search for: pam_shel

Displaying 20 results from an estimated 22 matches for "pam_shel".

Did you mean: pam_shield
2019 Jan 10
1
vsftpd rejects users set to nologin
More digging (now that I have a better handle on how to ask the question) reveals this bug against documentation and release notes for 7.6 to alert updaters about this breaking change for vsftpd: https://bugzilla.redhat.com/show_bug.cgi?id=1647485 The last comment there, #15 by "Roy": > For a workaround to vsftpd login failures that doesn't expose your system > to the
2009 Jul 10
1
vsftpd not able to log in
...="/usr/sbin/vsftpd" (hostname=hostname, addr=1.2.3.4, terminal=ftp res=failed)' cat /etc/pam.d/vsftpd #%PAM-1.0 session optional pam_keyinit.so force revoke auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed auth required pam_shells.so auth include system-auth account include system-auth session include system-auth session required pam_loginuid.so # grep local /etc/vsftpd/vsftpd.conf local_enable=YES local_umask=022 chroot_local_user=YES # getsebool -a | grep ftp allow_ftpd_anon_write --> off allow_ft...
2006 Jan 29
5
vsftp vs shell logins
I need to be able to allow specific system accounts to ftp to a box. As far as I can tell I have to give them a shell in /etc/passwd (i.e. /bin/bash) in order for their ftp login to work. I do *not* however want them to be able to log into a shell or ssh session. I cannot restrict by IP. What's the best way to accomplish this? Thanks, Scott
2004 Jan 12
1
PAM_ERROR_MSG and PAM_TEXT_INFO from modules
...sation mechanism. here is the pam config ive tested with: #%PAM-1.0 auth requisite pam_noulogin.so auth required pam_listfile.so item=user sense=deny file=/etc/ssh/ssh_rsa_only onerr=succeed auth required pam_unix.so auth required pam_env.so # [1] auth required pam_shells.so account requisite pam_noulogin.so account required pam_unix.so session required pam_unix.so session required pam_limits.so session optional pam_motd.so # [1] session optional pam_mail.so standard # [1] password required pam_cracklib.so retry=3 minlen=8 difok=3 password...
2006 Mar 23
1
Samba integration with AD
...optional /lib/security/pam_console.so # cat /etc/pam.d/samba #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth # cat /etc/pam.d/sshd #%PAM-1.0 auth include system-auth auth required pam_shells.so auth required pam_nologin.so account include system-auth password include system-auth session include system-auth Anything else? Brian
2006 Feb 08
0
Vijay - kerberos + vsftpd
...working. What I would like to do is : Only for vsftpd the authentication should be against the Active Directory, Below is the output of the /etc/pam.d/vsftpd -------------- [root@ftp ~]# cat /etc/pam.d/vsftpd #%PAM-1.0 auth?????? required???? pam_krb5.so try_first_pass auth?????? required???? pam_shells.so account??? required???? pam_krb5.so try_first_pass session??? required???? pam_krb5.so try_first_pass session??? required???? pam_loginuid.so [root@ftp ~]# -------------- Output of klist command -------------- [root@ftp ~]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: test2@GOTES...
2005 Aug 05
0
Gentoo, Pam, Sshd, Winbind + AD
...up) and then winbind would query the AD,but clearly this error states otherwise. # /etc/nsswitch.conf: passwd: compat winbind shadow: compat group: compat winbind # /etc/pam/sshd #%PAM-1.0 auth required pam_stack.so service=system-auth-winbind auth required pam_shells.so auth required pam_nologin.so account required pam_stack.so service=system-auth-winbind password required pam_stack.so service=system-auth-winbind session required pam_stack.so service=system-auth-winbind # /etc/pam/system-auth-winbind #%PAM-1.0 auth requi...
2009 Nov 05
3
ADS, pam_winbind and vsftpd
...is to achieve what used to be ftpd -A. # auth required pam_listfile.so item=user sense=allow file=/etc/ftpchroot onerr=fail auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_shells.so account sufficient pam_winbind.so account required pam_unix2.so password required pam_pwcheck.so nullok password required pam_unix2.so nullok use_first_pass use_authtok session required pam_limits.so session required pam_unix2.so --- The logs show (I used a correct user and...
2024 Nov 27
1
pam_winbind Appears to need a Network Connection to Succeed at Offline Authentication
...ystem-remote-login ??? session??? include? system-remote-login system-remote-login: ??? auth??????? include???? system-login ??? account???? include???? system-login ??? password??? include???? system-login ??? session???? include???? system-login system-login: ??? auth??????? required??? pam_shells.so ??? auth??????? required??? pam_nologin.so ??? auth??????? include???? system-auth ??? account???? required??? pam_access.so ??? account???? required??? pam_nologin.so ??? account???? required??? pam_time.so ??? account???? include???? system-auth ??? password??? include???? system-auth...
2010 Oct 20
1
Samba 3.5.6 pam problems
...stem-remote-login session include system-remote-login cat /etc/pam.d/system-remote-login auth include system-login account include system-login password include system-login session include system-login cat /etc/pam.d/system-login auth required pam_tally.so onerr=succeed auth required pam_shells.so auth required pam_nologin.so auth include system-auth account required pam_access.so account required pam_nologin.so account include system-auth account required pam_tally.so onerr=succeed password include system-auth session required pam_env.so session optional pam_lastlog....
2006 Feb 21
1
OT Proftpd Continued
Below is a cut and past from my log files that are sent to me. This is from the last day that proftpd worked correctly. I'm not sure why proftpd was restarted as the log states: ################### LogWatch 5.2.2 (06/23/04) #################### Processing Initiated: Sun Feb 19 09:02:02 2006 Date Range Processed: yesterday Detail Level of Output: 0 Logfiles
2017 Dec 06
3
ssh(1) is inaccurate
Hi, the man page an docs of ssh client say "If command is specified, it is executed on the remote host instead of a login shell." But afaik this is not quite accurate. The login shell is always started. But if a command is specified it runs that command instead of just opening an interactive setting. So if a user has /dev/false as login shell, you cannot run a command on that host via
2003 Nov 18
0
Samba PDC trying rid null logins
...d > -------------- next part -------------- #%PAM-1.0 auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed #this line was changed should be pam_pwdb auth sufficient /lib/security/pam_winbind.so shadow auth required /lib/security/pam_shells.so #this line was changed should be pam_pwdb account required /lib/security/pam_winbind.so session required /lib/security/pam_pwdb.so -------------- next part -------------- #%PAM-1.0 auth required /lib/security/pam_winbind.so shadow nodelay auth required /lib/security...
2002 Nov 15
1
Winbind and Samba
Hi all, I was wondering if someone could lend a little assistance. I recently setup SAMBA/Winbind to allow users to login to a Redhat 8 box using their Windows NT Domain credentials. All is working well in that regard. The issue I am having is getting regular UNIX based users to be able to login. The following is my PAM configuration. For example, if I try to login as root, it does not work.
2003 Nov 19
0
FW: Samba PDC trying rid null logins
...d > -------------- next part -------------- #%PAM-1.0 auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed #this line was changed should be pam_pwdb auth sufficient /lib/security/pam_winbind.so shadow auth required /lib/security/pam_shells.so #this line was changed should be pam_pwdb account required /lib/security/pam_winbind.so session required /lib/security/pam_pwdb.so -------------- next part -------------- #%PAM-1.0 auth required /lib/security/pam_winbind.so shadow nodelay auth required /lib/security...
2003 Jun 17
1
Samba3.0 domain GID/UID/SID transformations
On Tue, 2003-06-17 at 09:45, Nick Stephens wrote: > Greetings! > > I have grabbed the latest samba3 cvs source, and successfully compiled it, > got it talking to my NT server, joined the domain, etc.. life is good. > But, now I have a question kinda related to functionality, i believe... > > A quick synopsis of my goal is as follows: > > i currently have a sendmail
2001 Dec 20
2
winbindd and ftp
Hello, I setup samba2.2.2 with winbind. samba is a member of domain with security=domain. Now both work well. Since there is no user in /etc/passwd, and user information gets from PDC(a win2000 server). The question is: there is no /home/xxx directory too.(I don't want to make it manually). I can configure /etc/pam.d/login with : session required /lib/security/pam_mkhomedir. so when
2002 Jun 03
1
Problem with pam_winbind
I'm on a redhat 7.2 box, and I am trying to configure PAM to use winbind to authenticate against an NT4 PDC. I followed the instructions I found at: http://de.samba.org/samba/ftp/docs/htmldocs/Samba-HOWTO-Collection.html#WINBIND I compiled the 2.2.4 source and have tried several permutations of the setup they suggest, and have tried many solutions I've seen suggested on different
2018 Aug 07
2
id <username> - doesnt list all groups
Thank for your answer: But i dont know understand why is following not working: I want to restrict the ssh access for a special domain member: In my "sshd_config" i added: AllowGroups restrictaccess root With user2 im able to login via ssh! log: pam_krb5(sshd:auth): user user2 authenticated as user2 at ROOTRUDI.DE With user1 im not! log: User user1 from 192.168.0.100 not allowed
2024 Nov 27
1
pam_winbind Appears to need a Network Connection to Succeed at Offline Authentication
On Wed, 27 Nov 2024 10:19:48 -0500 "John R. Graham via samba" <samba at lists.samba.org> wrote: > When I put winbindd in offline mode, > > ??? terra ~ # smbcontrol winbindd offline > ??? terra ~ # smbcontrol winbindd onlinestatus > ??? PID 20664: global:Offline BUILTIN:Online TERRA:Online > HOME:Offline > > I can successfully log in (with the test