search for: reauthent

We've been having trouble with OpenSSH 2.9p2, running on Solaris 8 (a domain of an E10k), with PAM authentication turned on. It intermittently crashes with signal 11 (seg fault) after the password is entered, after the MOTD is displayed, but before control is passed over to the login shell. I eventually managed to persuade sshd's child process to consistently crash, upon entry of an

Hello, I apologise for misusing this mailing list, but I noticed that similar questions are being asked and there are people that might have the necessary answer for my problem. If you think this is OT, you are welcome to reply privately. To make it short, I need to initiate port reauthentication on switches (HP Procurve, but I think this may be standardised to some extent) via SNMPv3. I assume this is possible, but can''t find the proper documentation. To explain this in a little more detail, I want to do per SNMP what the following does over ssh/telnet (assuming I want...

>> >Could we please have a clarification on the semantics of >> >PAM_CRED_ESTABLISH vs. the semantics of PAM_REINITIALIZE_CREDS? >> >> My interpretation is: >> >> You call PAM_ESTABLISH_CRED to create them >> You call PAM_REINITIALIZE_CRED to update creds that can expire over time, >> for example a kerberos ticket. Oops. I meant

...essing the remote resources.” According to Microsoft’s SMB2 protocol documentation <https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/717222e4-72c6-40e7-9121-a9646d874058> “If the Status field in the SMB2 header is STATUS_NETWORK_SESSION_EXPIRED, the client MUST attempt to reauthenticate the session that is identified by the SessionId in the SMB2 header, as specified in section 3.2.4.2.3. If the reauthentication attempt succeeds, the client MUST retry the request that failed with STATUS_NETWORK_SESSION_EXPIRED. If the reauthentication attempt fails, the client MUST fail the op...

>Neither the Sun PAM documentation nor the Linux-PAM documentation >describe the semantics of PAM_REINITIALIZE_CREDS in any useful detail. I would agree it is vague, but then that is also a problem with the XSSO document (http://www.opengroup.org/onlinepubs/008329799/) >Could we please have a clarification on the semantics of >PAM_CRED_ESTABLISH vs. the semantics of

...way. Does anyone know any libraries or other commands that could help me? Failing that, I assume that much of the time taken is spent on authenticating the user/pw for each request. Would it be possible to write something that keeps the connection so that multiple requests can be made without reauthenticating (I'm not familiar with how LDAP/AD/Samba works)? I have looked at the source of smbcacls but nothing jumped out at me. Many thanks

...bind (from Samba 2.2.3a) so that our Windows users can ssh into our Linux box. I've set up Samba, PAM and winbind, and it's working well. Users can see their files, and they can log in using their windows usernames. No problem. When users access their Samba share, they don't need to reauthenticate, because they've already done so with the PDC via their Windows box. Is there a way to set up PAM so that authenticated Windows users who ssh into the Linux box don't need to type a password? (This will make using CVS much easier) I have looked at winbind, pam_smb_pass, pam_smb_auth...

hi, i've compiled Version: 1.9.18-HEAD, with NTDOMAIN, and after many hours of testing/reading/debugging it seems it 'almost works'. So if there is a kind soul out there who can give me a hand in getting it working ... tia, danny -- Daniel Braniss e-mail: danny@cs.huji.ac.il Institute of Computer Science phone: +972 2 658 4385 The Hebrew University Fax: +972 2

Hi Rowland, > I hope someone has seen this before and knows what's going on. Given > > the time delay between the problem recurring, I'm guessing the issue > > lies with Kerberos, but I'm not sure how to verify that or how to > > resolve the issue. If you need more info, please let me know. > > > > Problem: > > Each morning, windows users are

...wrong a long time: > > HKLM\System\CCS\Services\Netlogon\Parameters\RequireStrongKey was set to 0, > and should be 1. > > After restarting NETLOGON, I was able to use the NLTEST tool to reset the > secure channel between the machine and the PDC, which causes the machine to > reauthenticate. Bingo. Problem solved. This is interesting. We did upgrade the security requirements with Samba 4.1 by default. It is odd the RequreStrongKey actually forces *down* what Windows will do. > 2. Samba 3.6.24 PDC and Win7 clients cannot browse Samba 4.0 shares > > > This one was...

...n that server (from my win7 client), I notice that I regularly have to re-authenticate to the server. I'm running Samba+SSSD. I'm not sure which piece is responsible for prompting for authentication, or what I have to setup incorrectly. (Windows servers on my domain don't ask me to reauthenticate like this). Can someone point me in the right direction? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba

Hello, A quick question. Is there any way to implement a Max-Session lifetime in SSH? I know there is an idle timeout available, but I am really looking for some mechanism to force a reauthentication and stop people holding onto login sessions for weeks at a time. thanks Paul

I've seen pam_shield recommended several times for protecting against malicious login attempts; but I'm not quite clear if this requires one to be already running some pam-based software? Also, I'm running shorewall, and would prefer a shorewall based protection, but the advice I read on googling for this seemed excessively complicated. -- Timothy Murphy e-mail: gayleard /at/

...uot;connect as:" and "password" dialogue box. What I'm seeing is that the network drive will use any identification supplied by the user but printing uses the NT operating system login ID. Has anyone out there encountered and/or overcome this? I'd also really like to force a reauthentication every time someone tries to print - any ideas? Revalidate does not work here. Thanks for your time, I'll summarize. adam r. christopher unix/nt systems administrator university of denver

...ot;connect as:" and "password" dialogue box. What I'm seeing is that the network drive will use any identification supplied by the user but printing uses the NT operating system login ID. Has anyone out there encountered and/or overcome this? I'd also really like to force a reauthentication every time someone tries to print - any ideas? Revalidate does not work in this scenario. Thanks for your time, I'll summarize. -adam unix/nt sysadmin university of denver tel.303.871.2933 tel.303.871.3711 fax.303.871.4999 adam@du.edu

Hi folks, I have been using Samba 2.2.2 on Solaris 7 happily for a while now. All of a sudden users can map other users home accounts without having to reauthenticate. The dialogue box to map as user doesn't even appear on Win 98/NT/2000. The facts: I added a pointer to a wins server a few weeks ago, but removing it doesn't seem to effect anything.(not that it should...) all my users are in a common Unix group. To see if it was just flaky Unix per...

Skipped content of type multipart/alternative-------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 5711 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20020909/6dea2db6/smb.obj

...69) unable to open passdb database. 2003/02/05 10:36:25, 1] smbd/password.c:pass_check_smb(545) Couldn't find user 'xxx' in passdb. 2003/02/05 10:36:25, 1] smbd/reply.c:reply_sesssetup_and_X(1001) Rejecting user 'xxx': authentication failed I suspect that the problem is with reauthentication after the dead time has been reached and it isn't connecting with the NT password server. Any Ideas, comments, help , suggestions, smart remarks would be greatly appreciated. Thanks in advance, Scott L. Wood

Hi, a while ago i had to migrate from old server on Debian Sarge to new one on Debian Etch (amd64). Since then, with the same config i had earlier it became a common problem that client workstations connecting to the server have to reauthenticate very often (at least few times a day), and the staff is going to kill me if i dont fix this soon. Any ideas what could be the cause/solution ? -- Goblin

...page to test this configuration using mod_auth_ntlm_winbind apache module. This works fine no issues. Next step I include a more complete web application with many script loading of resources on the page?and what I am noticing is that the browser login prompt is repeatedly pops up requiring a reauthentication. It appears to be an issue with multiple calls from the browser requesting resources from the server and not sure but?I am wondering if perhaps it has something to do with maybe the Apache connection pooling not sticky throughout the NTLM auth process? I am wondering that maybe the NTLM...