Ubuntu Security :: Ssh Auto-login Only Works When Im Logged In?
Jun 1, 2011
i have setup auto ssh login for my server. And it works, but only when i have a active connection. if i use "ssh server.com" it asks for my password. If i then open a new terminal and issue "ssh server.com" it logs right in. I really don*t understand whats wrong.
I have tried setting up 2 virtual machines on my local computer and with the same setup it works fine.
SOLVED: my home folder was encrypted, so when no users were logged in the home folder was unmounted
I recently installed 32bit maverick and wanted to make it login automatically. I tried enabling auto login from Admin > Login but that didnt work and I was still prompted for my password. Then I went to Users & Groups and changed the password option to Do Not ask for password at login now after I reboot, the user list is shown (only 1 user) and it doesnt ask for password after I click on my username.
However, then it gives a few errors (as i vaguely recall):
1. cannot load .ICE directory in my home directory 2. some error 256 about a gconf-sanity-2 file 3. nautilus cannot load my home directory etc
and then it gets stuck without loading anything (blank wallpaper). i ve tried navigating to my home directory using Alt F2, gksudo nautilus and my home dir contents are encrypted by the ecryptfs (there is a readme.txt file and a shortcut). i have tried to decrypt but it doesnt work... i ve also tried to start/stop gdm, and startx but nothing works. if i stop gdm, then the prompt doesnt recognize my password and keeps on rejecting the commands i enter... I think this has something to do with the home dir not being decrypted due to the dont ask for paswd option... how can i disable the dont ask for pwd without the gui (i can access my / by booting through an external usb).
Failed login attempts are logged to syslog with the user id or login id set to UNKNOWN_USER or UNSET.Anybody know if this is configurable. I would rather it just pass the actual id that the user used. Doesn't matter if it exist or not, just want to know if someone is guessing at user names and what those user names are
I have tried everything to disable automatic login from the login screen (gdm). I've changed my password, I've changed the settings in System -> Admin ->Login Screen, and I've edited /etc/gdm/custom.conf (gdm.conf doesn't exist, but I created it just in case!).No auto login is set up, but I can't get it to ask for my password. This is affecting my ability to switch sessions, as I can't switch sessions without clicking on my name in gdm, and because it's set to auto login,
I have a working LDAP-server (I belive!!) I want my laptops to authenticate against the server, when they logon. That works fine as long as the network is present. But I also want the users to be able to log on, when the network is down. When I go to a terminal (without network) I can su to another LDAP-user.I can login via graphical login-screen with the network attached, but not when it is disconnected.
In a terminal id john gives me information about the user john.
My conf. files looks like this: /etc/ldap.conf host 172.16.0.138:389 ldap_version 3 bind_policy soft
Been using CentOS for a couple of weeks and have a few quirks I need help with. This is a fresh install of CentOS 5.5. I'd love for VNC Server to start up as soon as the computer reboots. It seems my VNC Server only works when I log in using the GUI at the computer itself. After a reboot I can remotely SSH into it successfully, but cannot VNC to it. I then have to physically get to the computer and log into the GUI, and wa-la I can VNC to it. I have not edited any conf files - seeing as my last attempt at getting this working got me nowhere. I have only enabled Remote Desktop through the GUI.
I have an ssh (OpenSSH_5.1p1 Debian-6ubuntu2) client A and a server B set up for public key authentication as described in [URL]
The problem is the following: ssh asks for a password when connecting from A to B without any other ssh session going on between A and B; but if I connect from A to B whenever there is another ssh session between A and B, either I get prompted for the passphrase I used to encrypt the private key or I get logged automatically.
I already checked permissions on B: .ssh is 700 and authorized_keys is 600. I already tried "StrictModes no" in sshd_config. Printing debug information using DEBUG3 does not any useful insight. Moreover, there is no /var/log/secure (is it supposed to be there?)
Right now the computer is far far away from my reach, but when I configured the system I noted that whenever I was locally logged to B and then ssh'ed from A to B, I was logged in without any problem; whenever I was not logged in locally I was asked for a password. Note that at that time I was using a different public/private key pair whose private part had no passphrase.
how to know exactly what cipher is ssh/sshd using for a particular session? Is there a way to know any statistics for a given session (something like the ~s option in section 5 of [URL]
P.S. 2: does the following mean that ssh is using protocol 2.0 or something different than protocol 2.0?
(..........) sshd: debug1: Enabling compatibility mode for protocol 2.0
I'm trying to use xmms (or any other audio player) lauched from a remote computer but playing locally. I have a maverick server which has xmms installed. I launch an xdmcp (starnetssh) from a windows machine and I am able to open terminals, panels, emacs, etc but when I open xmms (or MOC, is the other one I tested), it simply doesn't play anything unless the same user is logged on the ubuntu box.
I press On-button, Debian boots, logs in and automatically connects to the Wireless network AND! to my local pc via LAN. It runs an ssh server, so I can ssh into debian over internet and communicate with the local pc (send a magic packet).Here are my problems:
1) I don't how to log in automatically. This and this doesn't work. 2) I need a network tool that can manage multiple connections and has a reconnect feature. With the default network manager I cannot even connect to more than one network simultaneously although I have two network devices of course.
And I guess I can run all that in console mode, right?
I setup logging in through putty client with keys, and password disabled, could log in from all machines on my network (xp and 7) with putty.When I finished hut down the server.Today I turned on the server box and thought I'd try logging in through putty. It kept telling me the server was rejecting my key.I plugged in a monitor and keyboard into the server and logged in via password then had no problem logging in through putty client.Question is, every time I shut the server down do I have to plug in the monitor and keyboard, then login, to be able to login remotely?
I just installed debian 5.06 i386 130MB that I downloaded yesterday(Monday).My problem is that when an incoming ssh connection to this debian box is established, but nothing is being logged to /var/log/auth.log on this box. I've tail -f the auth.log which verified nothing is getting logged for ssh. The auth.log is showing activity, mostly root logins and logoffs, but no ssh activity.I understand that /etc/rsyslog.conf may control what gets logged. I had pastebinned this file on #debian but people noted that it looked fine.I have not made any changes to the system, like editing config files or anything. The system is essentially just out of the box.What else can I do to figure this out? Otherwise, I am pleased with how Debian installed on 2002 vintage machine, and is running in console mod
I have 2 servers, web server & mail server. they show 2 users in the summary area when I run w or top commands. But the actual list of users logged in (using either w or who) shows only 1 user. ps -ef |grep username only shows my current login as a running sshd process.
So I can find no trace of this other user except in the summary line for w or top. I have no shells or other logins left running elsewhere or abruptly terminated, no gui sessions (these are servers), no tty logins. Do I have another user logged in? Has someone hacked me & covered up most of their trail? Why do these commands show 2 users when everything else points to 1 user?
The line in bold is the security issue. There is only 1 user account on the system. There should only be 1 user logged in, not 2 users logged in. The remainder of the log file lists 1 user logged in, for similar log output. 2 users logged in does not appear again in the log file.
Does the second line of bold indicate that an attempt was made to log in to the system using SSH?
There was an internet connection interruption (no service) around the time of the log file event. The service did return, later.
Does that line indicate that an unauthorized user logged in to the system?
I have program that work like Fedora Firstboot it's run only one time after finish installation. I have two questions to ask.
1. How can I start this application before gdm start (login screen or auto login)
2. How can I start this application in fix display resolution (800x600)
My method now is
(This is a part of script , this script execute from /etc/init.d/myfirstboot , I create symlink to /etc/rc2.d/S1myfirstboot for start it before anything)
gdm-stop # first time I use /etc/init.d/gdm stop DISPLAY=:1 export DISPLAY /usr/bin/Xorg :1 &
I don't understand why first time firstboot start the system will auto loging in but not complete yet and then my script is start and it's work does not fine I think that is another user is already login , but if I re run my firstboot again and again (by setting something that can revoke my firstboot and restart) it's work before auto login and every things is ok!
I have an Ubuntu desktop I have set it up to connect to my MSN Messenger account Each time I boot up I get a dialogue box saying "The login keyring did not get unlocked when you logged into your computer" with a space to type in my password This should NOT be asking for my password after I am into my account! I think this is a usability bug? How can I fix this?
I would just like to know how to, and know if its secure to run the following programs WHILE LOGGED OUT of Ubuntu: openvpn, deluge, and if it can be securely done while the home directory is encrypted.
I am using Fedora 10 .Generally to update I open a virtual console by pressing Ctrl-Alt-F2,login as root and give the "yum update" command.Then I continue using my graphical terminal for other tasks from the 'non-root' account..Now my room-mate comes uses my 'non-root' account to browse web for few minutes and then opens a terminal types "halt", ENTER and viola...! My root account seems to be insulted by a 'non-root' user!.When I am doing updates or other important work as root any silly user can just 'halt' my computer. Can somebody tell me how to set up my computer so that when root is logged in no other user can simply halt the computer.
Just noticed this, when I am logged into OpenSuse 11.3 under my default user (autologin) I have 3 of the same user logged in, eg when I run top it shows 3 users and when I run the users command it shows the same user 3 times. Is there any reason for this? Do I need to investigate this at all?
I installed 10.04 on my pc. I also have 9.08 and XP installed. Both work. The 10.04 gui login screen displays and asks for the password. I enter the password. The screen goes blank but after a few seconds the gui login box re appears and again asks for a login. I rebooted into the TTY, created a new user, checked the new user was in in /etc/passwd and that I could get into the new user's account. When I rebooted into the gui the new user was there and I entered the password but again I just got back to the gui login window. The pc I am using is at least 5 years old. I have tried startx and I do get the gui background but no controls are displayed. I am using 32 bit 10.04. Using the TTY I have uploaded all the current fixes.
I installed IPlist earlier today on my main/admin account (which I only use for installing programs. I don't use this account daily.) and everything was fine. When I logged into my every day account and tried to load the program, it prompted me for my password. When I entered it, I got this message:Quote:Failed to run /usr/sbin/ipblock start_gui as user root.The underlying authorization mechanism (sudo)t allow you to run this program. Contact the system administrator.Does this mean I am not able to use this program on this account, or is there a way around it? I'm new to Ubuntu so forgive me if I'm asking the obvious. I looked around and couldn't find an answer. I really don't want to use my admin account for daily activities, but I also really want to be able to use IPlist
I am pretty new to Linux, but this can't be the way the system is supposed to operate.
Fedora 12 KDE 4.4 kernel 220.127.116.11-70.fc12.i686 Toshiba satellite L305D
As of updating KDE to 4.4 and a kernel update from two weekends ago hibernate/resume works perfectly. The problem is I feel that all terminals should be locked/logged out automatically upon suspend/hibernate. Through bug reporting at KDE found that an additional setting is required in KDE to lock the desktop before suspend/hibernate. But any of my other terminals that are logged in remain logged in upon resume. Is there an additional setting that I have to flip to secure the terminals? Would this be considered a security hole? Is there anything short of me manually logging out that I can do to automate locking/logging my terminals?
When I'm logged into my account, I can't shut down the computer if someone else is also logged in unless I supply the root password. However, if I log out, I can shut down from GDM without being challenged, even though another person is logged in, which could cause problems if that person is in the middle of some work. Is there a way to password-protect the gdm shutdown function if people are logged in?
We have 4 servers having rhel 5.2. We have several users logged in on one of them. We have nis server/client running on them and have common home area mounted on all of them. Now we want to disable/block the accounts of the users who have not accessed our servers in last 2 months from today.What logic should we apply to do so? We were checking stat of .bashrc of each user but is not correct logic. We are going to write shell script for the same. We dont want to do anything in users home area or their files.
On my server I some times login from my home where I have an internet connection which does not have a static IP each time I switch on my modem a dynamic IP isgenerated.I see in auth.log logs of following lines Quote:reverse mapping checking getaddrinfo forkkts-kk-dynamic-01.1.168.192.some_broadband.in [192.168.1.2] failed - POSSIBLE BREAK-IN ATTEMPT Accepted publickey for root from 192.168.1.2 port 22852 ssh2when ever I login to my server from home.In this case I do know that it was me who logged in but still why do I see such a log.What is this complaining about?