Displaying 19 results from an estimated 19 matches for "no_fake_prompts".
2002 Dec 26
1
changing passwords from win2k
...oblem is not with samba but
it is with PAM?
If anyone could help me with this problem it would be greatly appreciated!!!
Thanks,
Jeff Meyer
The smb.conf and pam.conf files that I am using are below.
pam.conf
login auth sufficient pam_skey.so
login auth sufficient pam_opie.so
no_fake_prompts
#login auth required pam_opieaccess.so
login auth requisite pam_cleartext_pass_ok.so
#login auth sufficient pam_kerberosIV.so
try_first_pass
#login auth sufficient pam_krb5.so
try_first_pass
login auth required pam_unix.so
try_first_pass
login a...
2003 Oct 31
4
Samba and private shares
...name.username
browsable = yes
read only = no
#public = yes
printable = no
writeable = yes
Pam.conf
auth required pam_nologin.so
no_warn
auth sufficient pam_winbind.so
auth sufficient pam_opie.so
no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
#auth sufficient pam_krb5.so
no_warn try_first_pass
#auth sufficient pam_ssh.so
no_warn try_first_pass
auth required pam_unix.so...
2005 Jun 16
2
FreeBSD ssh AD authentication
...What am I doing wrong ?
Furthermore I went through this ordeal to allow domain users to authenticate
with ssh. So I've modified the the /etc/pam.conf file like this (settings for
ssh) :
sshd auth sufficient pam_skey.so
sshd auth sufficient pam_opie.so no_fake_prompts
#this line is added by me
sshd auth sufficient /usr/local/lib/pam_winbind.so
#sshd auth requisite pam_opieaccess.so
#sshd auth sufficient pam_kerberosIV.so try_first_pass
#sshd auth sufficient pam_krb5.so try_first_pass
ss...
2007 Apr 13
1
Samba3 : no suitable range available for sid
...elete user script = /usr/sbin/pw userdel %u
; delete user from group script = /usr/sbin/deluser %u %g
delete group script = /usr/sbin/pw groupdel %g
and here is my PAM stack for /etc/pam.d/system
# System-wide defaults
#
# auth
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_winbind.so try_first_pass
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient pam_ssh.so no_warn
try_first...
2011 Feb 18
1
Not sure I understand when add user script is called
...es
[homes]
comment = Home Directories
read only = No
browseable = No
Here's the /etc/pam.d/system file:
#
# $FreeBSD: src/etc/pam.d/system,v 1.1.32.1.4.1 2010/06/14 02:09:06
kensmith Exp $
#
# System-wide defaults
#
# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient /usr/local/lib/pam_winbind.so mkhomedir=yes
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required...
2009 Aug 28
1
FreeBSD 7.2 and Samba 3.3.7 AD 2003 Authentication Problem
...witch.conf
group: files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
# more /etc/pam.d/sshd
# auth
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
auth sufficient /usr/local/lib/pam_winbind.so
try_first_pass
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient pam_ssh.so no_warn
try...
2004 Jun 24
0
FW: Opieaccess file, is this normal?
...ebsd-security@freebsd.org
Subject: RE: Opieaccess file, is this normal?
Hi,
Here is the content of /etc/pamd/ssh, it's actually the default, I didn't
change it.
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth required pam_unix.so no_warn
try_first_pass
account required pam_unix.so
session required pam_permit.so
password required pam_unix.so...
2006 Nov 03
0
FreeBSD 6.1 - winbind - ssh pam problem
...hope) configurations. Any help would be
greatly appreciated.
Regards,
Mike
# /etc/pam.d/sshd
auth sufficient
/usr/local/samba/lib/security/pam_winbind.so
auth sufficient pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
auth sufficient pam_unix.so no_warn
try_first_pass
account sufficient
/usr/local/samba/lib/security/pam_winbind.so
account required pam_unix.so
session required...
2005 Jun 24
0
Winbind NT domain authentication
...: compat winbind
group_compat: nis
hosts: files dns winbind
networks: files
passwd: compat winbind
passwd_compat: nis
shells: files
and finally my /etc/pam.d/sshd
# auth
auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth required pam_unix.so no_warn t...
2005 Jun 24
0
Winbind NT domain authentication
...: compat winbind
group_compat: nis
hosts: files dns winbind
networks: files
passwd: compat winbind
passwd_compat: nis
shells: files
and finally my /etc/pam.d/sshd
# auth
auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth required pam_unix.so no_warn t...
2003 Jun 27
1
Problems with the pam_opieaccess PAM module
Hi,
I've configured opie (one time passwords) under FreeBSD and I came
across the following problem.
It looks like libpam does not stop the authentication process when
a 'requisite' module fails. I find this strange as the pam 'requisite'
is defined in the man pages as: requisite - failure of such a PAM
results in the immediate termination of the authentication process;
Here
2007 Jan 30
1
cannot su, something may related to pam
...bind
passwd_compat: nis
shells: compat
*****************copy end***********************
/etc/pam.d/system
****************copy start*************************
# auth
auth sufficient /usr/lib/pam_winbind.so try_first_pass
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required pam_unix.so no_warn t...
2004 Aug 17
2
SSHD Bug with Pam/Winbind on FreeBSD ver5.2
...tall samba
Your smb.conf should be running in:
security = domain
And your /etc/pam.d/sshd should look like this:
# auth
auth sufficient pam_winbind.so
auth sufficient pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_unix.so no_warn
try_first_pass
account sufficient pam_winbind.so
account required pam_unix.so
session required pam_permit.so
passwo...
2003 Jun 04
1
FreeBSD + winbindd + PAM
...d ran ldconfig(8).
I have subsequently tried /usr/lib/compat too, but that shouldn't matter.
I edited {pam.conf,pam.d/ftpd} to create entries for my FTP server, that
looked like:
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_winbind.so debug try_first_pass
auth required pam_unix.so no_warn try_first_pass
account sufficient pam_winbind.so debug
account required pam_unix...
2003 Jul 11
3
Login.Access
Login seems to be ignoring my /etc/login.access settings.
I have the following entries (see below) in my login.access, yet any new
user (not in the wheel group) is still allowed to login. What am I missing?
# $FreeBSD: src/etc/login.access,v 1.3 1999/08/27 23:23:42 peter Exp $
#
-:ALL EXCEPT wheel:console
-:ALL EXCEPT wheel:ALL
Thanks,
--
Scott Gerhardt, P.Geo.
Gerhardt Information
2005 Aug 15
2
recompile sshd with OPIE?
...lar and can help.
I'd like to compile support for FreeBSD OPIE into sshd. Presently I have
to use PAM to achieve one-time password support. On a 4.x system I have
in /etc/ssh/sshd_config
ChallengeResponseAuthentication yes
and in /etc/pam.conf
sshd auth sufficient pam_opie.so no_fake_prompts
To avoid the extra PAM process on 5.x, I'd prefer to just enable OPIE in
the sshd binary, but I'm not sure if this is possible with a commandline
option to make. I would like to rebuild it in the usual way:
# cd /usr/src/secure/usr.sbin/sshd
# make obj && make depend && ma...
2005 Aug 19
2
pam_radius fail open?
...,v 1.15 2003/04/30 21:57:54 markm Exp $
#
# PAM configuration for the "sshd" service
#
# auth
#sshd auth required pam_radius.so -update -/usr/local/etc/radius
#auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn
no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient pam_ssh.so no_warn
try_first_pass
#auth required pam_unix.so no_warn...
2004 Jun 22
2
Opieaccess file, is this normal?
Hi,
I'm trying to setup one-time passwords on freebsd5.2.1
>From what I've read so far, if the user is present in opiekeys, the
opieaccess file determines if the user (coming from a specific host or
network) is allowed to use his unix password from this specific network.
As my opieaccess file is empty and the default rule (as mentionned in the
man file) is deny, I should not be
2012 Apr 17
0
Problems with samba as PDC
...exist on the Samba Server which is FreeBSD 9 with samba 3.6.
I have the following in /etc/pam.d/sshd
#
# $FreeBSD: releng/9.0/etc/pam.d/sshd 197769 2009-10-05 09:28:54Z des $
#
# PAM configuration for the "sshd" service
#
# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
auth sufficient /usr/local/lib/pam_winbind.so
auth requisite pam_opieaccess.so
no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth sufficient /usr/local/lib/pam_winbind.so...