Highest Voted 'pam' Questions - Server Fault Stack Exchange

2

votes

1 answer

Token error when trying to change password through pam-mysql

I am currently preparing a machine for a web hosting service, and I decided to use MySQL to store all our users (since the rest of our services use it already). For that, I am using libnss-mysql and pam-mysql. However, even though most of the setup…

asked Jun 28 '14 at 21:23

John WH Smith

341
5
19

2

votes

1 answer

pam_tally2 causing unwanted lockouts with SCOM or Nervecenter

We use pam_tally2 in our system-auth config file which works fine for users. With services such as SCOM or Nervecenter it causes lockouts. Same behavior on RHEL5 and RHEL6 This is /etc/pam.d/nervecenter #%PAM-1.0 # Sample NerveCenter/RHEL6 PAM…

linux redhat pam

asked May 30 '14 at 06:50

Chris

607
1
7
18

2

votes

2 answers

On Solaris, can I create a user account in a single command line entry that is not disabled, but is password disabled (only allows SSH)

I am building a script for SA's to follow when performing a certain task. That task requires adding a user to a system that can only SSH to the system (using a key) and not log in with a password. What I want to do is have the SA execute the adduser…

solaris pam user-accounts

asked May 23 '14 at 16:15

weismanm

71
4

2

votes

0 answers

How to add two-factor authetntication to ssh?

I am trying to add 2FA to sshd using PAM from oathtool package. I want two ways to login to server: publickey and 2FA, or password and 2FA So far I managed to add 2FA to publickey authentication, but don't know how to join password with 2FA. My…

ssh authentication pam two-factor

asked Apr 12 '14 at 06:51

mefju

153
5

2

votes

1 answer

Use a PHP script to authenticate users on Linux

I have a web application running built in PHP using MySQL as database. I'm trying to give specific users access to a Linux system via SSH to perform simple command-line tasks. Since I do already have a database ready filled with usernames/passwords,…

linux mysql php authentication pam

asked Mar 21 '14 at 21:14

Wouter

21
3

2

votes

1 answer

pam_tally2 being called before Password entry

Based on the suggestion given in: Account Lockout with pam_tally2 in RHEL6 I have come to a working configuration, wherein account is getting locked out after 3 failed logins. Catch is that pam_tally counter is getting incremented one even before I…

redhat pam rhel6

asked Mar 07 '14 at 13:39

Vineeth

21
1
3

2

votes

0 answers

How to mount share in pam_mount.conf.xml depending of OU

I have a Microsoft Windows domain and I want to add the ubuntu machines with Likewise-Open. There is no problem with that, but in my windows machines I have a GPO that mount a net share depending of the OU of the user that makes login into machine.…

linux pam likewise-open

asked Feb 27 '14 at 15:36

xabim

213
2
3
10

2

votes

2 answers

Configuring vsftpd to authenticate with Active Directory

We are trying to give vsftpd access to some Active Directory users. Here are some configuration file contents: # egrep -v '^(#.*|)$'…

centos active-directory centos6 ftp pam

asked Feb 14 '14 at 20:07

Belmin Fernandez

10,799
27
84
148

2

votes

1 answer

OpenLDAP on ArchLinux users cannot change passwd

I started an office and i NEED centralized login and home directories to work. Since all workstations are going to run Arch and problems with different LDAP versions I finally concluded the LDAP server also needed Arch. I have done a completely…

ldap openldap pam passwd

asked Jan 10 '14 at 13:07

iOfWhy

31
1
3

2

votes

0 answers

Authentization agains Samba4 domain controler and not working kinit

I've a problem with Samba 4 and Kerberos. If I call kinit, it writes Client not found in Kerberos database while getting initial credentials. I find out, that the Kerberos works with user name only, but the system identifies all domain users with…

kerberos pam winbind samba4

asked Dec 23 '13 at 23:38

Theodor Keinstein

181
1
11

2

votes

1 answer

PAM problems with "success=N" action

I want to run a script when an authentication failure occurs. But, with the following conf file, authenitcation always fails even when the proper credentials are supplied. auth [success=1 new_authtok_reqd=ok ignore=ignore default=bad]…

pam

asked Nov 04 '13 at 19:54

vader90210

123
4

2

votes

1 answer

Disable hostname resolution in PAM

When authenticating using PAM, PAM exposes the remote host to the module. On the code side of things, it exposes this via PAM_RHOST using pam_get_item(). However, PAM will attempt to resolve the IP address of the remote host to a name, if possible.…

pam domain-name-system

asked Aug 21 '13 at 18:28

David Adrian

123
1
6

2

votes

1 answer

How can I limit failed sasl2/pam_mysql login retries?

I have Postfix setup serving multiple virtual domains on a CentOS box - and all works as expected. Client's login are authenticated through sasl2 (saslauthd) and pam_mysql. And when a login attempt fails, saslauthd reports "saslauthd: pam_mysql -…

centos postfix authentication pam

asked Jul 31 '13 at 14:27

msantos

29
1

2

votes

1 answer

pam-auth-update without the text UI

Is there a way to run pam-auth-update (or some equivalent command), non-interactively on Ubuntu 12.04. I'm trying to automate this process for a number of machines, and the curses interface is making it tedious (and prone to errors). I'm interested…

ubuntu ubuntu-12.04 pam

asked Jul 17 '13 at 01:06

Andrew Walker

121
1
4

2

votes

1 answer

How does changes in /etc/pam.d/common-session-noninteractive affect fail2ban and possibly other programs/services?

Fail2Ban on Ubuntu 10.04 Configuration files /etc/fail2ban/jail.local [DEFAULT] ignoreip = 127.0.0.1 bantime = 10 # made for test purposes maxretry = 3 backend = polling destemail = email@mycompany.com banaction = iptables-multiport mta =…

linux ubuntu pam fail2ban

asked May 22 '13 at 22:06

grs

2,235
6
28
36

Questions tagged [pam]