Somehow an app on this box seems to have disappeared long ago which was configured to start immediatedly with a root login (eg su). Now, whenever upgrading permissions to root or logging (and assuming login as root), an error displays saying "cannot find <application>"
Considering root usually is different than other logins, am not sure where to start looking on an OpenSuSE box. I've tried without success
BASH -v to enable verbose mode before executing a "su." BASH --debugger to enable debugging mode before executing a "su."
Logout, Login as root and inspect /var/log/ hoping to find some logfile that audits the login sequence, but may be looking at a wrong logfile.
I know this is probably easy and if I only took a while to figure it out maybe I could but I have some stuff that needs to happen soon and I can't figure this out. I was wondering how I could have a log monitor that would email me whenever someone tries to login over ssh to my system. I'm open to everything daemons/scripts or cron itl works as I am not running a production server (but I might be starting that soon). Oh and just a side how do I get sent an email when I get port scanned
I have an SSH server on my laptop, and I'm using the default configuration file, but I added "AllowUsers <myUserName>". I get lots of login attempts like the ones below in my /var/log/auth.log.From Google, I find that pam_winbind allows some kind of Windows authentication. This leaves me with 2 questions. What does winbind do when I have not configured any Windows/Samba accounts? How can I turn it off?
Code: Oct 23 20:01:49 muon sshd: User root from 18.104.22.168 not allowed because not listed in AllowUsers
I am running a ubuntu server 10.10 with SSH, and OpenVPN. I use it mainly for the VPN, but I have seen log in attempts such as:
Mar 22 14:52:53 UbuntuSvr sshd: Invalid user support from 22.214.171.124 Mar 22 14:52:55 UbuntuSvr sshd: Invalid user student from 126.96.36.199 Mar 22 14:52:57 UbuntuSvr sshd: Invalid user transfer from 188.8.131.52 Mar 22 14:52:59 UbuntuSvr sshd: Invalid user user from 184.108.40.206
Is it possible to make it so when some one has tried logging in 5 times with an invalid user/pass that the ip is banned for 10 minutes? I have password auth set to no and am using keys.
I am trying to get OpenLDAP to authenticate user logins, but running around in circles. Are there any logs produced by either client and/or server that would indicate possible reasons why it was unable to login as a user?Below is an explanation, any ideas would be appreciated, as I think everything is setup as per the various articles on using LDAP.
I have a CentOS 5.5 OpenLDAP server, and several others, some host services, some are file shares (samba).So far I have been able to successfully configure OpenLDAP to carry out all the ldap* commands from both the local server and from any of the remote servers, either via non-ssl or ssl connections. However, as soon as I try connecting any services up to it, it doesn't play ball.Back to basics, having cleared off all previous attempts at this from all machines, I have gone through the following:
Installed OpenLDAP server/client on host (plus nss_ldap). Configured /etc/openldap/slapd.conf (see below) Configured /etc/openldap/ldap.conf (see below)
I've recently installed 64bit version of ubuntu 9.10 but the GDMsetup doesn't seem to be working as it was in 9.04 i mean to say when you type gdmsetup at console the login window pops up where i can check the check-box "Allow local administrator log in" under security tab. to enable login as root. since it is not working i've to type password every time when i install a package or create a folder in root directory or mount a drive which is quite irritating how can i login as root in gui mode etc... also is there some syntax which i can put into /etc/gdm/custom.conf so i can log in as root....
It's my personal computer, no other users, no one else in the house. I'm behind a separate stand alone firewall (Checkpoint device). I'm the admin on my machine and I'm going to enter sudo, or login as root, every time I need it anyway.
There's no way that having to switch to root is going to make me stop and think about what I'm getting ready to do. In fact it's quite the opposite. If I'm in the midst of troubleshooting, I'm preparing to enter a command that I think is going to work, and I get "Permission denied"... The aggravation is more likely to reduce my logical thinking, and I'll immediately switch to root and type it anyway.
I DO understand the rational of setting users (even admin users) to a lower permission level. However I don't understand the lack of a command to make a user PERMANENTLY root equivilent. Switching back and forth is a waste of time. AND it means that I now have to deal with two home directories... /root and /home/user. Having to type sudo, or su to switch to root, does not protect my system. It only aggravates.
Found a major security hole in one of my more crucial linux servers today. (Only locally) I can use the user name "root" and any string for the password. So I can literally type "poop" as the password and the server lets me in. I know how to set root password settings for SSH and sudo, but where are settings located for local access that would allow something like this?
Can't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
On my Ubuntu 8.04.4 LTS webserver I desperately want to disable the Root account. But at the moment I am unable because I prefer to use Nautilus/Dolphin on my home laptop for SFTP. The graphical interface also helps when comparing multiple config files at once, something that being limited to NANO or PICO would make extremely painful. The problem is that if I don't use ROOT I can't perform any SSH or SFTP actions with a graphical interface, because I can't use SUDO without the terminal. Does anyone else leave root enabled? I have a non-standard port, disabled password authentication in favor of ssh keys, and I have a tarpit configured
I have a habbit of openning a 2 sessions of xwindow (I'm using KDE), one as user to browse the internet and the other as root to do some admin work. But someone told me that login to KDE as root is bad in terms of security. Is this true?
For a month or so now, I have been enabling ssh and opening port 22. I cron'ed the start and stop commands to leave them open only a few hours a day. After a bit, I checked my logs to find that some IP or another was attempting to brute force my root account.
I took little real threat by the offense.
(1) my system does not allow root to login and
(2) it would cut them off sooner than later when my system issued the stop command.
Today I log in to find that all of my log files, as viewed from the gnome log file viewer, were empty of entries from about noon yesterday and prior.
Though I haven't noticed anything at all out of the ordinary with my system, I would like to get more opinions on the matter. Would there be any conceivable way that this was an automatic system routine, a clean up action of something? Additionally, if I was indeed the victim of a hack, what can I do to further protect my system (keeping in mind that I do want to access my system via ssh from time to time)?
I get the problem to acess root password when i am in user login, means wahen i am in user login and want to install software from terminal then he asked root password, when i supplied root password but he give me login incorrect.