Highest Voted 'pam' Questions - Server Fault Stack Exchange

15

votes

3 answers

How to fix a crontab access issue with a pam configuration error message?

I attempted to access my crontab as the non-root user "coins" when I encountered a permissions issue as shown in the following error message mentioning the pam configuration: [coins@COINS-TEST ~]$ crontab -l Authentication service cannot retrieve…

linux cron pam

asked Aug 13 '14 at 14:15

Raj

161
1
1
3

14

votes

2 answers

How to prevent users from extending their window of valid login

Been working on some security hardening procedures for a RedHat box, and I wanted to know if would be possible to prevent a user from changing his password, once it's expired. For one of our clients the requirement is that they must only have access…

security redhat pam hardening

asked Mar 18 '15 at 14:08

born to hula

243
1
7

14

votes

2 answers

What do the OS X authorization mechanisms actually do?

Background I'm trying to glean a better understanding of the OS X login process, in order to decide the best way for achieving VPN Single Sign On. Please do correct me if I'm wrong, but I believe that— launchd(8) calls gettyent(3) and thus…

security mac-osx authentication login pam

asked Jan 06 '15 at 14:41

eggyal

402
5
16

14

votes

3 answers

libpam-ldap or libpam-ldapd?

I'm setting up LDAP authentication on my personal VPS, and Ubuntu has two packages for the same purpose: libpam-ldap and libpam-ldapd. Which should I use?

ubuntu debian authentication ldap pam

asked Jun 26 '11 at 17:28

jldugger

14,342
20
77
129

14

votes

3 answers

The difference between /etc/pam.d/login and /etc/pam.d/system-auth?

I want to configure securetty to limit root directly access. Now I am clear if I add: auth required pam_securetty.so into /etc/pam.d/system-auth, and keep only "console" in /etc/securetty, ssh login will also be prohibit. And if I…

linux security rhel5 pam

asked Oct 15 '10 at 05:43

zhaojing

195
2
3
11

14

votes

3 answers

Restricting account logins using LDAP and PAM

I was hoping some PAM/LDAP gurus may be able to help me out here. I've recently set up an LDAP directory on Ubuntu Server to hold accounts for both my clients (for use with web-based systems) and staff (who will need to login via SSH.) The LDAP…

ubuntu ldap pam

asked Feb 06 '10 at 21:33

Andy Shellam

1,878
1
12
16

13

votes

2 answers

SSH only works after intentionally failed password

So, I'm having a rather weird problem. I have a server, that when I try to SSH into, immediately closes the connection if I type in the correct password on the first attempt. However, if I purposefully enter a wrong password on the first attempt,…

ssh ldap authentication openldap pam

asked Oct 04 '12 at 21:17

pyraz

161
1
6

13

votes

4 answers

OpenLDAP, Samba and password aging

I'm configuring a system in which all IT resources are available through a single user-password pair, be it access to shell on the servers, logging to Samba domain, WiFi, OpenVPN, Mantis, etc. (with access to specific services governed by group…

domain authentication samba ldap pam

asked Sep 29 '10 at 18:35

Hubert Kario

6,361
6
36
65

12

votes

1 answer

LDAP authentication on CentOS 7

After upgrading to CentOS 7 it's no longer possible to login via LDAP. With CentOS 6 I used the package pam_ldap which worked fine, but now pam_ldap is no longer available for the new version of CentOS. Connecting via ldapsearch still works fine,…

centos ldap authentication pam

asked Oct 06 '14 at 10:23

lszrh

683
3
7
15

12

votes

4 answers

How to get full control of umask/PAM/permissions?

// Updated Feb 8 - Outstanding issues in brief: How to umask directories differently from files? How to umask on Nautilus copy/paste? How to set umask for SSHFS? OUR SITUATION Several people from our company log in to a server and upload files.…

ssh permissions sftp pam umask

asked Feb 06 '11 at 00:47

user60129

11

votes

5 answers

Debugging sssd login: pam_sss [...] System error

How does one properly debug the shell login in the following case? Authentication is handled via sssd configuration and a krb5 authentication server. Logging in with the same .conf-file on Ubuntu 16.04 LTS works perfectly. Once one uses it with…

login pam sssd

asked Sep 07 '17 at 16:31

2xB

213
1
2
5

11

votes

1 answer

What's the downside of disabling PAM in OpenSSH if only public-key login is allowed?

/etc/ssh/sshd_config by default has the following line UsePAM yes I read through available documentation and came to the conclusion that PAM is not used if I only use public-key login. What possible negative consequences could there be if I disable…

ssh pam

asked Feb 18 '15 at 00:46

Rio

335
2
11

11

votes

3 answers

vsftpd - PAM - MySQL and pam_mkhomedir to create directories

I've been successfully using vsftpd with virtual users connecting with PAM to my mysql DB. Now I'd like to automate creation of user directories with successful vsftpd connection. Here is /etc/pam.d/vsftpd configuration: #%PAM-1.0 session …

mysql permissions ftp pam vsftpd

asked Mar 24 '13 at 01:21

Tom

143
2
11

11

votes

3 answers

sshd: How to enable PAM authentication for specific users under

I am using sshd, and allow logins with public key authentication. I want to allow select users to log in with a PAM two-factor authentication module. Is there any way I can allow PAM two-factor authentication for a specific user? By the same token -…

linux ssh pam

asked Jan 14 '11 at 19:23

Brad

477
2
5
13

10

votes

1 answer

PAM accepting any password for valid users

I just linked my Arch Linux workstation to the Samba AD I set up for our company. I tested it, and it worked, or so I thought. It accepted my password, created my homedir and everything, and logged me in. What I forgot to test was what it wouldn't…

active-directory pam sssd

asked Dec 29 '17 at 15:42

Dessa Simpson

539
7
27

Questions tagged [pam]