Displaying 20 results from an estimated 30 matches for "pam_opie".
2001 Jun 02
2
pam_opie
Hi, did a search in the archives for "opie" and this is the most recent
message on the topic I see:
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98536878202858&w=2
Nigel, would you mind sending me the source for the module you've
extracted from that other distribution?
Also, if anyone is interested in looking at other OPIE PAM modules, here
are two more:
Andy
2001 Mar 21
2
Challenge response authentication and PAM
As an experiment I set up Challenge/response authentication on a Linux
system with PAM using a pam_opie module (this module works fine with
console logins and su).
I can log into the box using the opie password, *but* it does not give
me the challenge - which can make things a little tricky :-)
I can well believe this might be a fault in the PAM pam_opie module I
am using, so has anyone got Chal...
2003 Nov 02
1
opie bug or ..?
...positive.
but it works fine in case of:
mx2# opiekey -n5 1 vo6199
Using the MD5 algorithm to compute response.
Reminder: Don't use opiekey from telnet or dial-in sessions.
Enter secret pass phrase:
0: OAK SEW CULT FALL AX WAND
1: BOUT AID SOOT BUT SIT BILK
mx2#
*** 3 *** pam_opie.so, the most interesting thing
After successful login with 0 sequence number, trying to do it again
(sequence number has been decreased, right?)
mx2# ssh ssa@192.168.90.250
otp-md5 -1 (null) ext
Password:
Is it impossible to calculate response to '-1' so trying to use any
pas...
2002 Dec 26
1
changing passwords from win2k
...n that my problem is not with samba but
it is with PAM?
If anyone could help me with this problem it would be greatly appreciated!!!
Thanks,
Jeff Meyer
The smb.conf and pam.conf files that I am using are below.
pam.conf
login auth sufficient pam_skey.so
login auth sufficient pam_opie.so
no_fake_prompts
#login auth required pam_opieaccess.so
login auth requisite pam_cleartext_pass_ok.so
#login auth sufficient pam_kerberosIV.so
try_first_pass
#login auth sufficient pam_krb5.so
try_first_pass
login auth required pam_unix.so
try_f...
2003 Jun 27
1
Problems with the pam_opieaccess PAM module
...a 'requisite' module fails. I find this strange as the pam 'requisite'
is defined in the man pages as: requisite - failure of such a PAM
results in the immediate termination of the authentication process;
Here is what I did.
I've setup opie for my account. I've configured pam_opieaccess
(/etc/opieaccess) to allow my home network to use static passwords:
permit 10.0.0.0 255.255.255.0
And in /etc/pam.conf I added:
sshd auth required pam_opie.so
sshd auth requisite pam_opieaccess.so
sshd auth required /usr/lib/pam_krb5.so.1 try_first_pass...
2003 Oct 31
4
Samba and private shares
...username = domain-name.username
browsable = yes
read only = no
#public = yes
printable = no
writeable = yes
Pam.conf
auth required pam_nologin.so
no_warn
auth sufficient pam_winbind.so
auth sufficient pam_opie.so
no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
#auth sufficient pam_krb5.so
no_warn try_first_pass
#auth sufficient pam_ssh.so
no_warn try_first_pass
auth requi...
2002 May 30
1
3.2.3p1/auth-pam.c: PAM_PROMPT_ECHO_OFF in INITIAL_LOGIN pam state
I have been unable to use any challenge/response based pam module (eg.
pam_opie.so) for ssh authentication, because the challenge (needed to
compute an appropriate response) is never shown during login.
do_pam_conversation() in auth-pam.c will not print any prompts while in the
INITIAL_LOGIN state, queueing them for later printing.
Should users be able to override this (usu...
2007 Oct 22
0
Intermittently stalling PAM authentication children
...in __read_nocancel () from /lib64/tls/libc.so.6
#1 0x000000552aadea26 in packet_get_int () from /usr/sbin/sshd
#2 0x000000552aae3f75 in kex_input_kexinit () from /usr/sbin/sshd
#3 0x000000552aacdb60 in kexgex_server () from /usr/sbin/sshd
#4 0x0000002a96eb1c27 in converse () from /lib/security/pam_opie.so
#5 0x0000002a96eb1d7a in pam_sm_authenticate () from /lib/security/pam_opie.so
#6 0x0000002a957787aa in _pam_dispatch () from /lib64/libpam.so.0
#7 0x0000002a9577a182 in pam_authenticate () from /lib64/libpam.so.0
#8 0x000000552aace845 in kexgex_server () from /usr/sbin/sshd
#9 0x000000552a...
2005 Jun 16
2
FreeBSD ssh AD authentication
...9;s for users
in the domain...
What am I doing wrong ?
Furthermore I went through this ordeal to allow domain users to authenticate
with ssh. So I've modified the the /etc/pam.conf file like this (settings for
ssh) :
sshd auth sufficient pam_skey.so
sshd auth sufficient pam_opie.so no_fake_prompts
#this line is added by me
sshd auth sufficient /usr/local/lib/pam_winbind.so
#sshd auth requisite pam_opieaccess.so
#sshd auth sufficient pam_kerberosIV.so try_first_pass
#sshd auth sufficient pam_krb5.so...
2000 Dec 02
2
pam, openssh and opie
...hidden.
>
> I have a working implementation on Linux, with source code taken from
> http://www.inner.net/pub/opie/
>
> There is also a (basic) PAM implementation for authentication - I've
> not even attempted to see if that works with openssh
> http://www.tho.org/~andy/pam_opie-0.21.tar.gz
>
> Unfortunately single use passwords seem to have fallen out of favour -
> slightly strange when generation of the passwords is nice and easy now
> with Palm devices and the like.
>
> Nigel.
>
Harondel J. Sibble
Sibble Computer Consulting
Creating solut...
2007 Apr 13
1
Samba3 : no suitable range available for sid
...d
/dev/null -s /bin/false %u
delete user script = /usr/sbin/pw userdel %u
; delete user from group script = /usr/sbin/deluser %u %g
delete group script = /usr/sbin/pw groupdel %g
and here is my PAM stack for /etc/pam.d/system
# System-wide defaults
#
# auth
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_winbind.so try_first_pass
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient pa...
2011 Feb 18
1
Not sure I understand when add user script is called
...e = Yes
wide links = Yes
[homes]
comment = Home Directories
read only = No
browseable = No
Here's the /etc/pam.d/system file:
#
# $FreeBSD: src/etc/pam.d/system,v 1.1.32.1.4.1 2010/06/14 02:09:06
kensmith Exp $
#
# System-wide defaults
#
# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient /usr/local/lib/pam_winbind.so mkhomedir=yes
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn t...
2009 Aug 28
1
FreeBSD 7.2 and Samba 3.3.7 AD 2003 Authentication Problem
...OMAIN.UCSD.EDU
# more /etc/nsswitch.conf
group: files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
# more /etc/pam.d/sshd
# auth
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
auth sufficient /usr/local/lib/pam_winbind.so
try_first_pass
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient...
2004 Jun 24
0
FW: Opieaccess file, is this normal?
...day, June 24, 2004 09:06
To: freebsd-security@freebsd.org
Subject: RE: Opieaccess file, is this normal?
Hi,
Here is the content of /etc/pamd/ssh, it's actually the default, I didn't
change it.
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth required pam_unix.so no_warn
try_first_pass
account required pam_unix.so
session required pam_permit.so
password...
2006 Nov 03
0
FreeBSD 6.1 - winbind - ssh pam problem
...-u.
Here are some relevent (I hope) configurations. Any help would be
greatly appreciated.
Regards,
Mike
# /etc/pam.d/sshd
auth sufficient
/usr/local/samba/lib/security/pam_winbind.so
auth sufficient pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
auth sufficient pam_unix.so no_warn
try_first_pass
account sufficient
/usr/local/samba/lib/security/pam_winbind.so
account required p...
2005 Jun 24
0
Winbind NT domain authentication
...in/bash
My nsswitch.conf
group: compat winbind
group_compat: nis
hosts: files dns winbind
networks: files
passwd: compat winbind
passwd_compat: nis
shells: files
and finally my /etc/pam.d/sshd
# auth
auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth required...
2005 Jun 24
0
Winbind NT domain authentication
...in/bash
My nsswitch.conf
group: compat winbind
group_compat: nis
hosts: files dns winbind
networks: files
passwd: compat winbind
passwd_compat: nis
shells: files
and finally my /etc/pam.d/sshd
# auth
auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth required...
2007 Jan 30
1
cannot su, something may related to pam
...etworks: files
passwd: files winbind
passwd_compat: nis
shells: compat
*****************copy end***********************
/etc/pam.d/system
****************copy start*************************
# auth
auth sufficient /usr/lib/pam_winbind.so try_first_pass
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required...
2004 Aug 17
2
SSHD Bug with Pam/Winbind on FreeBSD ver5.2
...penssh with --with-pam option
Install samba
Your smb.conf should be running in:
security = domain
And your /etc/pam.d/sshd should look like this:
# auth
auth sufficient pam_winbind.so
auth sufficient pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_unix.so no_warn
try_first_pass
account sufficient pam_winbind.so
account required pam_unix.so
session...
2007 Feb 07
3
OTP?
...that the series was being decremented, but auth.log gives
Feb 6 15:41:46 mabruk dovecot-auth: (pam_unix) authentication failure;
logname= uid=0 euid=0 tty= ruser= rhost=x.x.x.x user=micah
ssh works fine with the same PAM settings (both include common-auth,
which has:)
auth sufficient pam_opie.so
auth sufficient pam_unix.so nullok_secure
auth required pam_deny.so
--
Micah J. Cowan
Programmer, musician, typesetting enthusiast, gamer...
http://micah.cowan.name/