Displaying 20 results from an estimated 21 matches for "pam_opieaccess".
2003 Jun 27
1
Problems with the pam_opieaccess PAM module
...a 'requisite' module fails. I find this strange as the pam 'requisite'
is defined in the man pages as: requisite - failure of such a PAM
results in the immediate termination of the authentication process;
Here is what I did.
I've setup opie for my account. I've configured pam_opieaccess
(/etc/opieaccess) to allow my home network to use static passwords:
permit 10.0.0.0 255.255.255.0
And in /etc/pam.conf I added:
sshd auth required pam_opie.so
sshd auth requisite pam_opieaccess.so
sshd auth required /usr/lib/pam_krb5.so.1 try_first_pass forwa...
2002 Dec 26
1
changing passwords from win2k
...nyone could help me with this problem it would be greatly appreciated!!!
Thanks,
Jeff Meyer
The smb.conf and pam.conf files that I am using are below.
pam.conf
login auth sufficient pam_skey.so
login auth sufficient pam_opie.so
no_fake_prompts
#login auth required pam_opieaccess.so
login auth requisite pam_cleartext_pass_ok.so
#login auth sufficient pam_kerberosIV.so
try_first_pass
#login auth sufficient pam_krb5.so
try_first_pass
login auth required pam_unix.so
try_first_pass
login account required pam_unix.so
login pass...
2003 Oct 31
4
Samba and private shares
...yes
printable = no
writeable = yes
Pam.conf
auth required pam_nologin.so
no_warn
auth sufficient pam_winbind.so
auth sufficient pam_opie.so
no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
#auth sufficient pam_krb5.so
no_warn try_first_pass
#auth sufficient pam_ssh.so
no_warn try_first_pass
auth required pam_unix.so
no_warn try_first_pass
# account
#account re...
2005 Jun 16
2
FreeBSD ssh AD authentication
...the /etc/pam.conf file like this (settings for
ssh) :
sshd auth sufficient pam_skey.so
sshd auth sufficient pam_opie.so no_fake_prompts
#this line is added by me
sshd auth sufficient /usr/local/lib/pam_winbind.so
#sshd auth requisite pam_opieaccess.so
#sshd auth sufficient pam_kerberosIV.so try_first_pass
#sshd auth sufficient pam_krb5.so try_first_pass
sshd auth required pam_unix.so try_first_pass
sshd account required pam_unix.so
#this line is a...
2007 Apr 13
1
Samba3 : no suitable range available for sid
...elete user from group script = /usr/sbin/deluser %u %g
delete group script = /usr/sbin/pw groupdel %g
and here is my PAM stack for /etc/pam.d/system
# System-wide defaults
#
# auth
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_winbind.so try_first_pass
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient pam_ssh.so no_warn
try_first_pass
auth required pam_unix....
2011 Feb 18
1
Not sure I understand when add user script is called
...es
read only = No
browseable = No
Here's the /etc/pam.d/system file:
#
# $FreeBSD: src/etc/pam.d/system,v 1.1.32.1.4.1 2010/06/14 02:09:06
kensmith Exp $
#
# System-wide defaults
#
# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient /usr/local/lib/pam_winbind.so mkhomedir=yes
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required pam_unix.so no_warn try_first...
2009 Aug 28
1
FreeBSD 7.2 and Samba 3.3.7 AD 2003 Authentication Problem
...s
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
# more /etc/pam.d/sshd
# auth
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
auth sufficient /usr/local/lib/pam_winbind.so
try_first_pass
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient pam_ssh.so no_warn
try_first_pass
auth required pam...
2011 Mar 09
0
Match and ChallengeResponseAuthentication
...has been discussed on this list previously:
http://www.gossamer-threads.com/lists/openssh/dev/47179?search_string=match%20challengeresponseauthentication;#47179
More specifically, I would like to allow PAM authentication from the
Internet only for users which I know use OPIE (that's because
pam_opieaccess isn't flexible enough for this).
That would be something like this:
ChallengeResponseAuthentication no
Match Address 10.0.0.0/8
ChallengeResponseAuthentication yes
Match User miguel
ChallengeResponseAuthentication yes
However, ChallengeResponseAuthentication can't be used within Matc...
2004 Jun 24
0
FW: Opieaccess file, is this normal?
...s file, is this normal?
Hi,
Here is the content of /etc/pamd/ssh, it's actually the default, I didn't
change it.
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth required pam_unix.so no_warn
try_first_pass
account required pam_unix.so
session required pam_permit.so
password required pam_unix.so no_warn
try_first_pass
? just want to point...
2006 Nov 03
0
FreeBSD 6.1 - winbind - ssh pam problem
...appreciated.
Regards,
Mike
# /etc/pam.d/sshd
auth sufficient
/usr/local/samba/lib/security/pam_winbind.so
auth sufficient pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn
allow_local
auth sufficient pam_unix.so no_warn
try_first_pass
account sufficient
/usr/local/samba/lib/security/pam_winbind.so
account required pam_unix.so
session required pam_permit.so
password required...
2005 Jun 24
0
Winbind NT domain authentication
...dns winbind
networks: files
passwd: compat winbind
passwd_compat: nis
shells: files
and finally my /etc/pam.d/sshd
# auth
auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth required pam_unix.so no_warn try_first_pass
#tfa
auth sufficient...
2005 Jun 24
0
Winbind NT domain authentication
...dns winbind
networks: files
passwd: compat winbind
passwd_compat: nis
shells: files
and finally my /etc/pam.d/sshd
# auth
auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth required pam_unix.so no_warn try_first_pass
#tfa
auth sufficient...
2007 Jan 30
1
cannot su, something may related to pam
...********copy end***********************
/etc/pam.d/system
****************copy start*************************
# auth
auth sufficient /usr/lib/pam_winbind.so try_first_pass
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required pam_unix.so no_warn try_first_pass nullok
# account
account...
2005 Jan 29
1
Cyrus IMAP crashes after reading /etc/krb5.conf
...? Note, that Blake is a Windows 2000 server...
Another change I did was modifying the /etc/pam.d/system to make both unix and
krb5 sufficient:
--- /usr/src/etc/pam.d/system Sat Jun 14 08:35:05 2003
+++ /etc/pam.d/system Fri Jan 28 20:29:06 2005
@@ -9,5 +9,5 @@
auth requisite pam_opieaccess.so no_warn allow_local
-#auth sufficient pam_krb5.so no_warn try_first_pass
+auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
-auth required p...
2004 Aug 17
2
SSHD Bug with Pam/Winbind on FreeBSD ver5.2
...security = domain
And your /etc/pam.d/sshd should look like this:
# auth
auth sufficient pam_winbind.so
auth sufficient pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_unix.so no_warn
try_first_pass
account sufficient pam_winbind.so
account required pam_unix.so
session required pam_permit.so
password required pam_unix.so no_w...
2003 Jun 04
1
FreeBSD + winbindd + PAM
...ried /usr/lib/compat too, but that shouldn't matter.
I edited {pam.conf,pam.d/ftpd} to create entries for my FTP server, that
looked like:
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth sufficient pam_winbind.so debug try_first_pass
auth required pam_unix.so no_warn try_first_pass
account sufficient pam_winbind.so debug
account required pam_unix.so
session required pam_permit....
2008 Sep 02
1
"pam_start() failed: system error" with dovecot 1.1.2, cause unknown
...ill dovecot-auth: in openpam_load_module(): no
pam_nologin.so found
Sep 2 08:25:10 hill dovecot-auth: in openpam_load_module(): no
pam_unix.so found
Sep 2 08:25:11 hill dovecot-auth: in openpam_load_module(): no
pam_unix.so found
Sep 2 08:25:20 hill dovecot-auth: in openpam_load_module(): no
pam_opieaccess.so found
Sep 2 08:25:20 hill dovecot-auth: in openpam_load_module(): no
pam_opie.so found
Sep 2 08:25:51 hill kernel: Sep 2 08:25:51 hill last message repeated
12 times
Sep 2 08:27:52 hill kernel: Sep 2 08:27:52 hill last message repeated
37 times
Sep 2 08:38:01 hill kernel: Sep 2 08:38:0...
2005 Aug 19
2
pam_radius fail open?
...configuration for the "sshd" service
#
# auth
#sshd auth required pam_radius.so -update -/usr/local/etc/radius
#auth required pam_nologin.so no_warn
#auth sufficient pam_opie.so no_warn
no_fake_prompts
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn
try_first_pass
#auth sufficient pam_ssh.so no_warn
try_first_pass
#auth required pam_unix.so no_warn
try_first_pass
# account
#account req...
2004 Jun 22
2
Opieaccess file, is this normal?
Hi,
I'm trying to setup one-time passwords on freebsd5.2.1
>From what I've read so far, if the user is present in opiekeys, the
opieaccess file determines if the user (coming from a specific host or
network) is allowed to use his unix password from this specific network.
As my opieaccess file is empty and the default rule (as mentionned in the
man file) is deny, I should not be
2012 Apr 17
0
Problems with samba as PDC
...pam.d/sshd
#
# $FreeBSD: releng/9.0/etc/pam.d/sshd 197769 2009-10-05 09:28:54Z des $
#
# PAM configuration for the "sshd" service
#
# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
auth sufficient /usr/local/lib/pam_winbind.so
auth requisite pam_opieaccess.so
no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth sufficient /usr/local/lib/pam_winbind.so
auth required pam_unix.so no_warn try_first_pass
# account
account sufficie...