Highest Voted 'pam' Questions - Server Fault Stack Exchange

3

votes

1 answer

Linux with winbind, disable local users while AD is available?

Routers and switches with RADIUS authentication can be configured such that login is disabled for locally configured users as long as the RADIUS server is available. If the RADIUS server becomes unavailable, they fall back to allowing login as a…

active-directory pam winbind

asked Jun 10 '12 at 09:39

Salkin

31
1
2

3

votes

1 answer

Should pam_mkhomedir go in /etc/pam.d/login , sshd or system-auth?

I want to enable pam_mkhomedir.so for users who authenticate to our system. I want a user's home directory to be created when they SSH into the box. One common convention seems to be to put pam_mkhomedir.so into /etc/pam.d/sshd . However, could…

linux freebsd pam

asked May 22 '12 at 18:28

Stefan Lasiewski

23,667
41
132
186

3

votes

2 answers

changing shadow hash algorithm to bcrypt: how to rehash

I want to change my SHA512 shadow file to use bcrypt as shown in this question/answer: Enable blowfish-based hash support for crypt The problem is that i run into a chicken and egg problem, because the existing shadow-file is SHA512 encrypted, which…

sudo pam hash md5

asked Apr 10 '12 at 12:16

Fabian Zeindl

239
1
3
10

3

votes

1 answer

vsftp login errors 530 login incorrect

Using Ubuntu 10.04 on an aws ec2 instance. I was happy just using ssh but then a wordpress plugin needs ftp access...I just need ftp access for one site www.sitebuilt.net which is in /home/sitebuil. I installed a vftpd and pam and followed…

ftp pam vsftpd

asked Feb 29 '12 at 16:23

mcktimo

131
1
6

3

votes

0 answers

User not recognized by underlying authentication

I'm running lxc on Linux Mint Debian Edition tracking Wheezy/Sid. I created a container using "lxc-create -t debian -n dev". In accordance with the Debian wiki article on LXC I have mounted the cgroups file system as /cgroup and have added…

pam lxc

asked Feb 01 '12 at 19:23

Beau

131
1
3

3

votes

1 answer

Logging on as root without winbind timeouts

How can I set up my Linux box so that, if the Active Directory domain controller is down, I can still log in as root, without any timeouts or delays? Following the example of most of the documentation out there, I've listed pam_winbind.so before…

login pam winbind

asked Nov 10 '11 at 13:33

Josh Kelley

983
1
7
17

3

votes

1 answer

Where do I find USEFUL official documentation for LDAP authentication on Centos/RHEL 6?

Does it exist any official installation documentation about how to setup an LDAP server that I can connect my clients to with authconfig. I'm will be Centos 6 and RHEL 6.1. What I can find is this. But I don't need to learn how to restart the…

centos redhat openldap pam centos6

asked Oct 17 '11 at 18:20

Arlukin

1,203
6
18
27

3

votes

2 answers

Account lockout in Ubuntu

I am trying to implement account lockout for Ubuntu systems using pam_tally. The login should be disabled for certain interval on 3 invalid login attempts. This should happen for both system and LDAP logins to the system. (We have a working LDAP…

ubuntu authentication ldap pam

asked Aug 30 '11 at 05:29

nitins

2,579
15
44
68

3

votes

1 answer

Samba, password change and windows error messages

I moved password quality checking in Samba from check password script to PAM, now when pam_passwdqc or pam_cracklib deny password change the user revives a "Access denied" error, not the standard "The password you typed does not meet the password…

windows samba password pam password-policy

asked Aug 16 '11 at 21:24

Hubert Kario

6,361
6
36
65

3

votes

4 answers

Centos 6 Linux and nss-pam-ldapd

I am trying get centos 6 to authenticate against ldap (active directory to be specific) I am a bit confuse though because after installing nss-pam-ldapd I see several files that appear to be the same configuration. For example I have…

linux ldap pam

asked Aug 10 '11 at 22:43

startoftext

257
2
5
14

3

votes

3 answers

Programmatic way to validate a Linux Login/password

I would to like to validate a username and password correspond to a valid unix account. The current solution I have uses expect to wait for a password prompt and then supply the password and see if the login succeeds. Is there a kernel API or a user…

linux security pam

asked Aug 01 '11 at 20:04

Ivan Novick

181
3
6

3

votes

1 answer

Trying to solve "nginx too many files"

We recently started getting the following error on one of our nginx boxes: 2011/05/25 16:35:51 [alert] 3580#0: accept() failed (24: Too many open files) Checking /etc/security/limits.conf, we have this: * soft nofile …

nginx pam ulimit

asked May 27 '11 at 14:40

Mediocre Gopher

803
1
13
24

3

votes

1 answer

How is the cgroup pam module configured?

Linux has a PAM module that manipulates cgroups. How is it configured (what options does it support?)

linux pam cgroup

asked Apr 21 '11 at 18:36

joeforker

2,399
4
26
35

3

votes

2 answers

map remote ssh user to a different local user

All my boxes have the same username for myself, except one legacy machine where I'm loath to try to change it. Whenever I ssh to the machine, I forget to specify my user name, and my password is rejected. This only takes maybe 30 seconds, but it…

ssh authentication pam user-accounts

asked Mar 09 '11 at 04:39

bukzor

263
3
9

3

votes

2 answers

Using ecryptfs encrypted home directories with Dovecot

I have setup home directory encryption on Ubuntu 10.04 machine, but ecryptfs does not seem to be able to work with Dovecot (or CourierIMAP, etc). After successful IMAP login, home directory is never mounted, and Dovecot obviously can not find mail…

ubuntu pam dovecot ecryptfs

asked Jan 18 '11 at 07:10

sentinel

31
2

Questions tagged [pam]