Increasing the number of sequential logins in RedHat 9
Title: Increasing the number of sequential logins in RedHat 9 I've noticed that after 3 failed logins the user's telnet session is closed. Is it somehow possible to increase this number to 5? If so, where would the change need to be made? Thank you in advance. Regards, Keyvan
Re: VSFTPD - setting up acceptable logins
On Thu, 07 Aug 2003 15:26:59 +0100, Jon Slack wrote Many thanks for your reply. Yep - I found that. But just where this variable is set is not made clear. Assuming that it is set in vsftpd.user_list, I assume I must delete all the users listed by default ('root' through 'nobody') and add usernames I would like to be able to log in. If so, where do I set the password? All of the settings go in /etc/vsftpd/vsftpd.conf See man vsftpd.conf userlist_deny This option is examined if userlist_enable is activated. If you set this setting to NO, then users will be denied login unless they are explicitly listed in the file specified by userlist_file. When login is denied, the denial is issued before the user is asked for a password. Default: YES userlist_enable If enabled, vsftpd will load a list of usernames, from the file- name given by userlist_file. If a user tries to log in using a name in this file, they will be denied before they are asked for a password. This may be useful in preventing cleartext passwords being transmitted. See also userlist_deny. Default: NO userlist_file This option is the name of the file loaded when the userlist_enable option is active. Default: /etc/vsftpd.user_list # If userlist_deny=NO, only allow users in this file # If userlist_deny=YES (default), never allow users in this file, and # do not even prompt for a password. The users and passwords are defined in your normal user list. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: VSFTPD - setting up acceptable logins
phew Done it. Now all I have to do is work out why Dreamweaver cannot synchronise - something about not being able to determine the remote server time. Thanks for all replies. Had enough for today. I'll return to fight it again tomorrow. Thanks again. Jon -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: VSFTPD - setting up acceptable logins
Hi. Can anyone tell me (in plain English) how I can tell VSFTPD who CAN log in? I've found two files that tell it who cannot log in, but that doesn't really help Jon I am anything but a vsftpd guru but vsftpd is supposed to be able to use tcp_wrappers (hosts.allow and hosts.deny). However, I believe that there may be a problem with Redhat's rpm's support for this. To get it you may have to install via source. Gerry -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
VSFTPD - setting up acceptable logins
Hi. Can anyone tell me (in plain English) how I can tell VSFTPD who CAN log in? I've found two files that tell it who cannot log in, but that doesn't really help Jon -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: VSFTPD - setting up acceptable logins
On Thu, 07 Aug 2003 13:33:58 +0100, Jon Slack wrote Hi. Can anyone tell me (in plain English) how I can tell VSFTPD who CAN log in? I've found two files that tell it who cannot log in, but that doesn't really help See /etc/vsftpd.user_list # vsftpd userlist # If userlist_deny=NO, only allow users in this file # If userlist_deny=YES (default), never allow users in this file, and # do not even prompt for a password. # Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers # for users that are denied. set userlist_deny=NO and then the list becomes a white list. Is this what you are looking for? -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: VSFTPD - setting up acceptable logins
Hi Gery Check out these pages from the RH9 manual: http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/s1-server-ftp.html It worked very well for me ;)SINON wrote you -> never delete this message ;-)_Get your FREE Budweiser E-mail account at http://budweiser.com Budweiser E-Mail must be used responsibly and only is for consumers 21 years of age and older! Disclaimer: Neither Anheuser-Busch, Inc. (the makers of BUDWEISER beer) nor the operator of this E-Mail service or their respective affiliates have seen, endorsed or approved any of the content in this e-mail and expressly disclaim all liability for the content in whole and in part.
Re: VSFTPD - setting up acceptable logins
Many thanks for your reply. Yep - I found that. But just where this variable is set is not made clear. Assuming that it is set in vsftpd.user_list, I assume I must delete all the users listed by default ('root' through 'nobody') and add usernames I would like to be able to log in. If so, where do I set the password? Jon -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: ot: logging Cisco dialup user logins using rh syslog/snmp?
On Thu, 29 May 2003, Willem van der Walt[EMAIL PROTECTED] wrote: Hi, My bos wants a weekly list of user accesses to our dialup service, showing at what time who was logged in for how long. We hav a Cisco 2610 router with 16 integrated modems. The phone lines is in a hunting group and linked to a single number that the users dial to get in. Using snmptrapd on rh 8, i now get some traps logged. I also have set up the Cisco to log remotely to the syslog on the rh box. I am getting the interface state changes for the async interfaces in both the /var/messages file from syslog and thesnmptrapd.log which is where snmptrapd is now logging the snmp stuff. My problem is that i do not get the info of which Cisco user has dialed in. I log these types of events on my RADIUS server. But, for syslog IOS seems to honor the type.level conventions. So, if IOS is issuing login/logout as auth.notice or auth.info and your only logging *.err or *.warning then you might never actually write the login/out information to file. Try adding a auth.* /var/log/auth to your syslog.conf (and HUP or restart your syslogd). Also, it sounds like the SNMP traps are set to the classic Cisco example of: snmp-server enable traps snmp linkup linkdown You need to change this to: snmp-server enable traps snmp authentication linkup linkdown I also can't remember if snmptrapd logs everything or only events defined in your MIB file. You may need to make sure your MIB file is correct for logging Cisco authentication events. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: ot: logging Cisco dialup user logins using rh syslog/snmp?
Hi, Thanks for the answer. I am beginning to suspect a bug in the Cisco software version we are running. It takes the snmp-server command to enable authentication but afterwards when one does a sh conf, it does not show it. As far as the syslog goes, i have added the line to log auth at priority * to a sepperate file. i have also changed the syslog level on the Cisco from notifications to informational. Apart from getting my linux logins in my new seperate logfile, there is no difference in what i am getting. I will now look for software upgrades on the router. thanks aggain for your detailled suggestion. regards, Willem On Thu, 29 May 2003 [EMAIL PROTECTED] wrote: On Thu, 29 May 2003, Willem van der Walt[EMAIL PROTECTED] wrote: Hi, My bos wants a weekly list of user accesses to our dialup service, showing at what time who was logged in for how long. We hav a Cisco 2610 router with 16 integrated modems. The phone lines is in a hunting group and linked to a single number that the users dial to get in. Using snmptrapd on rh 8, i now get some traps logged. I also have set up the Cisco to log remotely to the syslog on the rh box. I am getting the interface state changes for the async interfaces in both the /var/messages file from syslog and thesnmptrapd.log which is where snmptrapd is now logging the snmp stuff. My problem is that i do not get the info of which Cisco user has dialed in. I log these types of events on my RADIUS server. But, for syslog IOS seems to honor the type.level conventions. So, if IOS is issuing login/logout as auth.notice or auth.info and your only logging *.err or *.warning then you might never actually write the login/out information to file. Try adding a auth.* /var/log/auth to your syslog.conf (and HUP or restart your syslogd). Also, it sounds like the SNMP traps are set to the classic Cisco example of: snmp-server enable traps snmp linkup linkdown You need to change this to: snmp-server enable traps snmp authentication linkup linkdown I also can't remember if snmptrapd logs everything or only events defined in your MIB file. You may need to make sure your MIB file is correct for logging Cisco authentication events. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
ot: logging Cisco dialup user logins using rh syslog/snmp?
Hi, My bos wants a weekly list of user accesses to our dialup service, showing at what time who was logged in for how long. We hav a Cisco 2610 router with 16 integrated modems. The phone lines is in a hunting group and linked to a single number that the users dial to get in. Using snmptrapd on rh 8, i now get some traps logged. I also have set up the Cisco to log remotely to the syslog on the rh box. I am getting the interface state changes for the async interfaces in both the /var/messages file from syslog and thesnmptrapd.log which is where snmptrapd is now logging the snmp stuff. My problem is that i do not get the info of which Cisco user has dialed in. Any ideas? tia regards, Willem -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Is there a way to disable logins after N tries?
On Tue, Jan 21, 2003 at 12:05:56PM -0600, Ed Wilts wrote: I've seen it on other operating systems, but always recommend that you NOT do this. A hacker could render your system unusable by simply trying all your usernames until they're all locked out. A better thing would be to delay after a bad login, preventing lots of passwords from being tried quickly--and Red Hat Linux already does this. The delay isn't terribly long, but it makes exhaustive searches via login attempts impossible. Assuming passwords are reasonably secure and not reused on unrelated systems, this is a good approach. (If you do reuse passwords, then it doesn't much matter what the failed login policy is, you are at terrible risk.) -kb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Is there a way to disable logins after N tries?
On Tue, 14 Jan 2003 22:13:11 -0500 Tony Preston [EMAIL PROTECTED] wrote: I have a client that would like his linux system to allow a user to try 3 times to login and if they keep making mistakes (or are trying to hack a password), disable that user until the root re-enables them. Has anyone see an option like this? I know how I could mod the login to do this, but normally it would not be desirable... This guy is paranoid and a paying customer...:) --snip-- Although I haven't tried this, you can look at the file /etc/security/limits.conf. The 'maxlogins' settings may be what you want. There are 'usage' examples at: http://www.willamette.edu/~speralta/tldp/xterm/advanced.html Regards, Tom -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Is there a way to disable logins after N tries?
On Tue, 14 Jan 2003 22:13:11 -0500 Tony Preston [EMAIL PROTECTED] wrote: I have a client that would like his linux system to allow a user to try 3 times to login and if they keep making mistakes (or are trying to hack a password), disable that user until the root re-enables them. Has anyone see an option like this? I've seen it on other operating systems, but always recommend that you NOT do this. A hacker could render your system unusable by simply trying all your usernames until they're all locked out. If you do go ahead, you probably don't want to have root included in the list of accounts to be locked out, or your paying customer will be paying you lots to give him his system back. Or perhaps that's what you do want :-). Of course, if root isn't in on the list of accounts to be paranoid about, what is? .../Ed -- Ed Wilts, Mounds View, MN, USA mailto:[EMAIL PROTECTED] Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Multiple x-window logins
Title: Message How do you configure RH 8 to boot up with multiple login windows. I'm using the Gnome desktop if it matters. It would be convenient not to have to login in and out as root or as a user. TIA
Re: Multiple x-window logins
On Mon, 20 Jan 2003, Thomas E. Dukes wrote: How do you configure RH 8 to boot up with multiple login windows. I'm using the Gnome desktop if it matters. It would be convenient not to have to login in and out as root or as a user. Use gdmconfig or edit /etc/X11/gdm/gdm.conf to add a second X server. On some boxen, you may have to manually specify a specific VT for each X server, but usually just defining the second server is enough. -- Of course I'm in shape! Round's a shape, isn't it? -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Is there a way to disable logins after N tries?
On Tue, Jan 14, 2003 at 10:27:12PM -0500, Ray Curtis wrote: How about just adding something simple to /etc/profile such as: logcount=`/usr/bin/w | /bin/grep -c $LOGNAME` if [ $logcount = 8 ] ; then echo You have tried to login more than eight times. | /bin/mail -s L\ogin Error root logout fi Does not do it. /etc/profile gets executed when the user successfully logs in. The proposed scenario is to catch failed login attempts and disable the account after a certain number of them. Cheers, -- Javier GostlingAv. Kennedy 5757, of. 1502 Ingeniero de Sistemas Las Condes, Santiago, Chile Virtualia S.A. Fono: +56 (2) 202-6264 x 130 [EMAIL PROTECTED] Fax: +56 (2) 342-8763 msg102439/pgp0.pgp Description: PGP signature
Is there a way to disable logins after N tries?
I have a client that would like his linux system to allow a user to try 3 times to login and if they keep making mistakes (or are trying to hack a password), disable that user until the root re-enables them. Has anyone see an option like this? I know how I could mod the login to do this, but normally it would not be desirable... This guy is paranoid and a paying customer...:) I personally would put in a delay that doubled with every mistake... Starts at 1 sec, then 2, 4, 8, 16, 32... after a while even the most ardent hacker will give up...:) but that was not acceptable... Best regards. Tony Preston Cancer is Curable, Ask me why! [EMAIL PROTECTED] 2003-01-14 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: domain logins+samba server
The primary function of Samba is to allow Linux servers and WIndows servers to share resoureces. They can do this by either simply being a member of a domain or a PDC. If they are a PDC, then domain accounts are created for the machines that wish to utilize it's resources. These are called trust accounts. Linux machines can also share resources with the Samba server, but they don't necessary need Samba to do this. Other services such as SSH, Telnet, FTP, NFS and the like allow for interaction with the Linux server. However, Linux clients can still use Samba services just like a Windows client by using smbclient. Here is a link for Samba as a PDC. http://us1.samba.org/samba/ftp/docs/htmldocs/Samba-PDC-HOWTO.html JAV -- Original Message --- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tue, 3 Dec 2002 04:00:40 +0530 (IST) Subject: domain logins+samba server hello, The concept of a PDC is every machine logs into the domain controller to get access to n/w resources(file and print sharing). and in windows if i have a NT or 2000 machine as a domain controller,every other workstation or a client logs in to DC for n/w resources. And samba is a server software on linux server,which i assume(iam new to linux n/w'ing,so still fighting hard to familiarize linux)is configured on linux server to allow linux machines visible on windows n/w neighbourhood. and windows have to be logged in samba server to get n/w resources. But wat abt linux systems on the n/w.Is it possible that once linux machines starts,similarly like windows clients ask to give a username pasword pair to get into samba server for n/w access. ...if anyone is having an idea abt this,pls share it with me.and any kind of guidance is appreciable. thanks in advance. prasad -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list --- End of Original Message --- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
domain logins+samba server
hello, The concept of a PDC is every machine logs into the domain controller to get access to n/w resources(file and print sharing). and in windows if i have a NT or 2000 machine as a domain controller,every other workstation or a client logs in to DC for n/w resources. And samba is a server software on linux server,which i assume(iam new to linux n/w'ing,so still fighting hard to familiarize linux)is configured on linux server to allow linux machines visible on windows n/w neighbourhood. and windows have to be logged in samba server to get n/w resources. But wat abt linux systems on the n/w.Is it possible that once linux machines starts,similarly like windows clients ask to give a username pasword pair to get into samba server for n/w access. ...if anyone is having an idea abt this,pls share it with me.and any kind of guidance is appreciable. thanks in advance. prasad -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
how to limit logins logs ssh command in wtmp ?
I have a several questions that annoying me, I have been take a several test configure limits.conf in redhat7.1 and redhat7.3 with all security update applied that two system use pam-0.75 maxlogins conf in limits.conf don't work in groups ( @sign ) @users hard maxlogins 3 with this configuration, users that have users gid can still login more than 3 but if I use this, test hard maxlogins 3 user test can login just 4, so what cause this? I don't modify any pam.d configuration, what file that I should modify to have limits.conf run? I have checked with: @lsof |grep limit login have look the pam_limits.so and one more question, how do I log, users that pass command with ssh client directly @ssh [EMAIL PROTECTED] uname -a;finger;ps axuww;df -h;ls -la /var/log should I recompile ssh? because I found this not log in utmp or wtmp, just log in /var/log/secure with less information -- ichtus -- Lewi Supranata .K ICQ: 50643061 About Me : http://lewi.f4boys.com Homepage : http://mercury7.petra.ac.id/~ichtus GnuPG Public Key : http://mercury7.petra.ac.id/~ichtus/ichtus-keys2 msg93104/pgp0.pgp Description: PGP signature
mozilla secure logins
Hi, I'm running mozilla 0.9.2-1-2. I just noticed that I can't log in to any sites with secure logins, like my broker, PayPal, or Orbitz. I can log in to these sites with Netscape 4.78. Is there a setting in mozilla to allow secure logins? Thanks, Hidong David Talkington wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hidong Kim wrote: I'm trying to install mozilla 1.0 rc3. I untarred the gzip'ed archive. When I did ./configure, I got this error: I don't want to discourage you from experimenting, but unless you have a really good reason, just use the binaries. Mozilla is a phenomenally huge chunk of code, and compiling it usually just isn't worth the trouble, in my experience, since the precompiled packages run just fine and are flexible enough for me (most importantly, they don't care what path at which they live). I build almost all user and server software from scratch, but I even I draw the line at the fire dreathing bragon. - -d - -- David Talkington PGP key: http://www.prairienet.org/~dtalk/0xCA4C11AD.pgp -BEGIN PGP SIGNATURE- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.75-6 iQA/AwUBPPQSXb9BpdPKTBGtEQJw+QCdEAAPog1wcO1eqTsn4m/1Mj4hnuYAoKDc tvNY13H5IOodMxhFtKnJGAP6 =sCXr -END PGP SIGNATURE- ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: mozilla secure logins
On 17:29 28 May 2002, Hidong Kim [EMAIL PROTECTED] wrote: | I'm running mozilla 0.9.2-1-2. I just noticed that I can't log in to | any sites with secure logins, like my broker, PayPal, or Orbitz. I can | log in to these sites with Netscape 4.78. Is there a setting in mozilla | to allow secure logins? Thanks, Please have the courtesy to trimm irrelevant content (like the entire item I've snipped from the bottom of your post). Thanks. If this is what i think it is (you don't recite the error popup, so we can't psychicly tell), there's a problem in the OCSP stuff to do with sites that issue certificates that list an OCSP service but don't actually have one. This is a config problem with the certificate issuer, bug mozilla is handling the misconfiguration. See bug: http://bugzilla.mozilla.org/show_bug.cgi?id=130885 The workaround is to go to Edit-Preferences-Privacy and Security-Validation and select Do not use OCSP for certificate validation. This will start working again. They're working on better diagnostic messages for bad certificates like this. -- Cameron Simpson, DoD#743[EMAIL PROTECTED]http://www.zip.com.au/~cs/ ASCII n s. [from the greek] Those people who, at certain times of the year, have no shadow at noon; such are the inhabitatants of the torrid zone. - 1837 copy of Johnson's Dictionary ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Authenticate ProFTP logins with MySQL
I'm looking at setting up a new mail/web server using MySQL as the authentication method. Does anyone have any experience with using ProFTP talking to MySQL for userid/password checking? I am guessing PAM-MySQL would be what you use... -- Regards, +---+-+ | Peter Kiem| E-Mail: [EMAIL PROTECTED] | | Zordah IT | Mobile: +61 0414 724 766| | IT Consultancy | WWW : www.zordah.net | | Internet Hosting| ICQ : Zordah 81 | +---+-+ ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: remote logins for admin
You could use ssh for remote login, and sudo for root level access. You could also use Webmin, and enable the SSL options. On Thu, 7 Mar 2002, Julian Opificius wrote: Friends, What would be a good way to login to my RH7.2 box from a remote location to do things like adding email users, etc? Seems to me there are more secure way than telnet, that are more favored these days, am I right? I suppose I could Webmin, but I'm trying to do it the basic way first before I get lazy on the GUI tools. I'm running NAT on a Cisco 678, so if there's a port to open up, pls tell me tell me that too. julian. == Julian A. Opificius. 802 Fawn Road, Elk River, MN 55330. Home: 763.441.1291, Cell: 612.296.2010 [EMAIL PROTECTED] ICQ: 3268206 == ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: remote logins for admin
On Thu, 2002-03-07 at 00:45, Julian Opificius wrote: Friends, What would be a good way to login to my RH7.2 box from a remote location to do things like adding email users, etc? Seems to me there are more secure way than telnet, that are more favored these days, am I right? absolutely! ssh is what you want. fully encrypted including password auth. I always use DSA keys that require not only a passphrase but also a pub key installed in ~/.ssh/authorized_keys2 that matches the private keyon the machine you are connecting from. I also rpm -e telnet I suppose I could Webmin, but I'm trying to do it the basic way first before I get lazy on the GUI tools. Webmin is very cool but by default uses unencryted passwords (not good) so make sure you install the SSL stuff for it. I'm running NAT on a Cisco 678, so if there's a port to open up, pls tell me tell me that too. This sounds like the thing that will give you the most problems. Is the host that you are wanting to connect to behind the Cisco in provate ip address space? If so you won't be able to see it from outside beacuse the address won't be routable on a properly configured router. I have a linus box that is my firewall and use a vpn connection into it that places my laptop on the internal network for this very reason. I am assumming you should be able to forward the ssh port (22) to the internal box but I really don't know anything about the Cisco stuff at all. HTH Bret ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: remote logins for admin
Thanks Brett, As usual the man pages are a little cryptic, but I'll battle my way through it and yell for help if I get stuck. The Cisco box has NAT translation which will explicitly point incoming packets on port 22 to whichever internal box I tell it: that's how I run mail and web, so that' part is not a problem :-) Cheers, Julian. === At 06:59 AM 3/7/02, you wrote: On Thu, 2002-03-07 at 00:45, Julian Opificius wrote: Friends, What would be a good way to login to my RH7.2 box from a remote location to do things like adding email users, etc? Seems to me there are more secure way than telnet, that are more favored these days, am I right? absolutely! ssh is what you want. fully encrypted including password auth. I always use DSA keys that require not only a passphrase but also a pub key installed in ~/.ssh/authorized_keys2 that matches the private keyon the machine you are connecting from. I also rpm -e telnet I suppose I could Webmin, but I'm trying to do it the basic way first before I get lazy on the GUI tools. Webmin is very cool but by default uses unencryted passwords (not good) so make sure you install the SSL stuff for it. I'm running NAT on a Cisco 678, so if there's a port to open up, pls tell me tell me that too. This sounds like the thing that will give you the most problems. Is the host that you are wanting to connect to behind the Cisco in provate ip address space? If so you won't be able to see it from outside beacuse the address won't be routable on a properly configured router. I have a linus box that is my firewall and use a vpn connection into it that places my laptop on the internal network for this very reason. I am assumming you should be able to forward the ssh port (22) to the internal box but I really don't know anything about the Cisco stuff at all. HTH Bret ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list - The classical sculptor called Phidias Whose knowledge of art was insidious, Once carved Aphrodite Without any nightie Which shocked all the purely fastidious. Julian Opificius. ICQ 3268206. - ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: [REDHAT] Re: remote logins for admin
On 7 Mar 2002, Bret Hughes wrote: Webmin is very cool but by default uses unencryted passwords (not good) so make sure you install the SSL stuff for it. When I'm elsewhere with my laptop or work or something I often ssh to my server at home. However, Webmin is a great tool to set up because all you need on the client side is a web browser. That means if you're at a friend's house or at a trade show or wherever there's internet access, you can get to your server without installing software. And chances are there will be a GUI plugin to do what you want easier. Speaking of which, there's an ssh plugin for Webmin, so you have the best of both worlds. As far as security goes, if you're not using webmin over SSL, you're nuts. Having said that, it's easy to do now that Apache comes prebuilt with SSL. If you use ssh, do remember that ssh1 has been cracked, and set up sshd to only use ssh2. David Kramer [EMAIL PROTECTED] http://thekramers.net DK KD DKK D Virtue has its own reward, but has no sale at the box office. DK KD --Mae West ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: remote logins for admin
At 3/7/2002 12:45 AM -0600, you wrote: What would be a good way to login to my RH7.2 box from a remote location to do things like adding email users, etc? Seems to me there are more secure way than telnet, that are more favored these days, am I right? Use ssh. Get the latest RPM's from the updates FTP site (2.9.2p1 IIRC) and install the openssh, openssh-clients, and openssh-server RPM's. Alternately, as you said, use Webmin. Make sure you enable SSL. Note that Webmin has an ssh module as well, so installing both is a good idea anyway. That way you can get to your box through ssh from anywhere with a browser. :) I'm running NAT on a Cisco 678, so if there's a port to open up, pls tell me tell me that too. Port 22 for ssh, 1 (ten thousand) for Webmin. -- Rodolfo J. Paiz [EMAIL PROTECTED] ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
remote logins for admin
Friends, What would be a good way to login to my RH7.2 box from a remote location to do things like adding email users, etc? Seems to me there are more secure way than telnet, that are more favored these days, am I right? I suppose I could Webmin, but I'm trying to do it the basic way first before I get lazy on the GUI tools. I'm running NAT on a Cisco 678, so if there's a port to open up, pls tell me tell me that too. julian. == Julian A. Opificius. 802 Fawn Road, Elk River, MN 55330. Home: 763.441.1291, Cell: 612.296.2010 [EMAIL PROTECTED] ICQ: 3268206 == ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: remote logins for admin
well you could use ssh or (i'm not sure if 7.2 still uses linuxconf) but u can remotley access linuxconf via web on port 98 - Original Message - From: Julian Opificius [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, March 07, 2002 1:45 AM Subject: remote logins for admin Friends, What would be a good way to login to my RH7.2 box from a remote location to do things like adding email users, etc? Seems to me there are more secure way than telnet, that are more favored these days, am I right? I suppose I could Webmin, but I'm trying to do it the basic way first before I get lazy on the GUI tools. I'm running NAT on a Cisco 678, so if there's a port to open up, pls tell me tell me that too. julian. == Julian A. Opificius. 802 Fawn Road, Elk River, MN 55330. Home: 763.441.1291, Cell: 612.296.2010 [EMAIL PROTECTED] ICQ: 3268206 == ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Limiting failed logins - pam_tally?
I have a redhat 7.1 system. I'm trying to limit the number of login failures to prevent brute-forcing passwords. To do this I changed /etc/pam.d/system-auth to contain this: authrequired /lib/security/pam_env.so authrequired /lib/security/pam_tally.so no_magic_root authsufficient/lib/security/pam_unix.so likeauth nullok authrequired /lib/security/pam_deny.so account required /lib/security/pam_tally.so deny=5 no_magic_root account required /lib/security/pam_unix.so passwordrequired /lib/security/pam_cracklib.so retry=3 passwordsufficient/lib/security/pam_unix.so nullok use_authtok md5 shadow passwordrequired /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so Is this the right way of doing it? I want to make sure that no matter what way someone tries a password it will count towards the limit of 5 failures. I would prefer to have it autounlock after a certain time of no password tries, but then I found a problem. It seems that when trying a password through telnet or ftp or whereever, if it is the wrong password there will be a delay of a few seconds. If it is the right password but the account is locked out, there will be no delay. Thus you can still brute force a password with this locking enabled, and if the lock count is cleared after an hour of no attempts, you could then login with the brute forced password. Am I going about this the wrong way? How should I do this? Andreas ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
RE: ProFTPD logins
Thanks Mark and all others who have answered Yes I have read the literature it is a little confusing/frustrating Thanks for your tip at least it is one part of the puzzle Many thanks Mike -Original Message- From: Manzabar [mailto:[EMAIL PROTECTED]] Sent: Monday, 19 November 2001 17:29 To: [EMAIL PROTECTED] Subject: Re: ProFTPD logins Linux did pen these words on 11/18/01 at 8:51 PM Hi I am trying to set up ProFTP. I have been successful to a degree but I need to tidy up a few areas. I am trying to achieve logins by only a few selected persons, no anonymous logins required. The user must exist on the system but not all system users have access. I have got to the point where I can let the appropriate users in and direct them to the directories I want then to have access to. The problem is other users on the system can also access the FTP server and can get right through out the system almost unrestricted. What can I do to stop this? I have RH7.1 and ProFTPd 1.2.4 1. Read the doc at this URL, http://www.proftpd.org/docs/userguide/linked/userguide.html If you want to setup ProFTP; it will become your best friend. =) 2. To deny anonymous logins: Anonymous ~ftp DenyAll /Anonymous 3. As for blocking some of your users but not all of them; I think you'd have to use one of the Allow or Deny options listed in the URL I gave you above, or possibly AuthAliasOnly. Beyond that I'm not sure. Good luck, Mark McKibben [EMAIL PROTECTED] http://www.avalon.net/~manzabar ICQ# 8476502 Experience is that marvelous thing that enables you recognize a mistake when you make it again. - Unknown ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list This mail was processed by Mail essentials for Exchange/SMTP, the email security management gateway. Mail essentials adds content checking, email encryption, anti spam, anti virus, attachment compression, personalised auto responders, archiving and more to your Microsoft Exchange Server or SMTP mail server. For more information visit http://www.mailessentials.com ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: ProFTPD logins
Hi Linux, On Sunday, November 18, 2001, 2:51:05 AM, you babbled something about: L The problem is other users on the system can also access the FTP server and L can get right through out the system almost unrestricted. L What can I do to stop this? L I have RH7.1 and ProFTPd 1.2.4 Try this... Limit LOGIN DenyAll /Limit This will set your default to disallow log-ins of normal users. Have fun, -- _ Brian Ashe CTO [EMAIL PROTECTED] Dee-Web Software Services, LLC. http://www.dee-web.com/ - You don't have to swim faster than the shark... You just have to swim faster than the people you're with. ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: ProFTPD logins
Linux did pen these words on 11/18/01 at 8:51 PM Hi I am trying to set up ProFTP. I have been successful to a degree but I need to tidy up a few areas. I am trying to achieve logins by only a few selected persons, no anonymous logins required. The user must exist on the system but not all system users have access. I have got to the point where I can let the appropriate users in and direct them to the directories I want then to have access to. The problem is other users on the system can also access the FTP server and can get right through out the system almost unrestricted. What can I do to stop this? I have RH7.1 and ProFTPd 1.2.4 1. Read the doc at this URL, http://www.proftpd.org/docs/userguide/linked/userguide.html If you want to setup ProFTP; it will become your best friend. =) 2. To deny anonymous logins: Anonymous ~ftp DenyAll /Anonymous 3. As for blocking some of your users but not all of them; I think you'd have to use one of the Allow or Deny options listed in the URL I gave you above, or possibly AuthAliasOnly. Beyond that I'm not sure. Good luck, Mark McKibben [EMAIL PROTECTED] http://www.avalon.net/~manzabar ICQ# 8476502 Experience is that marvelous thing that enables you recognize a mistake when you make it again. - Unknown ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
ProFTPD logins
Hi I am trying to set up ProFTP. I have been successful to a degree but I need to tidy up a few areas. I am trying to achieve logins by only a few selected persons, no anonymous logins required. The user must exist on the system but not all system users have access. I have got to the point where I can let the appropriate users in and direct them to the directories I want then to have access to. The problem is other users on the system can also access the FTP server and can get right through out the system almost unrestricted. What can I do to stop this? I have RH7.1 and ProFTPd 1.2.4 Many thanks Mike This mail was processed by Mail essentials for Exchange/SMTP, the email security management gateway. Mail essentials adds content checking, email encryption, anti spam, anti virus, attachment compression, personalised auto responders, archiving and more to your Microsoft Exchange Server or SMTP mail server. For more information visit http://www.mailessentials.com ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Logins
How can one limit simultaneous logins to a shell account on an individual user? Thanks Ray ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Logins
"rp" == Ray Parish [EMAIL PROTECTED] writes: rp How can one limit simultaneous logins to a shell account on an individual rp user? I just use something simple like this in /etc/profile: # This script allows you to login only 3 times as any user # logcount=`/usr/bin/w | /bin/grep -c $LOGNAME` if [ $logcount = 3 ] ; then echo "You have tried to login more than three times." | /bin/mail -s "Login Error" root logout fi -- Ray Curtis Unix Programmer/Consultant Curtis Consulting mailto:[EMAIL PROTECTED]http://www.clark.net/pub/ray ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Syslogd failing, terminal problem, Samba logins inconsistent
Hi, I have had two situations crop up; I'm running RH 6.2 in a server configuration, with Samba, Apache, sendmail/pop3/imap4, and IP Masqing: For some reason, syslogd will not come up; during interactive startup, it shows [FAILED] instead of [OK}. A review of the logs doesn't show any indication of why SYSLOGD failed, but I've been known to look in the wrong place before. It used to come up OK. Second, during the initial setup of the server in August and September, I used Pico and Pine extensively, and they worked fine. In the past couple weeks, I started getting the message "Incomplete terminfo entry". After perusing newsgroups, I added TERM=linux to my startup, and it works fine again. BUT, how did the info get lost in the first place? Any ideas? I still have problems with inconsistent logins from W95 machines into my Samba server. Very carefully typing in the login name and password will sometimes work the 1st time, but is usually accepted the 2nd, 3rd, or 4th tries. I know that the clients are hitting Samba, I can see the entries in the log; they are marked: [2000/10/09 13:22:20, 1] smbd/reply.c:reply_sesssetup_and_X(909) Rejecting user 'station15': authentication failed [2000/10/09 13:39:41, 1] lib/util_sock.c:client_name(997) Gethostbyaddr failed for 192.168.100.15 Any help or ideas would be appreciated. Cheers, Bill [EMAIL PROTECTED] 405.869.6170 (vox) 405.737.2043 (fax) ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Syslogd failing, terminal problem, Samba logins inconsistent
Bill, I had the same problem till I went to the patch site this weekend for 6.2 and downloaded a bunch of patches. One looked like it might help and I think it did, but I don't remember which one it was.. potentially it was 'sysklogd' Also, I think my system has been hacked and that might be part of why it starting failing... you may want to check if someone has installed rootkit on your system and broke syslog as a way of covering their tracks. Chris - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, October 09, 2000 2:50 PM Subject: Syslogd failing, terminal problem, Samba logins inconsistent Hi, I have had two situations crop up; I'm running RH 6.2 in a server configuration, with Samba, Apache, sendmail/pop3/imap4, and IP Masqing: For some reason, syslogd will not come up; during interactive startup, it shows [FAILED] instead of [OK}. A review of the logs doesn't show any indication of why SYSLOGD failed, but I've been known to look in the wrong place before. It used to come up OK. Second, during the initial setup of the server in August and September, I used Pico and Pine extensively, and they worked fine. In the past couple weeks, I started getting the message "Incomplete terminfo entry". After perusing newsgroups, I added TERM=linux to my startup, and it works fine again. BUT, how did the info get lost in the first place? Any ideas? I still have problems with inconsistent logins from W95 machines into my Samba server. Very carefully typing in the login name and password will sometimes work the 1st time, but is usually accepted the 2nd, 3rd, or 4th tries. I know that the clients are hitting Samba, I can see the entries in the log; they are marked: [2000/10/09 13:22:20, 1] smbd/reply.c:reply_sesssetup_and_X(909) Rejecting user 'station15': authentication failed [2000/10/09 13:39:41, 1] lib/util_sock.c:client_name(997) Gethostbyaddr failed for 192.168.100.15 Any help or ideas would be appreciated. Cheers, Bill [EMAIL PROTECTED] 405.869.6170 (vox) 405.737.2043 (fax) ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list ___ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Restricting user logins to certain IPs
On Sat, 8 Jul 2000, Mark Ivey wrote: Hi, I'm trying to restrict a user's login to only certain IP numbers. I have tried editing /etc/security/access.conf /etc/usertty (after a tip in the man page for login). Neither of these have any effect though. How do I do this under Redhat 6.2? Thanks... I'm running sshd to secure the shell sessions, and added this to my /etc/hosts.allow file: sshd: xxx.xxx.xxx.xxx,xxx.xxx.xxx.xxx: ALLOW It seems to work nicely when combined with a restrictive /etc/hosts.deny file. On the other hand, I'm still running 5.2 on that server... -- Nitebirdz http://www.linuxnovice.org Tips, articles, news, links... -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Restricting user logins to certain IPs
On Sat, 8 Jul 2000, Gordon Messmer wrote: Mark Ivey wrote: I'm trying to restrict a user's login to only certain IP numbers. I have tried editing /etc/security/access.conf /etc/usertty (after a tip in the man page for login). Neither of these have any effect though. How do I do this under Redhat 6.2? Thanks... Are you trying to restrict access for one user, or all users? If all users, go the ipchains route, allowing connections from only the IP's that you want. If you're not using ipchains, you could restrict some services via inetd/tcpwrappers. Just add the restriction to /etc/hosts.allow. man 5 hosts_access -- Anthony E. Greene [EMAIL PROTECTED] Homepage PGP Key: http://www.pobox.com/~agreene/ Linux: The choice of a GNU Generation http://www.linux.org/ -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Restricting user logins to certain IPs
Hi, I'm trying to restrict a user's login to only certain IP numbers. I have tried editing /etc/security/access.conf /etc/usertty (after a tip in the man page for login). Neither of these have any effect though. How do I do this under Redhat 6.2? Thanks... -Mark- -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Restricting user logins to certain IPs
I set this up in my comm servers, didn't know you could do it through a computer. You stumpped me on this one. On Sat, 8 Jul 2000, Mark Ivey wrote: Hi, I'm trying to restrict a user's login to only certain IP numbers. I have tried editing /etc/security/access.conf /etc/usertty (after a tip in the man page for login). Neither of these have any effect though. How do I do this under Redhat 6.2? Thanks... -Mark- -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject. Jake McHenry [EMAIL PROTECTED] -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Restricting user logins to certain IPs
Mark Ivey wrote: I'm trying to restrict a user's login to only certain IP numbers. I have tried editing /etc/security/access.conf /etc/usertty (after a tip in the man page for login). Neither of these have any effect though. How do I do this under Redhat 6.2? Thanks... Are you trying to restrict access for one user, or all users? If all users, go the ipchains route, allowing connections from only the IP's that you want. If particular users, then add: sessionrequired /lib/security/pam_access.so to /etc/pam.d/login, and any other pam services that you want to limit. When you add that line, /etc/security/access.conf will start controlling logins. MSG -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
KDM logins, who and w
I'm trying to figure out why logins via KDM show up in the output of 'who' but not in the output of 'w' (and, perhaps by extension, why they show up in the output of the stock RedHat 6.2 finger program but not the ICSI distributed finger program that my whole site is running). I understand that KDM just calls sessreg, but I can't figure out what is different between utmp entries created by login and those created by sessreg. Can anyone perhaps give me any clues? XYX:bolyai:~ w 11:46am up 1 day, 1:38, 2 users, load average: 0.00, 0.02, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT tibbspts/0epithumia.math.u 6:23am 0.00s 0.39s 0.01s w XYX:bolyai:~ who tibbspts/0Jun 6 06:23 tibbs:0 Jun 6 11:46 XYX:bolyai:~ /usr/bin/finger LoginName Tty Idle Login Time Office Office Phone tibbsJason L Tibbitts III pts/0 Jun 6 06:23 (epithumia.math.uh.edu) tibbsJason L Tibbitts III *:0 Jun 6 11:46 660 PGH(713)743-3486 XYX:bolyai:~ /usr/local/bin/finger .local LoginName Idle TTYHost When Where tibbsJason L Tibbitts III 0 bolyai Tue 06:23 epithumia.math.uh. Thanks, -- Jason L Tibbitts III - [EMAIL PROTECTED] - 713/743-3486 - 660PGH - 94 PC800 System Manager: University of Houston Department of Mathematics Born alone beneath pale sardonic skies. One love, one life, one sorrow. -- To unsubscribe: mail -s unsubscribe [EMAIL PROTECTED] /dev/null
Re: console logins and telnet probs..
Already got it so ignore my message above. Turns out is was a /etc/passwd file problem. A bad entry or a bad edit of a previous entry. Though I have another question, I have not seen my previous post nor a post since 6 PM CST today. Is the list down again? Eddie Strohmier ([EMAIL PROTECTED]) Bonwell Globalnet www.bonwell.com -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Restricting logins...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello: It is possible to restrict the number of concurrent logins for a given user to *one* ssh session? thanks... - -- LINUX: The choice of a GNU generation. -- Steve Frampton[EMAIL PROTECTED]Japan Communications, Inc. Software Developer/Systems Administratorhttp://www.j-com.co.jp/ GNU Privacy Guard ID: D055EBC5 (see http://www.gnupg.org for details) GNU-PG Fingerprint: EEFB F03D 29B6 07E8 AF73 EF6A 9A72 F1F5 D055 EBC5 -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE42aaGmnLx9dBV68URAodGAJ0flZmXmsnqM7GPHCMIbtg3H5MkuQCfTP2X ywSiq9cefAhp+uAqKsYmDhs= =/cQS -END PGP SIGNATURE- -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
logins not reported to /var/run/utmp or /var/run/wtmp
Hi folks I have a problem in a stock standard RH6.1 installation where user login details are not being logged to wtmp or utmp for X sessions, hence I cannot view who is logged in with w or who or whatever... loging in through a console or over the network gets logged fine. I have found a referencein the man page for "sessreg" which talks about adding entries to Xstartup and Xreset. I want to check with you guys first if there is a better way of fixing the solution. Is there? Regards, Chris Dowling. -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Sending an email when someone logins?
snip have to worry about messages filling up my mail box because there are only two interactive users on my systems. Is this plausible? Thanks. -- You may also want to look into Swatch (I believe that's the right name). It will look at your logs files and email you amoung other things if it finds something. I have't used it, just trying to remeber the description I read. Probably check freshmeat.net Hope that helps. -Bob Burton snip Swatch is a good suggestion for this. You can have it watch various log files and email you if there are successful or failed logins. I have it on my firewall. Matthew -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Sending an email when someone logins?
I heard about computers being broken-in almost every day and really worry about it. Is there anyway I can tell my linux box to send an email whenever there is a successful logins via telnet, ftp, etc? I know that the tcp wrapper logs this kind of information to the system log, If I modify it to send messages to my mail box, I may detect some of the breakins. I dont have to worry about messages filling up my mail box because there are only two interactive users on my systems. Is this plausible? Thanks. __ Do You Yahoo!? Thousands of Stores. Millions of Products. All in one place. Yahoo! Shopping: http://shopping.yahoo.com -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Sending an email when someone logins?
Yes, with sendmail and some bashrc fiddling, you can get it working quite nicely. -- David Booss geeks404 Webmaster [EMAIL PROTECTED] http://www.geeks404.com/ ICQ# 25832711 ---The difference between a geek and a nerd is a social life ;) --- - Original Message - From: blue [EMAIL PROTECTED] To: Redhat Mailing List [EMAIL PROTECTED] Sent: Tuesday, December 21, 1999 6:46 PM Subject: Sending an email when someone logins? I heard about computers being broken-in almost every day and really worry about it. Is there anyway I can tell my linux box to send an email whenever there is a successful logins via telnet, ftp, etc? I know that the tcp wrapper logs this kind of information to the system log, If I modify it to send messages to my mail box, I may detect some of the breakins. I dont have to worry about messages filling up my mail box because there are only two interactive users on my systems. Is this plausible? Thanks. __ Do You Yahoo!? Thousands of Stores. Millions of Products. All in one place. Yahoo! Shopping: http://shopping.yahoo.com -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject. -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Sending an email when someone logins?
I heard about computers being broken-in almost every day and really worry about it. Is there anyway I can tell my linux box to send an email whenever there is a successful logins via telnet, ftp, etc? I know that the tcp wrapper logs this kind of information to the system log, If I modify it to send messages to my mail box, I may detect some of the breakins. I dont have to worry about messages filling up my mail box because there are only two interactive users on my systems. Is this plausible? Thanks. __ Do You Yahoo!? Thousands of Stores. Millions of Products. All in one place. Yahoo! Shopping: http://shopping.yahoo.com -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject. You may also want to look into Swatch (I believe that's the right name). It will look at your logs files and email you amoung other things if it finds something. I have't used it, just trying to remeber the description I read. Probably check freshmeat.net Hope that helps. -Bob Burton --- Robert Burton[EMAIL PROTECTED] --- M.. I'm in flavor country .. (cough) .. it's a big country... -Homer Simpson --- -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Sending an email when someone logins?
On Tue, 21 Dec 1999, blue wrote: worry about it. Is there anyway I can tell my linux box to send an email whenever there is a successful logins via telnet, ftp, etc? I First, don't use telnet, use ssh instead. But if you must, you can use the extended attributes in hosts.allow to run arbitrary programs (e.g. mail). See man hosts.access for details. -- Todd A. Jacobs Network Systems Engineer -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Remote root logins and /sbin executables
remote root logins tty0..tty8 are the virtual consoles. When you do remote logins, you are on a pseudo-terminal, e.g. ttyp0, ttyp1, ... If you're not concerned with security, you can add those to /etc/securetty. Executing stuff in /sbin It would be helpful if you showed the result of "echo $PATH". If you are in /sbin and can't execute those commands, perhaps "." isn't in your PATH. As root, your path should be something like: /sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin It should *NOT* include "." as this can result in your executing some program in the local directory that happens to have the same name as a system command that does something entirely different. If you really need/want to execute something in the current directory, you can always say "./fubar" instead of just "fubar". If you insist on having "." in your PATH, put it at THE END. pete peterson GenRad, Inc. 7 Technology Park Drive Westford, MA 01886-0033 [EMAIL PROTECTED] or [EMAIL PROTECTED] +1-978-589-7478 (GenRad); +1-978-256-5829 (Home: Chelmsford, MA) +1-978-589-2088 (Closest FAX); +1-978-589-7007 (Main GenRad FAX) thanks Matt , bur I think my /etc/securetty is like this already : tty0 tty1 tty2 tty3 tty4 .. tty8 i still can't login as root from other computers by telnet... It says = "Login incorrect".. I'm sure I have the right password , because I can = login with this password from the console.. =20 And the problem about not being able to execute isn't related with = paths.. Because I'm already in /sbin when I'm trying to run some of the = executables in there..=20 Is this a common problem with RedHat? I was using SlackwareSCO before, = and i didn't experinent anything like this with them.. My Version is = 2.0.30 Arda Tunccekic [EMAIL PROTECTED] -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: PAM and root logins
On Tue, 12 May 1998, Randy Smith (at work) wrote: supposed to limit this to just those locations specified in /etc/securetty. Not locations, but ttys. If you write ttyp0, then we're talking about a telnet connection thay may come from everywhere. However, since you didn't post your securetty, this is just my guess. Bye. -- Undergraduate student of Computer Science Alias: [EMAIL PROTECTED] Sysadm on cantina.cs.unibo.it FTP and mirror administrator on caristudenti.cs.unibo.it Homepage: http://caristudenti.cs.unibo.it/~borgia/ -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
PAM and root logins
Hello, Still haven't resolved the problem with user "root" being able to login from any location. PAM, in conjunction with the /etc/securetty file is supposed to limit this to just those locations specified in /etc/securetty. The /etc/securetty file exists, with permissions 600 and owned by user.group root. I have verified that all the PAM components are installed. All the files are correct in the /etc/pam.d/ directory. What other things could cause this? Contents of the /etc/securetty file are: tty1 through tty6. IE: Just listing all the local consoles. [EMAIL PROTECTED] -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: PAM and root logins
you need to add stuff to /etc/securetty like ttyp0, ttyp1 and so on, in order to be able to telnet as root. On Wed, 13 May 1998, Randy Smith (at work) wrote: Hello, Still haven't resolved the problem with user "root" being able to login from any location. PAM, in conjunction with the /etc/securetty file is supposed to limit this to just those locations specified in /etc/securetty. The /etc/securetty file exists, with permissions 600 and owned by user.group root. I have verified that all the PAM components are installed. All the files are correct in the /etc/pam.d/ directory. What other things could cause this? Contents of the /etc/securetty file are: tty1 through tty6. IE: Just listing all the local consoles. [EMAIL PROTECTED] -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject. -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
PAM and root logins
Hello, Still haven't resolved the problem with user "root" being able to login from any location. PAM, in conjunction with the /etc/securetty file is supposed to limit this to just those locations specified in /etc/securetty. The /etc/securetty file exists, with permissions 600 and owned by user.group root. I have verified that all the PAM components are installed. All the files are correct in the /etc/pam.d/ directory. What other things could cause this? Contents of the /etc/securetty file are: tty1 through tty6. IE: Just listing all the local consoles. To clarify more, I do NOT want root logins from any location. Root should only be able to logon from the local console. [EMAIL PROTECTED] -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
PAM and root logins
Hello, Still haven't resolved the problem with user "root" being able to login from any location. PAM, in conjunction with the /etc/securetty file is supposed to limit this to just those locations specified in /etc/securetty. The /etc/securetty file exists, with permissions 600 and owned by user.group root. I have verified that all the PAM components are installed. All the files are correct in the /etc/pam.d/ directory. What other things could cause this? [EMAIL PROTECTED] -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
PAM and root logins
Hello, After installing redhat 5.0 on my "server" computer here, I found I could not logon as "root" from an ethernet port. After reading some docs on this, I realized that the PAM software was looking at /etc/securetty file and thus not allowing the logon. So, I moved the securetty file to a different name, temporarily, so I could log in. (at this point in the install, I had not created any other users from the console) So, that appeared to be the fastest solution in order for me to get on the system as "root". Now, the problem comes in when I moved the new filename back to /etc/securetty. This should have re-enabled the PAM check on root logons... it didn't. I can log in a root from any port, just like the securetty file wasn't there. What do I need to do to fix this? Randy Smith [EMAIL PROTECTED] -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
PAM and root logins
Hello, After installing redhat 5.0 on my "server" computer here, I found I could not logon as "root" from an ethernet port. After reading some docs on this, I realized that the PAM software was looking at /etc/securetty file and thus not allowing the logon. So, I moved the securetty file to a different name, temporarily, so I could log in. (at this point in the install, I had not created any other users from the console) So, that appeared to be the fastest solution in order for me to get on the system as "root". Now, the problem comes in when I moved the new filename back to /etc/securetty. This should have re-enabled the PAM check on root logons... it didn't. I can log in a root from any port, just like the securetty file wasn't there. What do I need to do to fix this? Randy Smith [EMAIL PROTECTED] -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: PAM and root logins
At 12:58 PM 5/8/98 -0400, you wrote: Hello, After installing redhat 5.0 on my "server" computer here, I found I could not logon as "root" from an ethernet port. 1) Use ssh from http://www.cs.hut.fi/ssh/ and/or http://www.datafellows.com/f-secure/fclintp.htm and 2) login as a normal user and "su -" to root. - This is normal protocol in a multi-user environment. or 3) edit /etc/securetty to include ttyp0 - ttyp99 :-) -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: PAM and root logins
On Fri, 8 May 1998, Randy Smith (at work) wrote: Hello, After installing redhat 5.0 on my "server" computer here, I found I could not logon as "root" from an ethernet port. After reading some docs on this, I realized that the PAM software was looking at /etc/securetty file and thus not allowing the logon. So, I moved the securetty file to a different name, temporarily, so I could log in. (at this point in the install, I had not created any other users from the console) So, that appeared to be the fastest solution in order for me to get on the system as "root". Now, the problem comes in when I moved the new filename back to /etc/securetty. This should have re-enabled the PAM check on root logons... it didn't. I can log in a root from any port, just like the securetty file wasn't there. What do I need to do to fix this? I think the permissions have to be 600 or pam won't use the file. ls -l /etc/securetty should show: -rw--- 1 root root 40 Sep 4 1995 /etc/securetty -- John Darrah (u05192)| Dept: N/C Programming Giddens Industries | PO box 3190 | Ph: (206) 767-4212 #229 Everett WA98203| Fx: (206) 764-9639 -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: PAM and root logins
I think the permissions have to be 600 or pam won't use the file. ls -l /etc/securetty should show: -rw--- 1 root root 40 Sep 4 1995 /etc/securetty Yep. If you set permission differently, it won't work. Igmar -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Wide Area Networks, RH5, NFS, unified logins, school district
On Sat, 11 Apr 1998, Jason Belich wrote: I would like to set things up so anyone with a username and ID will be able to sit down at any computer and have access to all their services, like home directory, etc. Are you talking about users being able to sit down at any Linux box and have full access, or are you planning on having only one Linux system as a fileserver and users access things via the network for file and print sharing? Netatalk and Samba with tweaking can do this, but there will be different servers at different buildings. So... Is there any particular reason why? If the systems cannot communicate via network, then you cannot make anything transparent. If there is a network, then there is no need for multiple servers. Can RH5 give the appearance of a unified machine with a combo of NIS/NFS? If you insist, yes. But I don't see a need for it. If so, can samba and netatalk work within this framework? Yes. Samba and netatalk both use regular filesystem access, there is nothing special about them as opposed to any other program. Also, a competitor is conning them into an NT based solution with the Oh, no. promise of these capabilities, also MS proxy server to filter ala cybernanny to keep the kids away from _bad_ stuff, central Linux has this ability too. In any case it costs an ungodly fortune, the software is easy enough to get but the lists are much harder to come by. It is possible to rig bots in perl which crawl the net themselves and enter objectionable material into a database, but the whole system is an effort. administration (with them of course), unified file and print, www server(s), mail, and the kitchen sink with extra rust. Linux, of course, does all of this fine. Also he is promising the user and group capabilities of NT and Win95, i.e. restricted access for users to screw up the network, but not Macs. Linux has the advantage of talking happily to the Macs. I don't know of any way to make NT speak Appletalk. Finally, of course, Linux's I've tried to tell them that the setup isn't going to work, being NT, Don't tell them that, they won't believe it. In all honesty it probably WOULD work, even though it would be more expense and hassle than Linux. The way I see it your biggest advantage is the Mac interoperability. but I can't convince them the glory of Linux without offering them everything they've been spoon fed and more, for less. So do, there's nothing stopping you. So what i'm concerned about is central administration, user transparency WRT the network, restricting access to improper material, and network security (to keep out student BOFHs and stupid teachers, we Central administration is a no brainer with Linux. NT has virtually no remote administration ability. User transparency will be pretty good in either setup, since Linux and NT both offer a full set of SMB services. Access restrictions will suck on both platforms, but it is simple enough to make Linux work with it. Linux makes a better proxy than NT but it is easier to get content filters for NT. They are not unavailable for Linux, however. If you need more assistance with this, I have looked into a couple of companies. Be warned, though, none of the content filters do a particularly excellent job. Linux of course runs rings around NT in security, especially if you don't give out unnecessary shell accounts or run unneeded services. Read the bugtraq archives. Remote crash exploits for NT are released almost weekly. Linux produces about one per year, and the fixes come out often the same day. The ones for NT come out a week or two later and sometimes do not even work. Can anyone suggest a few good network setups? Put your Linux box in the middle and attach all the workstations to it? :) -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Wide Area Networks, RH5, NFS, unified logins, school district
If this is your idea of a newbie question, then I would hate to see a more experienced one. I have normall found that when I compare NT to Linux the biggest advantage that Linux has is the wealth of software that you get for free. I would start out with a bid a little bit lower than your NT competitor, and then just keep adding features until NT simply can't compete. NT is not very expensive if you just want file and print services, but when you start adding proxy servers, firewalls, email (Exchange is EXPENSIVE), fax servers, newsgroups, etc. Then you really start to see the power of Linux. The beautty of this is that many of these services are just the type of thing to turn teachers heads. For example set up an private news server (or better yet IRC server) that will allow students to post questions with their homework. Show them how easy it would be to let every student have their own web page and email address (a real pain with NT). Stress how it would give computer students access to quality compilers and programming languages without requiring the outlay of capital (of course I don't know if you want to give the students shell access to the Linux machine or not). Heck, show them how it will allow them to revitalize some of the older 386's and 486's that have been donated and they have just lying around. The key is not to stress the many negatives of NT but rather the many positives of choosing Linux. Good Luck, Jason Earl ---Jason Belich [EMAIL PROTECTED] wrote: I know this is bit of a newbie question, but... Ok, I have a school district customer looking at a wide area network/ intranet. They haven't a clue, generally, nor a dime. (poor, rural) I'm obviously considering an RH 5 based server backbone for their Win95 and Macs I would like to set things up so anyone with a username and ID will be able to sit down at any computer and have access to all their services, like home directory, etc. Netatalk and Samba with tweaking can do this, but there will be different servers at different buildings. So... Can RH5 give the appearance of a unified machine with a combo of NIS/NFS? If so, can samba and netatalk work within this framework? Does anyone have experience with this? Also, a competitor is conning them into an NT based solution with the promise of these capabilities, also MS proxy server to filter ala cybernanny to keep the kids away from _bad_ stuff, central administration (with them of course), unified file and print, www server(s), mail, and the kitchen sink with extra rust. Also he is promising the user and group capabilities of NT and Win95, i.e. restricted access for users to screw up the network, but not Macs. I've tried to tell them that the setup isn't going to work, being NT, but I can't convince them the glory of Linux without offering them everything they've been spoon fed and more, for less. So what i'm concerned about is central administration, user transparency WRT the network, restricting access to improper material, and network security (to keep out student BOFHs and stupid teachers, we all know how it goes). Can anyone suggest a few good network setups? Jason -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject. _ DO YOU YAHOO!? Get your free @yahoo.com address at http://mail.yahoo.com -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Re: Wide Area Networks, RH5, NFS, unified logins, school district
I know this is bit of a newbie question, but... Not really, there are some complicated issues here.. I'm obviously considering an RH 5 based server backbone for their Win95 and Macs I would like to set things up so anyone with a username and ID will be able to sit down at any computer and have access to all their services, like home directory, etc. Assuming you'll only have one Linux server, adding and deleting accounts from this one machine will be all you have to do. Netatalk and Samba with tweaking can do this, but there will be different servers at different buildings. So... Ah, I see. Connected via leased line? Can RH5 give the appearance of a unified machine with a combo of NIS/NFS? Yes, and samba can be used to map their home directories to the proper places.. If so, can samba and netatalk work within this framework? Does anyone have experience with this? Yes, I've done it in conjunction with a Linux Novell server, and samba as well. Also, a competitor is conning them into an NT based solution with the promise of these capabilities, also MS proxy server to filter ala cybernanny to keep the kids away from _bad_ stuff, central administration (with them of course), unified file and print, www server(s), mail, and the kitchen sink with extra rust. This might be a little tough. There are a few things you might use to combat this situation: - rip apart the cybernanny guarantee, and find out exactly what it can and can't do, and how much it would cost. I don't think the solutions out there today, for any platform, are very good. Also he is promising the user and group capabilities of NT and Win95, i.e. restricted access for users to screw up the network, but not Macs. Well, certainly you can have as much user control under Linux as you would have under NT. I've tried to tell them that the setup isn't going to work, being NT, but I can't convince them the glory of Linux without offering them everything they've been spoon fed and more, for less. How do you know their solution isn't going to work? There are hundreds of advocacy papers on Linux vs NT. Contact me if you want a list... So what i'm concerned about is central administration, user transparency WRT the network, restricting access to improper material, and network security (to keep out student BOFHs and stupid teachers, we all know how it goes). Well, you might have some difficulty with adding and deleting users from a windows machine. The samba people are working on that, but you might want to consider a X-emulator for 95, which would use Linux programs to add and delete users, or setup a program that users would telnet to the Linux machine, enter an admin passwd, then prompt them for the user ID to modify. Can anyone suggest a few good network setups? Try the [EMAIL PROTECTED] or [EMAIL PROTECTED] if you don't find what your looking for here, or mail me directly and I'll help you work thru it.. Dave -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
Wide Area Networks, RH5, NFS, unified logins, school district
I know this is bit of a newbie question, but... Ok, I have a school district customer looking at a wide area network/ intranet. They haven't a clue, generally, nor a dime. (poor, rural) I'm obviously considering an RH 5 based server backbone for their Win95 and Macs I would like to set things up so anyone with a username and ID will be able to sit down at any computer and have access to all their services, like home directory, etc. Netatalk and Samba with tweaking can do this, but there will be different servers at different buildings. So... Can RH5 give the appearance of a unified machine with a combo of NIS/NFS? If so, can samba and netatalk work within this framework? Does anyone have experience with this? Also, a competitor is conning them into an NT based solution with the promise of these capabilities, also MS proxy server to filter ala cybernanny to keep the kids away from _bad_ stuff, central administration (with them of course), unified file and print, www server(s), mail, and the kitchen sink with extra rust. Also he is promising the user and group capabilities of NT and Win95, i.e. restricted access for users to screw up the network, but not Macs. I've tried to tell them that the setup isn't going to work, being NT, but I can't convince them the glory of Linux without offering them everything they've been spoon fed and more, for less. So what i'm concerned about is central administration, user transparency WRT the network, restricting access to improper material, and network security (to keep out student BOFHs and stupid teachers, we all know how it goes). Can anyone suggest a few good network setups? Jason -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
/var/log/btmp not logging bad logins in RH 4.2
I am trying to log bad login attempts using /var/log/btmp, and the lastb command. This does not seem to work. I am running RH 4.2, kernel 2.0.33, shadow passwords and pam. I have a /etc/login.defs, but it contains no entries. Looking at man login.defs, I see references to a 'faillog' but no explanation of what program would read it. All access from outside my machine does end up in /var/log/secure, but that is not quite the same thing. Does anyone have btmp and lastb working under RH 4.2 using shadow passwords? If so, can you write to me so we can discuss what , if any changes, you needed to make to a stock RH 4.2 system to get it to work, or figure out what versions of various RPM's you are running? I seem to recall posts to USENET about this being broken in some Linux distro's, but can't recall details. Most posts on the issue talk about simply touching /var/log/btmp and making sure it is read/write by root only. Been there, done that. Tom Porter [EMAIL PROTECTED] "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.