04-13-2009
"scp" access denied:/etc/security/access.conf
Guys
i have 2 SUSE Linux Enterprise Server 10 SP1 (i586) boxes.if i take a look into /etc/security/access.conf ,i see following lines at the eof
# All other users should be denied to get access from all sources.
#- : ALL : ALL
- : myID : ALL
now earlier i had written scripts where files are 'scp'ed from these 2 boxes using 'myID' user but now they don work because of a security constraint.We can see 'myID' being blocked all accesses in above file.
Is there any way ,i can just use 'scp' feature ,without touching/modifying this above entry?
Can i do 'scp' even if my user is present in /etc/security/access.conf (above entry)?
Regards
Abhijeet
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I am trying to write a CGI program which accesses UNIX configuration files and changes them as required.
The thing is, I don't want the CGI program to be "root" owned - it's Perl based! Is there any way that the Perl CGI program can request a username and password - and then use this to... (1 Reply)
Discussion started by: WIntellect
1 Replies
2. Cybersecurity
hi
im running a web server running, connected to my cable modem, which, as usual, has 2 different network address. one from "outside"(ie from isp), and the
other for the internal network.
im giving a static ip to the server.how do i access this server from outside the network across "the... (2 Replies)
Discussion started by: R00tSc0rpi0n
2 Replies
3. Shell Programming and Scripting
I have a problem using bash. Simply, I cannot find the right command (if there's one!) to enter in the "- Arch_02 -" directory. As you can see, the name begins with a hyphen and this is causing some trouble:
localhost arch2 # pwd
/mnt/arch2
localhost arch2 # ls -l
total 4
dr-x------ 1 root... (3 Replies)
Discussion started by: robotronic
3 Replies
4. Solaris
Hi guys,
I am having a problem with my VNC, Actually i am using my VNC session for last two month. but now it's show me the "Access denied" when i am trying to access it.
I checked the logs, then i found it has blacklisted by server. error is something like "Connections: rejecting blacklisted... (0 Replies)
Discussion started by: daya.pandit
0 Replies
5. Linux
Hi guys,
I am having a problem with my VNC, Actually i am using my VNC session for last two month. but now it's show me the "Access denied" when i am trying to access it.
I checked the logs, then i found it has blacklisted by server. error is something like "Connections: rejecting blacklisted... (1 Reply)
Discussion started by: daya.pandit
1 Replies
6. UNIX for Dummies Questions & Answers
Does anyone know why this could be happening? User tries to save into a directory, but gets the error message.
I checked permissions on directory and see the following:
drwxrwxr-x 10 root pm 1024 Nov 22 14:46 Folder 1
drwxrwxr-x 10 root pm 1024 Oct 19 ... (1 Reply)
Discussion started by: scrivic
1 Replies
7. UNIX for Dummies Questions & Answers
This morning my apache server was stalled (or hanging, frozen, whatever the proper term is) and no web pages would load. I wouldn't get any error page, just an infinitely loading browser. After restarting apache, everything was fine. The apache error logs had nothing in them besides logging the... (1 Reply)
Discussion started by: gadonj18
1 Replies
8. Virtualization and Cloud Computing
Normally files are given to us via FTP and we use a program (DMX) to pull that file into our database. I have been told that we will be receiving a new file via "the cloud" and I need to prepare a method to access and otherwise process this file using UNIX/LINUX. I realize my request raises more... (1 Reply)
Discussion started by: craigwg
1 Replies
9. Linux
Linux Gurus,
I need to provide Read only access for particular group of users, they should have Read only access to entire server except their Home directory.
I tried using setfacl that's not helping. Can you please suggest is there any other alternate way to address this request.
Your help is... (5 Replies)
Discussion started by: shekar777
5 Replies
10. Solaris
Hi all,
First post here. Working on Solaris 10, on a Sun t4-4, need to change RX queue depth(ethernet, not HBA) and was wondering if i could get by with just restarting the network or if i should just bounce the whole shebang.
Apologies if i missed a similar thread. if there is one, please... (2 Replies)
Discussion started by: caspnx
2 Replies
LEARN ABOUT HPUX
pam_user.conf
pam_user.conf(4) Kernel Interfaces Manual pam_user.conf(4)
NAME
pam_user.conf - user configuration file for pluggable authentication modules
SYNOPSIS
DESCRIPTION
is the user configuration file for the Pluggable Authentication Module architecture, or PAM. It is not designed to replace the PAM system
configuration file, For PAM to work properly, is mandatory (see pam.conf(4)). is optional. It is used only when a user basis configura-
tion is needed. It mainly specifies options to be used by service modules on a user basis.
The options defined in indicate the default for users who are not configured in or if the module type is not configured for some users.
For the configuration in to take effect, needs to configure service module (see pam.conf(4)).
Simplified pam_user.conf Configuration File
The file contains a listing of login names. Each login name is paired with a corresponding service module with or without options speci-
fied. Each entry has the following format:
login_name module_type module_path options
Below is an example of the configuration file.
tom auth /usr/lib/security/$ISA/libpam_unix.so.1 debug use_psd
tom auth /usr/lib/security/$ISA/libpam_dce.so.1 use_first_pass
tom account /usr/lib/security/$ISA/libpam_unix.so.1 use_psd
tom account /usr/lib/security/$ISA/libpam_dce.so.1 try_first_pass
susan auth /usr/lib/security/$ISA/libpam_unix.so.1
susan auth /usr/lib/security/$ISA/libpam_dce.so.1 try_first_pass
The login_name denotes the login name of a user (for example, For detailed information on module_type, module_path, and options, see
pam.conf(4).
The first entry indicates that when the UNIX authentication is invoked for the options and will be used. The second entry indicates that
when the DCE authentication is invoked for the option will be used. The module type is not configured for therefore, the options will take
effect. For those users who are not configured, the options apply.
Notes
If an error is found in an entry due to invalid login_name or module_type, then the entry is ignored. If there are no valid entries for
the given module_type, the PAM framework ignores and reads the configuration in
EXAMPLES
The following is a sample configuration file. Lines that begin with the symbol are treated as comments, and therefore ignored.
#
# PAM user configuration
#
# Authentication management
john auth /usr/lib/security/$ISA/libpam_unix.so.1
john auth /usr/lib/security/$ISA/libpam_inhouse.so.1 try_first_pass
david auth /usr/lib/security/$ISA/libpam_unix.so.1 use_psd
david auth /usr/lib/security/$ISA/libpam_inhouse.so.1 try_first_pass
susan auth /usr/lib/security/$ISA/libpam_unix.so.1 use_psd
susan auth /usr/lib/security/$ISA/libpam_inhouse.so.1 try_first_pass
# Password management
john password /usr/lib/security/$ISA/libpam_unix.so.1
david password /usr/lib/security/$ISA/libpam_unix.so.1 use_psd
susan password /usr/lib/security/$ISA/libpam_unix.so.1 use_psd
SEE ALSO
pam(3), pam.conf(4).
pam_user.conf(4)