Highest Voted 'pam' Questions - Server Fault Stack Exchange

3

votes

0 answers

Mac OSX - SSHD partially broken after El Capitan Upgrade

I recently upgraded my firm's Mac Mini device to El Capitan from Yosemite, and encountered several issues during the upgrade. I've gotten most of them resolved but one that's still failing is the SSH connections. The machine is able to SSH into…

asked Feb 10 '16 at 17:54

Nick L

31
2

3

votes

1 answer

OpenLDAP client configuration headache in FreeBSD

I am using FreeBSD 7.2 as an NFS server, and as a client to an OpenLDAP server (which runs Debian etch). When users access their files on the NFS server, the users' UIDs are looked up in the ldap server and mapped to their usernames (via nsswitch).…

ldap freebsd openldap pam nss

asked Oct 17 '09 at 11:06

donatello

746
1
9
16

3

votes

1 answer

Security implications when only allowing logins via key and UsePAM setting is 'yes'?

When setting up a new server, I generally want to allow logins only via key authentification and not from the root user. Therefore, I edit the sshd_config like this: I change 'PermitRootLogin' to 'no' and uncomment 'PasswordAuthentification' and set…

linux ssh security configuration pam

asked Jan 25 '16 at 23:27

user40974

180
2
7

3

votes

1 answer

Kerberos authentication fails when local password is expired

I am using pam_krb5 with local accounts (Linux) for AD password authentication. Things are working great, users are able to authenticate with both AD and local passwords. I am having a problem though, when the local password expires Kerberos…

linux kerberos pam sles

asked Nov 30 '15 at 21:08

j_nix

33
3

3

votes

1 answer

How to use SHA-256 hashed (and salted) passwords from OpenLDAP in pam_ldap?

I have hashed and salted passwords in OpenLDAP for login via PAM in Linux. The setup works when the hashes are of type SHA-1 (salted or unsalted) or plain text. In these cases everything works fine and a user can login with these credentials. If I…

ldap pam hash

asked Nov 09 '15 at 09:29

mailq

17,023
2
37
69

3

votes

2 answers

PPTPD with PAM authentication?

I need a VPN solution for my company. One requirement is to be able to use the built-in windows VPN client. We are running a Debian Etch server. I've managed to set up PPTPD but the authentication is based on the chap-secrets file. We already have…

vpn pam pptpd

asked Oct 07 '09 at 22:01

Crassy

133
1
6

3

votes

1 answer

ssh as user runs program with no authentication (neither password nor keys)

I'd like to set up a user on my system (Ubuntu 14.04 x64) such that people can run ssh example@myhost.example.com and see some output from a program without being prompted for a password or having to have an ssh key. Here's what I have done so…

linux ubuntu ssh pam

asked May 23 '15 at 22:30

Peter Lyons

283
3
12

3

votes

2 answers

Join Red Hat Linux 6 to a Windows Active Directory Domain

I am using Red Hat 6 (for testing purpose) and configure samba with active directory.Red Hat 6 has successfully join with my windows server 2003 domain. By typing the command [root@mainserver /] # net ads join -U Administrator Enter Administrator's…

linux active-directory redhat pam

asked Feb 04 '15 at 06:15

garden air

147
2
3
9

3

votes

4 answers

PAM, RADIUS, Google Authenticator and Two Factor Auth

I have setup FreeRADIUS, PAM and the Google Authtenicator. FreeRADIUS calls PAM, which in turn calls the Google pam_google_authenticator.so libary. That all works successfully. However, that's not really 2 factor auth, as all one needs is the OTP…

centos authentication pam two-factor

asked Dec 29 '14 at 20:39

Jeff Leyser

682
6
19

3

votes

2 answers

pam_ldap and ldaps can't contact ldap server

I'm trying to allow authentication via LDAP on a CentOS host system. But I always get a Can't contact LDAP server error from pam_ldap. The LDAP server is pingable and authentication works perfectly with ldap://, but not with ldaps://. It also works…

centos ldap authentication pam

asked Sep 15 '14 at 08:30

lszrh

683
3
7
15

3

votes

1 answer

SSH locale wrong

I have a debian server with locales set to hu_HU.UTF-8, and if i log in trough console it works perfectly in hungarian. It also worked with ssh logins until i disabled PAM in the sshd config. Since then when i log in trough ssh the locales are set…

ssh pam putty localization

asked Sep 04 '14 at 19:57

hpeter94

33
3

3

votes

1 answer

PAM Faulty Module

After updating PAM secure log started showing: su: PAM unable to dlopen(/lib64/security/pam_rootok.so): /lib64/security/pam_rootok.so: undefined symbol: selinux_check_access su: PAM adding faulty module: /lib64/security/pam_rootok.so Given the…

centos pam

asked Aug 29 '14 at 14:56

JMC

506
6
23

3

votes

1 answer

Account Lockout with pam_faillock in RHEL6

Previously, I asked about using pam_tally2 under RHEL6. I would like to pose this question and answer to document the recommended use of pam_faillock over pam_tally2 for the same function; What is the recommended strategy for temporary account…

redhat pam rhel6 user-accounts hardening

asked May 08 '14 at 21:52

Aaron Copley

12,525
5
47
68

3

votes

1 answer

build user chroot on first login

I'm using ldap for remote user authentication and I basically need to either figure out how to: a. chroot a user on machine b from machine a via nfs,(which doesn't seem possible without mounting more directories than I'm comfortable with) or…

linux ldap nfs pam chroot

asked Apr 17 '14 at 18:15

Rooster

495
2
7
21

3

votes

2 answers

Linux nested groups with winbind

We have several RHEL6 servers connected to Active Directory using winbind. All servers are configured identically using a configuration management tool. Servers however produce different results when querying groups using the groups command and/or…

active-directory samba pam winbind sssd

asked Mar 04 '14 at 14:50

Antitribu

1,719
3
23
37

Questions tagged [pam]