similar to: disable password authentication per user

Hello. Tried search, no luck, sorry, if this is already answered, but I'm still looking a solution using pam_auth how to define in dovecot which user can access which protocol, for example, default is: protocols = pop3 pop3s imap imaps I'd like to use something like this: exclude_using_pop = user1, user2, @group exclude_using_pops = user1, user2, @group exclude_using_imap = user1,

Hi, I'm trying to config dovecot to enable IMAP protocol only for certain IPs and users. The logical steps I've followed are: 1. If a user is trying to login from an IP that I've authorized ( listed in a file) the request is authorized. 2. If not, if the user is listed in a second file the request is authorized. 3. If also this check fails the request is rejected. I'm using PAM

Hi, I'm trying to use pam_listfile.so to deny logins from all others but few users (names in /etc/loginusers). With password authentication it works fine, but with public key authentication OpenSSH lets in users whose names arent't in /etc/loginusers. AllowUsers in sshd_config does what one would expect. I'm using OpenSSH-3.0.2p1 on Debian testing (package version 1:3.0.2p1-6)

[ Sorry for the length of this; I felt it better to provide potentially too much info, rather than not enough. I've probably missed something that's important, though! ] I have an odd problem with 5.1p on RHEL3 if "UsePAM yes" and "UsePrivilegeSeparation no" is set. The code detects that the user password is aged (according to shadow) but then fails to let me

Hi, I'm trying to control access to different services on an Debian server using /etc/group. So that a user I create for FTP usage doesn't fill up my server with IMAP folders or samba garbage. Services like proftpd have: "AllowGroup ftpgroup" sshd have "AllowGroups sshgroup" And samba have "valid users = @smbgroup" But I can't find the correct

I'd like to toss a feature request on the table for consideration. We currently use a different popd because of a feature that allows us to restrict pop access based upon an allowed users list. This is the only thing that keeps us from using the popd in dovecot currently. It's a simple text file of usernames that are allowed to use pop, if the name isn't in that list then pop

Hi folks, I can't seem to log into my system via vsftpd. All other services using PAM are fine...Am I missing something simple? ftp> user (username) user 331 Please specify the password. Password: 530 Login incorrect. # getenforce Permissive here is the event in /var/log/audit/audit.log: type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0

Hi All, I noticed that if I put: AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file, pub/priv key authentication no longer worked. I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010 on Archlinux. Sam ****************** Here is my WORKING config ****************** Port 22 ListenAddress 0.0.0.0 Protocol 2 PermitRootLogin no PubkeyAuthentication yes #AuthorizedKeysFile

Hi, I have tested the current snapshot portable release (dated Jan 9 2004). configuration has: UsePAM yes PasswordAuthentication no ChallengeResponseAuthentication yes UsePrivilegeSeparation yes two problems: first pam_motd does not work anymore. second, I needed a quick way to disable normal user logins without disabling admin accounts (members of group wheel). the best option i could come

Hello! I was wondering if it possible now (or possible to implement something like that in the future) that the daemon does only accept connections if a specific file is present at the moment of the connection request. I want to achieve that a connection to my server is only possible if I plug in e.g. an USB stick (which would contain the file) and is always rejected if that

Hi, On my system, I want to provide imap access for some of the users listed in /etc/passwd. The list of users should be provided by me, and should just be a list in a text file. All the userdb options are static (uid, gid, home directory). Unfortunately, I cannot think of a way to configure Dovecot to do this. The closest I get is with: passdb pam {} userdb passwd-file { args =

On 12/10/15 08:27, VigneshDhanraj G wrote: > Hi Rowland, > > Thanks for the help. > > Yes, Joined to the domain, ftp uses pam authentication. After > upgrading samba i found ftp pam authentication not working > > /etc/pam.d/ftp contains > > #%PAM-1.0 > auth sufficient /lib/security/pam_smbpass.so > auth sufficient /lib/security/pam_winbind.so

Now, TOSHARG-VFS.xml translate to Japanese finished(3.4.0 base). And some bug found. <indexterm><primary>UID</primary></indexterm> <indexterm><primary>GID</primary></indexterm> <indexterm><primary>SID</primary></indexterm> <indexterm><primary>idmap uid</primary></indexterm>

Hi all, I'm trying to scp some files from machine1 to machine2. But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :( So, I'm confused how to automate it as cronjob. However, I read somewhere that we can write a little bash script that will utilize 'expect' to answer for the ssh password prompt? Can we do this? Any examples are great help. Thank you.

Below is a cut and past from my log files that are sent to me. This is from the last day that proftpd worked correctly. I'm not sure why proftpd was restarted as the log states: ################### LogWatch 5.2.2 (06/23/04) #################### Processing Initiated: Sun Feb 19 09:02:02 2006 Date Range Processed: yesterday Detail Level of Output: 0 Logfiles

Hi Rowland, Yes, Joined to the domain, ftp uses pam authentication. After upgrading samba On Fri, Oct 9, 2015 at 8:08 PM, Rowland Penny <rowlandpenny241155 at gmail.com> wrote: > On 09/10/15 15:28, VigneshDhanraj G wrote: > >> Hi Rowland, >> >> I updated samba from 40.25 to 4.1.20, now ftp is not working. >> >> > Very cryptic, why isn't ftp

Hi all, I was wondering if someone could lend a little assistance. I recently setup SAMBA/Winbind to allow users to login to a Redhat 8 box using their Windows NT Domain credentials. All is working well in that regard. The issue I am having is getting regular UNIX based users to be able to login. The following is my PAM configuration. For example, if I try to login as root, it does not work.

Portable OpenSSH 2.5.1p1 has just been uploaded. It will be available from the mirrors listed at http://www.openssh.com/portable.html shortly. OpenSSH is a 100% complete SSH 1.3 & 1.5 protocol implementation and a 99% SSH 2 protocol implementation, including sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new

Portable OpenSSH 2.5.1p1 has just been uploaded. It will be available from the mirrors listed at http://www.openssh.com/portable.html shortly. OpenSSH is a 100% complete SSH 1.3 & 1.5 protocol implementation and a 99% SSH 2 protocol implementation, including sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new

There has been some good discussion around our IBM security team as to what actually constitutes SSH multi factor authentication. There are 2 options being discussed. One, the Google Authenticator (OTP authentication). Two, Public/Private key authentication (pubkeyauthentication = yes) which supports pass phrase private key authentication. Which of these is considered multi-factor