search for: pam_faillock

...v ??? session???? optional??? pam_lastlog.so silent ??? session???? include???? system-auth ??? session???? optional??? pam_motd.so motd=/etc/motd ??? session???? optional??? pam_mail.so ??? -session??? optional??? pam_elogind.so system-auth: ??? auth required pam_env.so ??? auth requisite pam_faillock.so preauth ??? auth??????? [success=2 default=ignore]????????????????????????????????? pam_winbind.so try_first_pass ??? auth??????? [success=1 new_authtok_reqd=1 ignore=ignore default=bad]??? pam_unix.so nullok try_first_pass ??? auth [default=die] pam_faillock.so authfail ??? account????...

...ecot sasl component to use different authorisation back-ends, such as LDAP, GSSAPI, MySQL etc. These do not necessarily have the ability to reject uid < 500. However, generally, these backends can be used by pam as well. In default debian installations: cat dovecot #%PAM-1.0 #auth required pam_faillock.so preauth silent audit #auth [default=die] pam_faillock.so authfail audit @include common-auth @include common-account @include common-session cat common-auth # # /etc/pam.d/common-auth - authentication settings common to all services # # This file is included from other service-specific PAM co...

...run. When I remove the network cable, the behavior changes. With the exact same ssh command as above, there's a long timeout before the password prompt appears and another one after the password is provided. /var/log/messages tells a sad tale: ??? Nov 25 12:28:11 terra sshd-session[28633]: pam_faillock(sshd:auth): User unknown ??? Nov 25 12:28:11 terra sshd-session[28633]: pam_winbind(sshd:auth): getting password (0x00004388) ??? Nov 25 12:28:11 terra sshd-session[27411]: Postponed keyboard-interactive for invalid user SAMDOM\\\\jgraham from 127.0.0.1 port 38014 ssh2 [preauth] ??? Nov 25 1...

...MDOM\jgraham at localhost) Password: > ??? Connection closed by 127.0.0.1 port 22 > > /var/log/messages shows: > > ??? Nov 27 09:41:17 terra sshd-session[29098]: Invalid user > SAMDOM\\jgraham from 127.0.0.1 port 50306 > ??? Nov 27 09:41:39 terra sshd-session[30699]: > pam_faillock(sshd:auth): User unknown > ??? Nov 27 09:41:39 terra sshd-session[30699]: > pam_winbind(sshd:auth): [pamh: 0x55c233e7bc70] ENTER: > pam_sm_authenticate (flags: 0x0001) Nov 27 09:41:39 terra > sshd-session[30699]: pam_winbind(sshd:auth): getting password > (0x00004389) Nov 27 09:41:3...

...jgraham at localhost) Password: ??? (SAMDOM\jgraham at localhost) Password: ??? Connection closed by 127.0.0.1 port 22 /var/log/messages shows: ??? Nov 27 09:41:17 terra sshd-session[29098]: Invalid user SAMDOM\\jgraham from 127.0.0.1 port 50306 ??? Nov 27 09:41:39 terra sshd-session[30699]: pam_faillock(sshd:auth): User unknown ??? Nov 27 09:41:39 terra sshd-session[30699]: pam_winbind(sshd:auth): [pamh: 0x55c233e7bc70] ENTER: pam_sm_authenticate (flags: 0x0001) ??? Nov 27 09:41:39 terra sshd-session[30699]: pam_winbind(sshd:auth): getting password (0x00004389) ??? Nov 27 09:41:39 terra sshd...

...> back-ends, such as LDAP, GSSAPI, MySQL etc. These do not necessarily > have the ability to reject uid < 500. > > However, generally, these backends can be used by pam as well. In > default debian installations: > > cat dovecot > #%PAM-1.0 > > #auth required pam_faillock.so preauth silent audit > #auth [default=die] pam_faillock.so authfail audit > > @include common-auth > @include common-account > @include common-session > > cat common-auth > > # > # /etc/pam.d/common-auth - authentication settings common to all services > # &gt...

...ancette/oz/blob/e74ce83283d468fd987583d6837b441608e5f8f0/oz/Windows.py ) - (librarian suggests ...) . install a firstboot script virt-sysprep --script=/tmp/foo.sh - . run an external shell script . run external guestfish script virt-sysprep --fish=/tmp/foo.fish - - /var/run/* and pam_faillock's data files - if drives are encrypted, then dm-crypt key should be changed and drives all re-encrypted - /etc/pki -- 1.7.10

...ttempt to authenticate a user in the same way pam_winbind would do." is identical in the technical implementation. Are there any alternative approaches I could take to try and uncover what is happening? Thanks, James /etc/pam.d/common-auth includes: auth [success=ignore default=die] pam_faillock.so preauth deny=6 unlock_time=1800 silent auth [success=ok default=1] pam_localuser.so auth [success=3 default=ignore] pam_unix.so try_first_pass auth [success=2 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass debug auth opt...

...ny other software product that reads the password database. All the installer can do is read in the plain-text password, check to make sure it passes a minimum policy, then crypt it and put it in the shadow file. There are certainly things that could change, like having the pam configuration have pam_faillock on by default. But I tend to think that having brute-force resistance *AND* slightly better password security should be the goal, not one to the exclusion of the other. -- Jonathan Billings <billings at negate.org>

...? user=test Mar 15 15:44:29 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2 Mar 15 15:44:29 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2 Mar 15 15:44:33 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2 Mar 15 15:44:35 testbox sshd[4051]:pam_faillock(sshd:auth): Consecutive login failures for user test accounttemporarily locked Mar 15 15:44:37 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2 Mar 15 15:44:44 testbox sshd[4051]: Accepted password fortest from X port 57118 ssh2 Mar 15 15:44:44 testbox sshd[4051]:pam_unix(sshd:...

...ate mode 100644 sysprep/sysprep_operation_ssh_userdir.ml diff --git a/TODO b/TODO index 3d5613c..bf96ab0 100644 --- a/TODO +++ b/TODO @@ -543,7 +543,6 @@ virt-sysprep ideas . run external guestfish script virt-sysprep --fish=/tmp/foo.fish . rm /var/cache/apt/archives/* - /var/run/* and pam_faillock's data files - - homedirs/.ssh directory, especially /root/.ssh (Steve Grubb) - if drives are encrypted, then dm-crypt key should be changed and drives all re-encrypted - /etc/pki diff --git a/sysprep/Makefile.am b/sysprep/Makefile.am index 3a48702..f51fc07 100644 --- a/sysprep/Makefile...

On Tue, Feb 3, 2015 at 2:03 PM, Always Learning <centos at u64.u22.net> wrote: > > Nothing wrong with letting "an expert" preconfigure the system and then, > after installation, the SysAdmin checking to ensure all the settings > satisfy the SysAdmin's requirements. > I'd just rather see them applying their expertise to actually making the code resist

...tponed keyboard-interactive for HOME\\\\jgraham from ::1 port 34982 ssh2 [preauth] ??? Nov 19 11:18:46 terra sshd-session[25859]: pam_unix(sshd:auth): authentication failure; logname=jgraham uid=0 euid=0 tty=ssh ruser= rhost=::1? user=HOME\jgraham ??? Nov 19 11:18:46 terra sshd-session[25859]: pam_faillock(sshd:auth): Consecutive login failures for user HOME\jgraham account temporarily locked ??? Nov 19 11:18:48 terra sshd-session[25479]: error: PAM: Authentication failure for HOME\\jgraham from ::1 ??? Nov 19 11:19:03 terra sshd-session[25479]: Failed password for HOME\\jgraham from ::1 port 34...