9 More Discussions You Might Find Interesting
1. UNIX for Beginners Questions & Answers
Hi,
I have setup password less login to sudo for a particular group. if I do sudo /usr/local/sbin/group it will take me to the group without password. Recently i executed a command scl_source as source scl_source enable devtoolset-7. After that my sudo is asking password not sure why
sudo... (2 Replies)
Discussion started by: arunkumar_mca
2 Replies
2. IP Networking
I would like to disable X11 session forcefully. I have tried the following things:
1. Setting appropriate DISPLAY variable in the /etc/environment file to be "0.0"
2. I have tried setting the sshd_config parameter X11Forwarding to be "no"
This session communication is happening by exchanging... (2 Replies)
Discussion started by: vaibhavvsk
2 Replies
3. Cybersecurity
I'm confused in the configuration of sudoers for one group of users.
The users need to execute a app from a remote machine, in this local machine they want me to allow ssh for them using sudo
for eg. sudo -u admin ssh -X euadmin@<IP address of remote> <remote script which opens a gui>
It... (1 Reply)
Discussion started by: anandk
1 Replies
4. AIX
Hello everyone,
Can anyone help me please. I want to disable SSH direct access for an AIX user.
For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 .
Thanks, (3 Replies)
Discussion started by: adilyos
3 Replies
5. UNIX for Dummies Questions & Answers
Hi Everyone,
When I runthe query in ssh shell sudo cat /etc/security/user , I see half of the users cut down from the display screen. what I want to do is using the somthing like "pop" that when I hit the enter key every time the screen should move to the next user? does some one has any idea how... (4 Replies)
Discussion started by: starter2011
4 Replies
6. Shell Programming and Scripting
I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this:
#!/bin/bash
rsync /path/on/local/machine/ foo.com:path/on/remote/machine/
ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies
7. UNIX for Advanced & Expert Users
Hi,
I would like to know how i can perform a task, while performing ssh, sudo and command at the same time.
What I generally do is I ssh to the server, where i created private and public, so it does not prompt me for password all the time. Then i need to run "sudo su - ldaprole" to get into... (9 Replies)
Discussion started by: john_prince
9 Replies
8. UNIX for Advanced & Expert Users
Hello,
Can you config sudo to use the passphrase in the user ssh-key instead of the one in the passwd?
Some users do not have local passwords on the system and instead of adding the NOPASSWD in sudoers I would like the solution I asked about above.
Thx Jocke (3 Replies)
Discussion started by: jOOc
3 Replies
9. Shell Programming and Scripting
Hello people,
In shell scripts if some sensitive data is set into the env so that it is available to other scripts called within those scripts -- Are there are security implications ?
-- I believe the scope of those environment variables ends with the execution of the script.
-- I see that... (4 Replies)
Discussion started by: tipsy
4 Replies
heimdal_debug(5) BSD File Formats Manual heimdal_debug(5)
NAME
heimdal_debug -- how to turn on/off debugging for Kerberos tools
DESCRIPTION
The heimdal_debug kerberos frameworks have several knobs for controlling logging. The different framework knobs are:
libkrb
The Kerberos library, some gss-api Kerberos output ends up here too
kcm the kcm library (credentials cache, ntlm client)
kdc the kerberos KDC output
digest-service
the digest service (ntlm server)
CONFIGURATION FILE
[logging]
<subsystem> = 0-/SYSLOG:
and watch syslog for logging information.
APPLE MAC OS X
First turn up syslog debugging
sudo syslog -c 0 -d
then you can see the syslog output in Console.app or by running
syslog -w -k org.h5l.asl
To enable more extensive debugging logging for each subsystem, use the following commands:
Kerberos Library
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add krb5 '0-/OSLOG:normal:'
digest-server
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add digest-service '0-/OSLOG:normal:'
kcm sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kcm '0-/OSLOG:normal:'
kdc sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kdc '0-/OSLOG:normal:'
MIT Kerberos Shim
defaults write com.apple.MITKerberosShim EnableDebugging -bool true
GSS-API framework logging
sudo defaults write /Library/Preferences/com.apple.GSS DebugLevel -int 10
Other options on Mac OS X
Make the admin API pretend to the server even on client
sudo defaults write /Library/Preferences/com.apple.Kerberos ForceHeimODServerMode -bool true
SEE ALSO
gss(5), kerberos(8)
HEIMDAL
Sep 30, 2011 HEIMDAL
10-05-2010
does disabling requiretty in sudo have security implications with SSH?