Lately I have been receiving this in my auth.log file. It seems to be repeating over and over, and I didn't know if was anything normal or something I should be worried about...
Code:
I have a problem as below:
When i setup pam_wheel.so in /etc/pam.d/su, it runs correctly. But when i set up pam_wheel.so in /etc/pam.d/common-auth (include file), i can't login to anyone via SSH. Details configuration of /etc/pam.d/su and /etc/pam.d/common-auth:
/etc/pam.d/su:
auth include common-auth
account include common-account
password include common-password
session include common-session
[Code]....
I got some entries in my auth log that I am puzzled by. What could be the cause? I was not using my machine at the time of the logging.
Code:
On Ubuntu 10.04 with x11Vnc server, if the screen requires logon (such as if locked or upon reboot), through the VNC terminal, I always get authentication error (incorrect password). Sitting at the keyboard, I can logon just fine. Once logged on, I can access everything through VNC just fine.
Error in auth.log (username = bob):
unix_chkpwd[3926]: password check failed for user (bob)
gnome-screensaver-dialog: pam_unix(gnome-screensaver:auth): authentication failure; logname= uid=1000
[code]....
I have edited /etc/logrotate.conf to include
/var/log/auth.log {
rotate 6
monthly
copytruncate
compress
}
To try and prevent auth.log rotating daily and change it to monthly but it doesnt seem to work.
Either im doing it wrong or i need to restart some service?
I've been using CentOS for quite a long time, and I've recently switched to Ubuntu 10.10 as a desktop. I'm having one small stumbling block, I can't seem to setup LDAP authentication via a GUI. I found this post here.
[URL]
Is there a GUI application that allows LDAP configuration similar to the Cent OS one?
I have a problem with the logrotate of auth.log, it is not working. I tried using 'kill -HUP `cat /var/run/sshd.pid`'. This restarts sshd but does not create a new auth.log. Also tried "/etc/etc/init.d/ssh restart" and "/etc/init.d/ssh reload"
View 3 Replies View RelatedAs far as I understand ssh runs on port 22 but in my /var/log/auth.log I see
Quote:
why is this logged 48504 different than ssh port 22?
When ever I restart ssh
Quote:
/etc/init.d/ssh restart
I see following line in auth.log
Quote:
sshd[5678]: error: Bind to port 22 on :: failed: Address already in use.
That is a headless server. What does the above line signify or tell and why am I seeing that? Ubuntu 10.04 64 bit server edition
Been a while but have a few scripts that need to hit a website that's local to that network, but also a public site. Currently there is an .htaccess in that folder with this lockdown;
AuthType Basic
AuthName "Restricated"
Require valid-user
Now, can I break that somehow and say (here is my english translation)
[Code]..
I have succesfully set up authentication manually in Ubuntu so users can log on with Windows Active Directory accounts and have their network drives mapped automatically using pam_mount.
Please note due to the setup I can't make any changes to the Windows 2k3 server.
If a user wants their password reset I can change it to a generic password. When they next log on to a Windows computer with the generic password it will automatically ask them to change it to something else.
Is there anyway to get this to work with Ubuntu 10.10? At the moment when logging onto Ubuntu with an account that is in this state the message Please change your password appears, it then proceds to log on without prompting to change the password and natually it won't map the drives etc.
I'm trying to add the -audit option to X Server. I run ps -ef | grep -v grep | grep "bin/X" and get: root 2511 2506 0 10:35 tty7 00:00:09 /usr/bin/X:0 -br -verbose -auth /var/run/dgm/auth-for-gdm-sScn1P/database -nolisten tcp vt7 So I'm thinking that I need to add -audit to the /usr/bin/X file, but I believe that it's binary and created by something else, but I can't find that "something else". How on earth can I add this option? I have opened up 1,000,000,000,000,000,000,000 files (slight exaggeration) and I've come up empty.
View 1 Replies View RelatedI recently installed Fedora 13, Xfce, on my HP netbook. It's using AR9285. When i try to connect to my network with WPA enabled it will not work despite the password info being correct. I'm using a DI-514 router, with no updates to firmware. It only works, if I change the password, then use said password, then, when I disconnect, said password no longer works. WEP works just fine, open network works fine, why wont WPA-PSK work?
View 9 Replies View RelatedI'm getting relay access denied to an email outside of my domain. It seems the passwords are authenticating because I'm not getting invalid password prompts.
### BEGIN POSTFIX CONF ###
# postconf -n
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
mailbox_size_limit = 0
[Code].....
This is as far as FireFTP can go to make a connection.
Code:
220 Welcome to Steve Test SFTP service.
AUTH TLS
Proceed with negotiation.
PBSZ 0
All the basic vsftpd.conf advice followed:
Code:
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
[code]....
I want to configure NTLM for my Apache webserver, so that it uses active directory login credentials.
Additional info : my listen port will be 82 (http://xxxx.com:82)
I'm currently using Fedora 13 x64 and have noticed a strange problem with my wireless.
At random intervals it will disconnect, be it 5 minutes or 3 hours and then it will not re-auth no matter how long I leave it. The wireless is running WPA/WPA2, With TKIP/AES encryption. The router only supports b/g and the Wireless NIC is only b/g.
Not sure what driver/software it is using. I noticed I do have wpa_supplicant installed but there doesnt seems to be much happening in /etc/wpa_supplicant/wpa_supplicant.conf apart from the below.
Code:
[daniel@Enterprise ~]$ su -c 'cat /etc/wpa_supplicant/wpa_supplicant.conf'
Password:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
[Code]....
I yesterday installed fail2ban on my server and I see I am not getting logs for the genuine people also who log in to my machine.In
Quote:
/var/log/auth.log
It is a Ubuntu server and I had installed fail2ban via
Quote:
apt-get install
I thought some thing might be in
Quote:
/var/log/fail2ban.log
but there I do not see any thing
Quote:
2011-02-10 20:26:35,002 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4
2011-02-10 20:26:35,003 fail2ban.jail : INFO Creating new jail 'ssh'
2011-02-10 20:26:35,003 fail2ban.jail : INFO Jail 'ssh' uses poller
2011-02-10 20:26:35,031 fail2ban.filter : INFO Added logfile = /var/log/auth.log
[Code].....
I am using auth_param basic program /usr/lib/squid/squid_ldap_auth to authenticate users using squid from ldap. The user and pass is in clear text over the network between the browser and the squid server. Any way to send it in an encrypted format??
View 2 Replies View Relatedoperating system: CentOS 5.5 git version:1.7.3.4 ldap server:OpenLdap Http server:Apache 2.2 the software above have been installed. How to config /etc/httpd/conf.d/gitweb.conf file to let git authed by ldap?
View 2 Replies View RelatedI am a bit of a linux newbie, but have been gradually teaching myself how to set up Sendmail 8.13.8 on a CentOS system to handle our MX mail for various domains we own on our local server. Configuration has gone well so far, except I cannot seem to get Outlook to authenticate with the SMTP server and I must readily admit to some large gaps in my knowledge. For testing purposes, I have tried to authenticate using Telnet with the following results:
Code:
220 my.domain.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 3 Aug 2011 14:27:00 GMT
ehlo my.domain.com
250-my.domain.com Hello mytelnethost.btcentralplus.com [109.xxx.xxx.xx], pleased to meet you
250-ENHANCEDSTATUSCODES
[Code]...
I want to use squid Proxy to ask username password to user for internet usage and if username password not correct squid stops user access.I use following installation commands and configuration but still squid not asking for username password, and I can use Internet browsing by defining proxy in my client proxy.I use following installataion commands one by one but non of them works, and configure squid to use ncsa_auth../configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies
then I use
./configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies --enable-basic-auth-helpers
then I use
./configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies --enable-basic-auth-helpers=NCSA
with following squid.conf configuration one by one.
htpasswd /usr/local/squid/etc/passwd testuser
New password:
Re-type new password:
[code]....
No error received in access.log or /var/logs/messages files, nor on client screen, client still using internet browsing without asking username password by squid,
I don't think it would be harmful to run ssh on the default port of 22. Especially since the machine will only accept key-based logins and only accept traffic on port 22 from external IP addresses that I specify.
View 8 Replies View RelatedI am trying to setup 2-factor authentication for SSH with PAM. Its working well, but if the password is incorrect, it does not ask for validation code, but rather asks for the password again. Any way not to warn about an incorrect password?
View 2 Replies View RelatedI'm a bit lost with the PHP/Sendmail configuration, maybe somebody could help me getting back on the right track. Following situation:
Postfix:
* accepts smtp on port 25 but from his own domains. Some policy and spamchecks through amavisd are made.
* accepts submission on port 587 and 465 from authenticated users only. Quota and spamchecks prevent outgoing spam.
So I'm enforcing a very strong outgoing spam-policy but the users are still able to use the php mail() function to send spam through the /usr/sbin/sendmail command.
My users have access to their own php.ini so my idea was to somehow enforce the delivery through the local postfix on port 587 or 465 and just let them enter their user/pass in their php.ini. (I suppose, their might be a cleaner-solution ).
Unfortunately, my configurations like smtp_host, port, user etc. are getting ignored if the sendmail_path line is active. But if I comment this line out, php just uses the default, which is the same as configured in the sendmail_path line - so it's active whether i use the line or not (setting it to an invalid command breaks the mail() function completely).
how can I enforce my anti-spam policy on the php mail() command?For my ssh users I just blocked the outgoing connection to localhost on port 25 which seems to work so far, but somehow the postfix-sendmail-wrapper just ignores this.
I'm testing upgrading from 11.1 to 11.3 and running into a major roadblock. When I try to ssh to the server after upgrading, I am unable to use password or pubkey auth to connect via ssh with my ldap user due to sshd segfault. I can however connect via pubkey to a local account on the system. Both auth methods work (for local users) when I disable UsePAM in sshd_config, but auth via ldap is required. My configuration works fine on fully patched installs of both 11.1 and 11.3, but not a fully patched 11.1 upgraded to 11.3. I've been at this for a while now trying various things but don't seem to be making much progress..
/var/log/messages:
Code:
Oct 6 20:33:15 susetest kernel: [ 1829.251921] sshd[3602]: segfault at 7f4bb0521240 ip 00007f4bb0509354 sp 00007fffdf212850 error 7 in libcrypto.so.1.0.0[7f4bb0449000+188000]/usr/sbin/sshd -ddd:
Code:
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 431
debug2: parse_server_config: config /etc/ssh/sshd_config len 431
[code]....
I need to make a bash scripting, based on a password and a user,that connect to pop3 server and see if it login,if you can,return ok, otherwise return ERR .
View 10 Replies View Relatedi have wired connection(auto auth) , it was working till yesterday , but now its not working simplicity its not receiving to enter my name and password , its mikrotick hotspot .
ubuntu 11.04
How i can configure sshd to connect ONLY with Public Key Auth?
currentStatus : If you have no key. then you can log in with your password.
I was considering adding the below to my RHEL5 system's /etc/pam.d/system-auth file.
password required pam_cracklib.so try_first_pass retry=3 minlen=8
dcredit=-1 ucredit=-1 ocredit=-1 lcredit=0
auth required pam_unix.so nullok try_first_pass
[code]...