similar to: Per user based protocol access and pause after failed login?

Displaying 20 results from an estimated 200 matches similar to: "Per user based protocol access and pause after failed login?"

2006 Sep 30
2
Dovecot accepts squirrelmail, rejects fetchmail
Hello, this is a follow-up to the thread "Fetchmail can't talk to dovecot" http://www.dovecot.org/list/dovecot/2006-September/016477.html Increasing the log level I get this in the log filed: Sep 30 15:04:19 fm dovecot: Dovecot v1.0.rc7 starting up Sep 30 15:04:22 fm dovecot: auth(default): passwd-file /etc/dovecot_user_file: Read 1 users Sep 30 15:05:05 fm dovecot: auth(default):
2013 May 29
1
Enable IMAP only for certain users/IP
Hi, I'm trying to config dovecot to enable IMAP protocol only for certain IPs and users. The logical steps I've followed are: 1. If a user is trying to login from an IP that I've authorized ( listed in a file) the request is authorized. 2. If not, if the user is listed in a second file the request is authorized. 3. If also this check fails the request is rejected. I'm using PAM
2018 Aug 07
2
id <username> - doesnt list all groups
Hello, my enviroment: All Servers are Ubuntun 16.04-18.04 SAMBA AD DC Server and several SAMABA DOMAIN MEMBER (connected via WINBIND). In ADDC I've created a group "restrictaccess" and added some users. Now when im typing "id <username>" on a Domain Member, for some users the group "restrictaccess" are listed for some not! For example: ON DC: #
2007 Jul 19
2
fine-grained user authentication support
Hi, I'm wondering if it's possible to have some users restricted to only login via POP3 or only IMAP (likewise for IMAPS/POP3S). Returning a particular field with the userdb sql query (protocols=imaps did not work), perhaps setting up a different passdb? Is this possible with dovecot? -Adam
2018 Aug 07
2
id <username> - doesnt list all groups
Thank for your answer: But i dont know understand why is following not working: I want to restrict the ssh access for a special domain member: In my "sshd_config" i added: AllowGroups restrictaccess root With user2 im able to login via ssh! log: pam_krb5(sshd:auth): user user2 authenticated as user2 at ROOTRUDI.DE With user1 im not! log: User user1 from 192.168.0.100 not allowed
2008 Feb 14
3
Restrict user on IMAP or POP
Hey guys, Is it possible to deny a user on POP or IMAP! For example, on the primary server we use POP3 and IMAP but how I can force a user to use POP3 and be unable to authenticate on IMAP ? Thanks Sebastien
2010 Feb 06
2
pop3 quick question
Hello list, I have found imap_allowed option in dovecot which do exactly what I need, for imap. Is there something similar for pop3 protocol? The main goal for it - is to enable pop3 access to specific users. Or maybe dovecot have some 'pop3=yes' or 'imap=no' args to userdb/passdb sections ? I know future dovecot 2.* versions will support rewriting for protocols, but this is
2015 Sep 17
3
restrict map-login by geoip?
Is there a way to restrict my user logins from a set of IPs? For example, all my users are in the US so there shouldn't be any logins from other countries. Can I tell dovecot to restrict logins to a CIDR list of US IPs? Can someone point me to docs on how to set this up? I've searched but haven't found how to accomplish this. Thanks, -Terry Terry Barnum digital OutPost
2012 Aug 16
2
dovecot 2.1 Master account Error
HI I am running parallel dovecot 1.2 for main accounts and 2.1 for test accounts, and for some reason when i try to login with master user on dovecot 2.1 service errors. However the normal user logins and rest works flawlesly Here is the debug Aug 16 15:15:56 mailstore-node-02 dovecot: auth: Debug: auth client connected (pid=27557) Aug 16 15:15:56 mailstore-node-02 dovecot: auth: Debug: client
2016 May 18
2
mailbox.auto ignores dovecot-uidlist.lock
On 2016-05-18 11:52, Aki Tuomi wrote: > On 18.05.2016 12:44, Tom Sommer wrote: >> I'm trying to lock down a maildir from modifications using >> dovecot-uidlist.lock, but when a user with mailbox.auto = create logs >> in, then the folder is created regardless of dovecot-uidlist.lock >> existing or not. >> >> Is there no way to prevent dovecot from
2014 Feb 23
1
Detail improvement: %c variable
Hi, although dovecot is great and almost exactly solving my problems and fitting my requirements, there is an odd detail that causes me problems: The %c variable. (See http://wiki2.dovecot.org/Variables ) I'm managing an IMAP server for an association, which is connected to an LDAP server. Users can connect in three ways: IMAPS from the internet, IMAP from local acccounts, and IMAP
2006 Dec 01
6
POP3 protection
I have some users that I will not allow to use POP3 thru my system, but force them to use webmail. Would it be possible to put an extra option in dovecot.conf to force this: # ----------------------------------------------------------------- # Logon processes # user = <username>,<password> # ----------------------------------------------------------------- user =
2004 Oct 18
1
disable password authentication per user
I would like disable password authentication in sshd for particular users, without locking their UNIX password, and without requiring all users to use PubkeyAuthentication. I cannot find a documented way to accomplish this in OpenSSH. Is it currently possible? If not, I think this would be a very useful feature to add. I believe that each user should have some control of which authentication
2012 Jul 14
2
Only allow connections if file (or special condition) is present
Hello! I was wondering if it possible now (or possible to implement something like that in the future) that the daemon does only accept connections if a specific file is present at the moment of the connection request. I want to achieve that a connection to my server is only possible if I plug in e.g. an USB stick (which would contain the file) and is always rejected if that
2004 Jun 06
2
Feature request?
I'd like to toss a feature request on the table for consideration. We currently use a different popd because of a feature that allows us to restrict pop access based upon an allowed users list. This is the only thing that keeps us from using the popd in dovecot currently. It's a simple text file of usernames that are allowed to use pop, if the name isn't in that list then pop
2009 Jul 10
1
vsftpd not able to log in
Hi folks, I can't seem to log into my system via vsftpd. All other services using PAM are fine...Am I missing something simple? ftp> user (username) user 331 Please specify the password. Password: 530 Login incorrect. # getenforce Permissive here is the event in /var/log/audit/audit.log: type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0
2008 Feb 04
1
Strong security in user's accounts and paswords..
Hi, I have some databases running on CentOS4 with users accessing the shell (bash), so I'd like to strong the security on my server in user's accounts and passwords.. I mean, enforcing strong passwords, min/max age passwords, locking passwords when you fail 3 times, and all this stuff. Is there any package which do this work? Any tutorial? Thanks in advance Regards Israel
2002 Feb 13
2
Problem with using both pam_listfile to deny logins and pubkey authentication
Hi, I'm trying to use pam_listfile.so to deny logins from all others but few users (names in /etc/loginusers). With password authentication it works fine, but with public key authentication OpenSSH lets in users whose names arent't in /etc/loginusers. AllowUsers in sshd_config does what one would expect. I'm using OpenSSH-3.0.2p1 on Debian testing (package version 1:3.0.2p1-6)
2008 Jan 18
1
Static list of users with passdb pam
Hi, On my system, I want to provide imap access for some of the users listed in /etc/passwd. The list of users should be provided by me, and should just be a list in a text file. All the userdb options are static (uid, gid, home directory). Unfortunately, I cannot think of a way to configure Dovecot to do this. The closest I get is with: passdb pam {} userdb passwd-file { args =
2010 Dec 27
3
Dovecot - AllowGroups option
Hi, I'm trying to control access to different services on an Debian server using /etc/group. So that a user I create for FTP usage doesn't fill up my server with IMAP folders or samba garbage. Services like proftpd have: "AllowGroup ftpgroup" sshd have "AllowGroups sshgroup" And samba have "valid users = @smbgroup" But I can't find the correct