search for: useshadow

...t the server side is running fine. At this time the message is #systemctl status sssd |.... sssd[be[default]][2732]: Could not start TLS encryption. error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (self signed certificate)| In my kickstart file I use: auth? --useshadow --enableldaptls --enablecache? --passalgo=sha512 --enableldap --enableldapauth --ldapserver="ldaps://my.ldap.server.fr" --ldapbasedn=dc=my,dc=base,dc=dn Then in a post install script I download the server and ca certificates and stops nslcd that I do not use: echo "TLS_REQCERT a...

Hi Team, I have the kick start file where my root password is store like # Root password rootpw --iscrypted $1$1SItJOAg$UM9n7lRFK1/OCs./rgQtQ/ # System authorization information auth --useshadow --passalgo=sha512 Is there any way to decry pt the password and get it as plain text. I know single user mode works but my case it in remote site. Thanks, Jegadeesh

Hi I read and used the article http://blog.wazollc.com/Lists/Posts/Post.aspx?ID=2 to authenticate my ad accounts when logging on to cent 5...however, once I edit the nsswitch.conf file, I can't even log on as root or any local users anymore. Kinit seems to initialize fine doing a kinit username at MYDOMAIN.COM , however doing a getent passwd adusername ....it just sits there in the shell and

The company where I work is mostly a Windows shop, but I run a few CentOS servers and desktops. I have configured my systems as follows with Kickstart: authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX \ --nisserver=nis1.XXX.com,nis2.XXX.com --useshadow --enablekrb5 \ --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com --krb5adminserver=ldap.XXX.com The /etc/nsswitch.conf file looks like this: passwd: files nis shadow: files nis group: files nis The NIS services are provided by the Windows Domain controllers using Windows Unix Servi...

...ryl L. Pierce <dpierce at redhat.com> --- common-install.ks | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/common-install.ks b/common-install.ks index a20a5b4..2a7fbb7 100644 --- a/common-install.ks +++ b/common-install.ks @@ -4,7 +4,7 @@ timezone --utc UTC auth --useshadow --enablemd5 selinux --enforcing firewall --disabled -part / --size 550 --fstype ext2 +part / --size 600 --fstype ext2 services --enabled=auditd,ntpd,ntpdate,collectd,iptables,network,rsyslog,libvirt-qpid # This requires a new fixed version of livecd-creator to honor the --append settings. boot...

...my kickstart configuration files to work with CentOS 6 and am most of the way there integrating a CentOS 6 system into our LDAP/NIS environment. My authconfig line in the kickstart file is as follows: authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX --nisserver=nis.XXX.com --useshadow --enablekrb5 --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com --krb5adminserver=ldap.XXX.com This is virtually identical to the authconfig line I was using in CentOS 5. My issue is that users cannot log in with their network (NIS) usernames and passwords. If I log in as root, I can do a "su - use...

...h.conf file: passwd: files nis shadow: files nis group: files nis Our systems are configured using something similar to the following in our Kickstart config file: authconfig --enablemd5 --passalgo=sha512 --enablenis ?nisdomain=XXX \ --nisserver=nis.XXX.com,nis2.XXX.com --useshadow --enablekrb5 \ --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com --krb5adminserver=ldap.XXX.com <http://ldap.xxx.com/> where nis1 and nis2 are the local AD domain controllers. With this configuration, any user can log into any CentOS system, and their home directory is automatically mounted ove...

....ca/propos/linux/centos-live/$basearch/live enabled=1 protect=0 gpgkey = http://www.nanotechnologies.qc.ca/propos/linux/RPM-GPG-KEY-PGuay2010 2/ yum install livecd-tools syslinux anaconda-runtime 3/ create file alochym.ks and content of file: lang en_US.UTF-8 keyboard us timezone US/Eastern auth --useshadow --enablemd5 selinux --enforcing firewall --disabled repo --name=a-base --baseurl=http://mirror-fpt-telecom.fpt.net/centos/5/os/$basearch repo --name=a-updates --baseurl=http://mirror-fpt-telecom.fpt.net/centos/5/updates/$basearch repo --name=a-extras --baseurl=http://mirror-fpt-telecom.fpt.net/...

...3-31 8:08 GMT+03:00 Jegadeesh Kumar <jegasmile at gmail.com>: > Hi Team, > > I have the kick start file where my root password is store like > > > # Root password > rootpw --iscrypted $1$1SItJOAg$UM9n7lRFK1/OCs./rgQtQ/ > # System authorization information > auth --useshadow --passalgo=sha512 > > > > Is there any way to decry pt the password and get it as plain text. > Well, you could bruteforce sha512 hashed password or use dictionary attack against it. No realistic way to encrypt hashed password. -- Eero

On Mar 30, 2015, at 11:08 PM, Jegadeesh Kumar <jegasmile at gmail.com> wrote: > # Root password > rootpw --iscrypted $1$1SItJOAg$UM9n7lRFK1/OCs./rgQtQ/ > # System authorization information > auth --useshadow --passalgo=sha512 Those two settings are inconsistent. The $1 at the beginning of that crypt(3) string means it?s an MD5 password. > Is there any way to decry pt the password and get it as plain text. Do you have any idea how long the original password is, and what ?alphabet? it uses? (i.e...

...ntOS5.5-i386 text lang en_US.UTF-8 keyboard us timezone --utc America/New_York install bootloader --location=mbr clearpart --all --initlabel network --device eth0 --bootproto dhcp firewall --disabled selinux --disabled rootpw --iscrypted \$1\$x6z.qvwE\$7Zg9g1rCEgvOBoA7Oo/HF1 zerombr authconfig --useshadow --enablemd5 part /boot --fstype ext3 --size 100 --asprimary part / --fstype ext3 --size 1 --grow --asprimary part /var --fstype ext3 --size 10000 part swap --recommended # This does not work %include /tmp/drvdisk # This works #driverdisk --source=nfs:10.0.4.157:/srv/cobbler/RHEL5.5_x86_402_409...

This patch goes with the node patch just sent, and is ready for pushing upstream. I'll be doing the blacklisting in a later patch once this is upstream.

This patch removes the attempt at setting nodeadmin to be root's shell.

...#platform=x86, AMD64, or Intel EM64T #version=DEVEL # Firewall configuration firewall --enabled --http --ssh # Install OS instead of upgrade install # Use CDROM installation media cdrom # Root password rootpw --iscrypted $1$DAzH1SN3$6yzxoq6oRrXNw.qMkJU0H1 # System authorization information auth --useshadow --passalgo=sha512 # Use graphical install graphical firstboot --disable # System keyboard keyboard us # System language lang en_US # SELinux configuration selinux --enforcing # Installation logging level logging --level=debug # System timezone timezone America/Los_Angeles # Network information n...

...t display correctly in kickstart with CentOS 5.5. Same ks file works with CentOS 5.3 (both i386 and x86_64). What's the different between CentOS 5.3/5.5? I can't find it in release notes. And how can i fix it? Thanks very much. :) My ks file: # ========== install cdrom key --skip auth --useshadow --enablemd5 keyboard us lang en_US logging --level=debug selinux --disabled skipx timezone Asia/Hong_Kong text services --enabled=network bootloader --location=mbr zerombr clearpart --all --initlabel rootpw --iscrypted $1$h7EtIFv4$R9JQ4aCOVN7E9ml3A2SXv. firstboot --disable network --onboot=yes --...

...the message is > > #systemctl status sssd > > | .... > sssd[be[default]][2732]: Could not start TLS encryption. error:14090086:SSL > routines:ssl3_get_server_certificate:certificate verify failed (self signed > certificate)| > > In my kickstart file I use: > auth? --useshadow --enableldaptls --enablecache? --passalgo=sha512 > --enableldap --enableldapauth --ldapserver="ldaps://my.ldap.server.fr" > --ldapbasedn=dc=my,dc=base,dc=dn > > Then in a post install script I download the server and ca certificates and > stops nslcd that I do not use: &...

...cd-tools-13.4-2.el6.x86_64 ): LANG=C livecd-creator --config=centos-livecd-minimal.ks ?fslabel=CentOS-minimal centos-livecd-minimal.ks ( adapted from https://projects.centos.org/trac/livecd/browser/trunk/CentOS5/centos-livecd-minimal.ks ) : lang en_US.UTF-8 keyboard us timezone US/Eastern auth --useshadow --enablemd5 selinux --enforcing firewall --disabled repo --name=a-base --baseurl=http://mirror.centos.org/centos/6.4/os/x86_64 repo --name=a-updates --baseurl=http://mirror.centos.org/centos/6.4/updates/x86_64 #repo --name=a-extras --baseurl=http://mirror.centos.org/centos/6.4/extras/x86_64 re...

Warren Young wrote: > On Mar 30, 2015, at 11:08 PM, Jegadeesh Kumar <jegasmile at gmail.com> wrote: >> # Root password >> rootpw --iscrypted $1$1SItJOAg$UM9n7lRFK1/OCs./rgQtQ/ >> # System authorization information >> auth --useshadow --passalgo=sha512 > > Those two settings are inconsistent. The $1 at the beginning of that > crypt(3) string means it?s an MD5 password. > >> Is there any way to decry pt the password and get it as plain text. <snip> This is all interesting, but I've got one dumb ques...

....graddelt.com --dir /tftpboot/redhat/7.3/en/os/i386 part /boot --fstype ext3 --onpart sda2 part / --fstype ext3 --onpart sda5 part swap --onpart sda6 part swap --onpart sda7 network --bootproto static --ip 10.0.111.34 --netmask 255.255.255.0 --gateway 10.0.111.9 --nameserver 10.0.115.22 auth --useshadow --enablemd5 firewall --disabled skipx %packages %pre echo "------------------" echo "PRE INSTALL PHASE" echo "------------------" # Mount our admin directory over NFS mkdir /mnt/admin mount -t nfs 192.168.104.97:/tftpboot/redhat/admin /mnt/admin # Pre KS...

Hi, all. I use this kickstart file to install CentOS 5.2 (both i386 and x86_64), but i can't config NICs and hostname during installation, what's wrong with it? Thanks very much. ----<- kickstart file ----<---- # System authorization information #auth --useshadow --enablemd5 # System keyboard #keyboard us # System language #lang en_US # Installation logging level #logging --level=info #logging --level=debug # Installation method. #cdrom # SELinux configuration #selinux --disabled # Do not configure the X Window System #skipx # System timezone #timez...