similar to: Opieaccess file, is this normal?

Hmm, I thought using .opiealways would be the solution see: http://www.onlamp.com/pub/a/bsd/2003/02/20/FreeBSD_Basics.html Or http://people.freebsd.org/~des/diary/2002.html But I can still login with the standard password even if the opieaccess file is empty. -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Didier

Hi. I have a question related to freebsd opie implementation. I am running 4.9-RELEASE and I've tried to setup opie. *** 1 *** opiepasswd/opiekey I've added user using `opiepasswd -c "ssa"` mx2# opiepasswd -c "ssa" Adding ssa: Only use this method from the console; NEVER from remote. If you are using telnet, xterm, or a dial-in, type ^C now or exit with

Hi, I've configured opie (one time passwords) under FreeBSD and I came across the following problem. It looks like libpam does not stop the authentication process when a 'requisite' module fails. I find this strange as the pam 'requisite' is defined in the man pages as: requisite - failure of such a PAM results in the immediate termination of the authentication process; Here

Hello, I found that in the new FreeBSD 9.2 (probably in 10 also) updated OpenPAM sources. The big embarrassment was in pam_get_authtok.c. The problem is that even without a valid SSH login it's possible to know the server's hostname. az at az:/home/az % ssh 1.2.3.4 Password for az at real.hostname.com: Changes made by "des":

Hi, I dunno much about exploiting, but I was wondering about the setuid root program 'opiepasswd' to use one-time-passwords. When having a seed of (null) and a sequence of -1, I get a segfault. Kernel/base: FreeBSD lama.inet-solutions.be 4.8-RELEASE-p4 FreeBSD 4.8-RELEASE-p4 #0: Sun Aug 31 21:00:38 CEST 2003 root@lama.inet-solutions.be:/usr/obj/usr/src/sys/LAMA i386 Make.conf:

I'm running samba 2.5 on a FreeBSD box using winbind to do authentication with my PDC/BDC. I'm able to configure shares that everyone on the NT network can access but when I configure private shares (only 1 or 2 users have access to) the users get prompted for a username and password and are not allowed access. What am I doing wrong? Below I have included a copy of my smb.conf and pam.conf

I'm setting up a freebsd server which will authenticate against an Active Directory I mean: the server will NOT have any local users (except mandatory and minimum required for management and configuration) and will authenticate requests for login and access FOR EVERY SERVICE against an Active Directory Server I have configured the samba service and currently I can login to local terminal,

I've built a domain member. It works pretty good with the exception that I want on-the-fly home directories being built. I'm not sure this is doable with a domain member as everything I've tried isn't even called - as far as I can tell. Using log level 3. If anyone can shed light on how to dynamically create home directories, that'd be great. anyway, here's my

> What is in the pam.d/dovecot file? (Remember to strip passwords if > included) # cat /etc/pam.d/dovecot passdb { driver = pam # args = failure_show_msg=yes # args = max_requests=12 args = %s } and /etc/pam.d/{imap,pop3} were untouched; both as follows # # $FreeBSD: releng/10.3/etc/pam.d/pop3 170771 2007-06-15 11:33:13Z yar $ # # PAM configuration for the "pop3" service

>> auth: in openpam_parse_chain(): /etc/pam.d/dovecot(1): missing or invalid facility > > I do not think that it has something to do with the dovecot settings > itself but perhaps with the pam facility settings instead? i can believe that. any clues to debug? randy

Hi, I'm trying to setup Dovecot with MS AD and am using this as my guide: http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm I can definitely access information on the AD server using wbinfo -g and wbinfo -u..... Currently my dovecot.conf file looks like this: # v1.1: #auth_ntlm_use_winbind = yes # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth

Okay, I guess I?ll be the first to take Colin Percival up in that the following statement applies to me: ?If you find a security problem -- or even if you find something which might possibly be a security problem but you're not certain if it is or not -- then please let us know.? I recently installed pam_radius according to the instructions located at the following address:

Hello, I install wine 20041201 with a rpm from sourceforge. I always have a wrong version number : [didier@Lucius didier]$ ls -l /usr/bin/wine -rwxr-xr-x 1 root root 7036 d?c 1 21:42 /usr/bin/wine* [didier@Lucius didier]$ /usr/bin/wine Wine 20040914 Usage: wine PROGRAM [ARGUMENTS...] Run the specified program wine --help Display this help and exit wine

I'm about ready to smash my head through a wall...I could use a few answers. 1. When using security = ads, and completing net ads join, it was my understanding that samba authenticated username/pword against ads, and local posix accounts were nolonger needed, is this true? 2. If yes, I have not been able to get it to work. If I have a posix user account with the same name as one in

Hello, I'm new on this mailing list. I run a Dovecot imaps server since several month on a Debian server. I just upgrade a Debian server from Debian Sarge --> Etch and I discover that a lot of parameters have changed (must be changed) in the dovecot.conf. I finally find an exemple an try to adapt it to our server. We never defined special authentification or password scheme. It was

I need to remove wine completely on Red Hat Linux 7.1 I tried "make uninstall" but it doesn't work completely.. It only uninstalls it partially. I didn't install it using rpm btw. So i can't do something like rpm -e wine. There's also no "dkpg" whatever command! Thanks. Didier.

Greetings one and all. I'm a unix newbe....so deal with me here. I have a .iso copy of syslinux 1.67 (which actually might be ISOlinux??) that I boot from CD (ramdisk version...no HD needed)... but my version doesnt have the mkdosfs utility on it. I was looking for an executable that would work with this version... can someone point me toward such an animal??? :Pat

Hi, I'm having trouble getting an answer to the following problem on -questions - I hope someone here has done something similar and can help. I'd like to compile support for FreeBSD OPIE into sshd. Presently I have to use PAM to achieve one-time password support. On a 4.x system I have in /etc/ssh/sshd_config ChallengeResponseAuthentication yes and in /etc/pam.conf sshd auth

I have a problem with embedding R into perl. I downloaded the interface program/module from omegahat.org, and I can't seem to understand how to use it. This is all done under Win NT 4.0. If anyone have any clue or any suggestions on how to interface R into perl, I would be greatful. Please email me with comments at racerdude911 at yahoo.com Thanks Scott

PTAk_1.1-1 ( Principal Tensor Analysis on k modes) has been released on CRAN A multiway method to decompose a tensor (array) of any order, as a generalisation of SVD also supporting non-identity metrics and penalisations. 2-way SVD with these extensions is also available. The package includes also some other multiway methods: PCAn (Tucker-n) and