|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
possible to lock accounts (passwd -l) and still allow acct to ssh to other server?
Post 302253426 by vbe on Friday 31st of October 2008 02:46:59 PM
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hello All,
I am a student sys admin and not a professional. I'd like to know how can I migrate the user accounts in the current server to a new server( to be installed) non-destructively. Also in what way the old server can be used after installation of the new server. I'd sincerely... (2 Replies)
Discussion started by: maybemedic
2 Replies
2. UNIX for Dummies Questions & Answers
Hi Admin,
I need a help regarding to lock the user for 5 days..
for example i want to lock user account from Monday 1.00AM to Friday 1.00PM..
is there any method to do from Cron or passwd command.
Regards,
Prem :cool: (2 Replies)
Discussion started by: Prem
2 Replies
3. UNIX for Advanced & Expert Users
I'd just like to know what you use for user account management on your DMZ servers?
Do you use the same authentication realm as internally?
Do you use a different authentication realm, perhaps only for the DMZ?
Do you use local accounts? (2 Replies)
Discussion started by: humbletech99
2 Replies
4. Solaris
I have turned off PermitEmptyPasswords in sshd_config, but a user with empty passwd (deleted by passwd -d user) can still login without password, why? it is big security concern, linux doesn't have the issue.
$ uname -a
SunOS 5.10 Generic_118855-14 i86pc i386 i86pc
... (8 Replies)
Discussion started by: honglus
8 Replies
5. Solaris
Hi,
I need to Change passwd for bulk servers using SSH script.
I have one server, from which i can reach all the servers without password via SSH.
There is some expect script, from which i can achieve it.
Can any one help me out here.
Thanks in advance.
Vicky (1 Reply)
Discussion started by: vickyingle5
1 Replies
6. Cybersecurity
Hi all,
I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4
when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies
7. Red Hat
Hi friends,
I must to give ssh connection to own customer.
So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user.
I am waitting your kindly helps :D
---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies
8. UNIX for Dummies Questions & Answers
I am trying to obtain all user accounts and their respective home directories.
/etc/passwd contains the required information, but I want to filter it to only show the uid,username and home directory path.
I am working on a Solaris 11 machine.
I made a little headway so far, but I got stuck... (7 Replies)
Discussion started by: Hijanoqu
7 Replies
9. UNIX and Linux Applications
i am new to scripting ,i need bash script in jump server to pull the /etc/passwd of all servers and the ssh keys are installed (3 Replies)
Discussion started by: profiles
3 Replies
10. Shell Programming and Scripting
Hi All, Wishes!!
I need some help to prepare a script to copy the public key from admin host to multiple client hosts to make them login without password.
Detailed :
I have an admin host "admin1" and i generated sshkeygen, now i have id_rsa.pub and i have around 50 client hosts. i... (4 Replies)
Discussion started by: kumar85shiv
4 Replies
LEARN ABOUT DEBIAN
sync-accounts
SYNC-ACCOUNTS(8) chiark utilities SYNC-ACCOUNTS(8) NAME
sync-accounts - synchronise accounts and passwords SYNOPSIS
sync-accounts [options] [source ...] DESCRIPTION
sync-accounts is a tool for copying account information into the local system's password and group databases, or equivalent, from other systems. It can be used to slave individual accounts, whole systems, or various partial combinations. By default, when invoked, sync-accounts reads is configuration file and updates all of the local details it is configured to synchronise, from all relevant sources. If one or more sources are named as command-line arguments, only information from those sources is installed locally. See sync-accounts(5) for detailed information about sync-accounts's behaviour and configuration. OPTIONS
-Cconfig-file Reads config-file instead of /etc/sync-accounts. -q Instead of updating local information, sync-accounts displays a summary of which accounts are synchronised or not, and from where. -n Causes sync-accounts not to actually install the new information in the local password and group databases. Instead, updated ver- sions are written to the files passwd and group in the current directory. With -n new accounts are not created at all. The system databases are not locked. SECURITY
sync-accounts is not resistant to malicious data in the local password and group databases, or its configuration file or command line argu- ments. Malicious data in source information will not be able to take control of sync-accounts, but will be copied to the local databases if sync- accounts is configured to do so. To update the local databases, sync-accounts must be run as root. For -q and -n sync-accounts still needs to be able to successfuly invoke the commands specified in the configuration for getpasswd and getgroup. EXIT STATUS
0 All went well and there were no warnings. any other There were problems. The local databases may or may not have been updated. FILES
/etc/sync-accounts Default configuration file. (Override with -C.) sync-accounts-createuser Default command invoked by sync-accounts to create local users. /home Default location for created users' home directories. /bin/sh Default shell for created users. /etc/passwd, /etc/group, /etc/shadow, /etc/master.passwd Local account databases, depending on configuration. /etc/shadow-non-existent Must not exist. ENVIRONMENT
EDITOR, VISUAL Manipulated by sync-ccounts when it is reinvoking itself via vipw or vigr, according to lockpasswd runvia or lockgroup runvia. SYNC_ACCOUNTS_* Used by sync-accounts for its own purposes. Do not set these variables. Setting variables used by vipw(8) and vigr(8), apart from EDITOR and/orVISUAL will affect the operation of sync-accounts. Avoid messing with these if possible. PATH is used to find subprograms such as sync-accounts-createuser and vipw/vigr. BUGS
Using sync-accounts does not give particularly prompt propagation of changed account information. There is no simple mechanism for automatically getting the right configuration details for accessing the local system's password and group databases. All the systems sharing account information using sync-accounts need to be using compatible encrypted-password schemes. AUTHOR
sync-accounts and this manpage are part of the sync-accounts package which was written by Ian Jackson <ian@chiark.greenend.org.uk>. They are Copyright 1999-2000,2002 Ian Jackson <ian@davenant.greenend.org.uk>, and Copyright 2000-2001 nCipher Corporation Ltd. The sync-accounts package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. This is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, consult the Free Software Foundation's website at www.fsf.org, or the GNU Project website at www.gnu.org. SEE ALSO
sync-accounts(5), grab-account(8), sync-accounts-createuser(8), passwd(5), group(5), shadow(5), master.passwd(5), vipw(8), vigr(8) Greenend 14th July 2002 SYNC-ACCOUNTS(8)