Displaying 20 results from an estimated 7000 matches similar to: "disable password authentication per user"
2007 Jun 16
3
Per user based protocol access and pause after failed login?
Hello.
Tried search, no luck, sorry, if this is already answered, but I'm still
looking a solution using pam_auth how to define in dovecot which user
can access which protocol, for example, default is:
protocols = pop3 pop3s imap imaps
I'd like to use something like this:
exclude_using_pop = user1, user2, @group
exclude_using_pops = user1, user2, @group
exclude_using_imap = user1,
2013 May 29
1
Enable IMAP only for certain users/IP
Hi,
I'm trying to config dovecot to enable IMAP protocol only for certain
IPs and users.
The logical steps I've followed are:
1. If a user is trying to login from an IP that I've authorized (
listed in a file) the request is authorized.
2. If not, if the user is listed in a second file the request is
authorized.
3. If also this check fails the request is rejected.
I'm using PAM
2002 Feb 13
2
Problem with using both pam_listfile to deny logins and pubkey authentication
Hi,
I'm trying to use pam_listfile.so to deny logins from all others but few
users (names in /etc/loginusers). With password authentication it works
fine, but with public key authentication OpenSSH lets in users whose
names arent't in /etc/loginusers. AllowUsers in sshd_config does what
one would expect.
I'm using OpenSSH-3.0.2p1 on Debian testing (package version
1:3.0.2p1-6)
2008 Oct 16
2
5.1p on RHEL 3 and password expiration
[ Sorry for the length of this; I felt it better to provide potentially
too much info, rather than not enough. I've probably missed something
that's important, though! ]
I have an odd problem with 5.1p on RHEL3 if "UsePAM yes" and
"UsePrivilegeSeparation no" is set. The code detects that the user
password is aged (according to shadow) but then fails to let me
2010 Dec 27
3
Dovecot - AllowGroups option
Hi,
I'm trying to control access to different services on an Debian server using /etc/group. So that a user I create for FTP usage doesn't fill up my server with IMAP folders or samba garbage.
Services like proftpd have:
"AllowGroup ftpgroup"
sshd have
"AllowGroups sshgroup"
And samba have
"valid users = @smbgroup"
But I can't find the correct
2004 Jun 06
2
Feature request?
I'd like to toss a feature request on the table for consideration. We
currently use a different popd because of a feature that allows us to
restrict pop access based upon an allowed users list. This is the only
thing that keeps us from using the popd in dovecot currently. It's a
simple text file of usernames that are allowed to use pop, if the name
isn't in that list then pop
2009 Jul 10
1
vsftpd not able to log in
Hi folks,
I can't seem to log into my system via
vsftpd. All other services using PAM are fine...Am I missing something simple?
ftp> user
(username) user
331 Please specify the password.
Password:
530 Login incorrect.
# getenforce
Permissive
here is the event in /var/log/audit/audit.log:
type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0
2010 Apr 02
2
AuthorizedKeysFile with default value prevents Public/Private key authentication
Hi All,
I noticed that if I put:
AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file,
pub/priv key authentication no longer worked.
I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010
on Archlinux.
Sam
****************** Here is my WORKING config ******************
Port 22
ListenAddress 0.0.0.0
Protocol 2
PermitRootLogin no
PubkeyAuthentication yes
#AuthorizedKeysFile
2004 Jan 12
1
PAM_ERROR_MSG and PAM_TEXT_INFO from modules
Hi,
I have tested the current snapshot portable release (dated Jan 9
2004).
configuration has:
UsePAM yes
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePrivilegeSeparation yes
two problems:
first pam_motd does not work anymore.
second, I needed a quick way to disable normal user logins without
disabling admin accounts (members of group wheel). the best option i
could come
2012 Jul 14
2
Only allow connections if file (or special condition) is present
Hello!
I was wondering if it possible now (or possible to implement something like
that in the future) that the daemon does only accept connections if a
specific file is present at the moment of the connection request.
I want to achieve that a connection to my server is only possible if I plug
in e.g. an USB stick (which would contain the file) and is always rejected
if that
2008 Jan 18
1
Static list of users with passdb pam
Hi,
On my system, I want to provide imap access for some of the users listed
in /etc/passwd. The list of users should be provided by me, and should
just be a list in a text file. All the userdb options are static (uid,
gid, home directory). Unfortunately, I cannot think of a way to
configure Dovecot to do this. The closest I get is with:
passdb pam {}
userdb passwd-file {
args =
2015 Oct 12
1
getting error Ignoring parameter browse directory and winbind sequence directory
On 12/10/15 08:27, VigneshDhanraj G wrote:
> Hi Rowland,
>
> Thanks for the help.
>
> Yes, Joined to the domain, ftp uses pam authentication. After
> upgrading samba i found ftp pam authentication not working
>
> /etc/pam.d/ftp contains
>
> #%PAM-1.0
> auth sufficient /lib/security/pam_smbpass.so
> auth sufficient /lib/security/pam_winbind.so
2009 Oct 08
3
TOSHAG-Winbind.xml translate finished and some bug found
Now, TOSHARG-VFS.xml translate to Japanese finished(3.4.0 base).
And some bug found.
<indexterm><primary>UID</primary></indexterm>
<indexterm><primary>GID</primary></indexterm>
<indexterm><primary>SID</primary></indexterm>
<indexterm><primary>idmap uid</primary></indexterm>
2008 Nov 11
4
Can expect do this?
Hi all,
I'm trying to scp some files from machine1 to machine2.
But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :(
So, I'm confused how to automate it as cronjob.
However, I read somewhere that we can write a little bash script that
will utilize 'expect' to answer for the ssh password prompt?
Can we do this?
Any examples are great help.
Thank you.
2006 Feb 21
1
OT Proftpd Continued
Below is a cut and past from my log files that are sent to me. This is
from the last day that proftpd worked correctly. I'm not sure why
proftpd was restarted as the log states:
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Sun Feb 19 09:02:02 2006
Date Range Processed: yesterday
Detail Level of Output: 0
Logfiles
2015 Oct 12
2
getting error Ignoring parameter browse directory and winbind sequence directory
Hi Rowland,
Yes, Joined to the domain, ftp uses pam authentication. After upgrading
samba
On Fri, Oct 9, 2015 at 8:08 PM, Rowland Penny <rowlandpenny241155 at gmail.com>
wrote:
> On 09/10/15 15:28, VigneshDhanraj G wrote:
>
>> Hi Rowland,
>>
>> I updated samba from 40.25 to 4.1.20, now ftp is not working.
>>
>>
> Very cryptic, why isn't ftp
2002 Nov 15
1
Winbind and Samba
Hi all, I was wondering if someone could lend a little assistance.
I recently setup SAMBA/Winbind to allow users to login to a Redhat 8 box
using their Windows NT Domain credentials. All is working well in that
regard.
The issue I am having is getting regular UNIX based users to be able to
login. The following is my PAM configuration. For example, if I try to
login as root, it does not work.
2001 Feb 19
1
Portable OpenSSH 2.5.1p1
Portable OpenSSH 2.5.1p1 has just been uploaded. It will be available
from the mirrors listed at http://www.openssh.com/portable.html shortly.
OpenSSH is a 100% complete SSH 1.3 & 1.5 protocol implementation and
a 99% SSH 2 protocol implementation, including sftp client and server
support.
This release contains many portability bug-fixes (listed in the
ChangeLog) as well as several new
2001 Feb 19
1
Portable OpenSSH 2.5.1p1
Portable OpenSSH 2.5.1p1 has just been uploaded. It will be available
from the mirrors listed at http://www.openssh.com/portable.html shortly.
OpenSSH is a 100% complete SSH 1.3 & 1.5 protocol implementation and
a 99% SSH 2 protocol implementation, including sftp client and server
support.
This release contains many portability bug-fixes (listed in the
ChangeLog) as well as several new
2016 Jul 04
3
SSH multi factor authentication
There has been some good discussion around our IBM security team as to what
actually constitutes SSH multi factor authentication. There are 2 options
being discussed.
One, the Google Authenticator (OTP authentication).
Two, Public/Private key authentication (pubkeyauthentication = yes) which
supports pass phrase private key authentication.
Which of these is considered multi-factor