search for: keybased

Hi Team, We have a weird issue that we are trying to understand. We have winbind set up and working successfully for user authentication with passwords via ssh. We have pam.d/system-auth-ac and password-auth-ac (symlinked) set to require membership of a group which works great via password authentication. However, if the user has a ssh key set up, they seem to bypass the group membership

Samba 4.17.9, I've already edited the schema to create an attribute and add it to the user class. I also added an already existing attribute to the user class, both are seen in the attribute editor. I created a third one, I think I did everything suggested in the wiki and I'm able to query and modify the 3rd attribute using LDAP. Is there a step after creating an attribute and modifying

Hi all, I have finally got tinc working, but it?s only between server/client. Client can receive broadcast packets from server ethernet, and pings between them is fine. If I ping tinc client(192.168.88.166) from any machine in my server lan, 192.168.88.0/24, all packets timed out, and nothing received by the client. Any ideas? Thanks! Regards, Quan Zhou +------------------------+ |pub

Hi all, I followed the guide "simple-bridging-with-dhcp", which has two parts: http://www.tinc-vpn.org/examples/simple-bridging-with-dhcp-server-side/ http://www.tinc-vpn.org/examples/simple-bridging-with-dhcp-client-side/ I have altered two things to fit my needs, 1) DHCP server(host:pek1) is on client side ethernet, so I have bridged eth0 and tun1 together; 2) Network/Server/Client

On 30/01/2020 12:53, Michael Str?der wrote: > On 1/30/20 1:27 PM, Brian Candler wrote: >> I am trying to work out the best way to issue SSH certificates in such >> way that they only allow access to specific usernames*and* only to >> specific groups of host. > I also thought about this for a while. The only idea I came up with is > to have separate CAs used as trust

I'm new on rsync, and I have some question regarding file synchronization my rsyncd.conf is secrets file = /etc/rsyncd.secrets read only = yes list = yes uid = nobody gid = nobody max connections = 1 log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock [test] path = /home/test auth users = test on another linux, I executed rsync --verbose --progress

...clude /opt/kickstart/include/bacula.cfg # Install "standard" additional components yum -y install keychain bash-completion multitail webmin And a sample of one of the modular configs... [root at archive kickstart]# cat include/secure-sshd.cfg # Lock down sshd_config to only accept SSH2 keybased auth mkdir -p /etc/ssh/RCS ci -t-"Main SSHD configuration file." -u /etc/ssh/sshd_config co -l /etc/ssh/sshd_config cat <<EOF > /etc/ssh/sshd_config # # Main SSHD configuration file. # # \$Id\$ # # FILE UNDER RCS, DO NOT EDIT WITHOUT CHECKING OUT!!! Port 22 Protocol 2 HostKey /e...