "AllowUsers <myUserName>". I get lots of login attempts like the ones below in my /var/log/auth.log.From Google, I find that pam_winbind allows some kind of Windows authentication. This leaves me with 2 questions. What does winbind do when I have not configured any Windows/Samba accounts? How can I turn it off?
Code:
Oct 23 20:01:49 muon sshd[24329]: User root from 201.116.17.163 not allowed because not listed in AllowUsers
[code]...
View 9 Replies
View Related
Jan 22, 2011
I have tried everything to disable automatic login from the login screen (gdm). I've changed my password, I've changed the settings in System -> Admin ->Login Screen, and I've edited /etc/gdm/custom.conf (gdm.conf doesn't exist, but I created it just in case!).No auto login is set up, but I can't get it to ask for my password. This is affecting my ability to switch sessions, as I can't switch sessions without clicking on my name in gdm, and because it's set to auto login,
View 4 Replies
View Related
