11-15-2009
The problem is this log entry is generated everytime someone successfully logs in:
Nov 16 09:36:02 server389 sshd[22753]: [ID 800047 local2.notice] Failed none for jonesh from 10.2.79.221 port 1364 ssh2
This causes logsurfer to send of 100's of e-mails every day.
How can sshd be stopped from logging this message?
This only occurs on one server - the other server have the same log level config, sshd config, pam config, sshd version etc. so its odd that only this system is logging these messages.
---------- Post updated at 11:14 AM ---------- Previous update was at 11:13 AM ----------
thanks - I will have a look.
Quote:
Originally Posted by
sparcguy
I have no idea what your problem is but if the want to work around then can try this old hack by removing the message and replacing with something else. May cause instability so backup all the binaries first.
The originator was Perderabo, I just field tested it.
https://www.unix.com/302168538-post16.html
How to hide SSH version
10 More Discussions You Might Find Interesting
1. Filesystems, Disks and Memory
Hello,
I have a critical client-server application. I try to import a file from the local machine on to the server and open it (on the server). I can open it, but after this, when i try to open some other file on the server itself without saving this imported file, a .nfs file is being created.... (1 Reply)
Discussion started by: Jayathirtha
1 Replies
2. UNIX for Dummies Questions & Answers
I would like to know what means this error and how to fix it
Command 'rm -f -r "0yfOYy-0008Nq-2j-32233-K"'
failed with return code 1 and error message
Thank you (3 Replies)
Discussion started by: linuxbee
3 Replies
3. Solaris
On a Solaris 8 print server we're continuously (every 2 minutes or so) getting these messages in the logs:
printd: Warning: Received SIGPIPE; continuing
I've applied this patch and restarted the printd daemon, but it doesn't help: #109320-22: SunOS 5.8: lp patch
Does anyone have any idea what... (4 Replies)
Discussion started by: aussieos
4 Replies
4. AIX
While trying to upgrade ssh from v4.7 to v5.0 on AIX 5.3 TL9, I end up with the following error.
Has anyone come across this?
Note: openssl has been upgraded to 0.9.8.840 before this upgrade
Bala (0 Replies)
Discussion started by: balaji_prk
0 Replies
5. Red Hat
Hi There,
I have been googling for this error and try solution provided but still not avail to resolve Kickstart Issue.
Any expert have encounter this problem? Thanks.
Regards,
Regmaster (4 Replies)
Discussion started by: regmaster
4 Replies
6. Shell Programming and Scripting
Hi,
I have line in input file as below:
3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL
My expected output for line in the file must be :
"1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL"
Can someone... (7 Replies)
Discussion started by: shis100
7 Replies
7. Shell Programming and Scripting
Hello All,
I have an Expect script that ssh's to a remote server and runs some commands before exiting.
One of the commands I run is the "hostname" Command. After I run this command I save the output
using this line in the code below...
Basically it executes the hostname command, then I... (2 Replies)
Discussion started by: mrm5102
2 Replies
8. Shell Programming and Scripting
Hi all,
Can anyone guess why this is happening? I am new to Perl, so please help me to fix this error:
- I have a static html file which calls the cgi-perl script.
HTML Code:
<html>
<head>
<title> Hey Dude! </title>
</head>
<body>
<form method="POST"... (3 Replies)
Discussion started by: bashily
3 Replies
9. Solaris
Hi Guys,
From past some days, I am getting an error in /var/adm/messages which is as shown below.
XXXXX02:/# cat /var/adm/messages |tail
Sep 16 15:28:14 XXXX02 EV_AGENT: Agent Main --Estream construct failed. Err: EMULSocket::recv()
Sep 16 15:31:49 XXXX02 EV_AGENT: Agent main --... (2 Replies)
Discussion started by: vivek.goel.piet
2 Replies
10. UNIX for Dummies Questions & Answers
Hi, i checked on rhel VPS is running sshd
(service ssh status)
But i cant connect via putty: "Network error: Connection refused"
Please which log file in my centos rhel linux i need to watch or what are steps to do to discover cause? (3 Replies)
Discussion started by: postcd
3 Replies
LEARN ABOUT OPENSOLARIS
pam_roles
pam_roles(5) Standards, Environments, and Macros pam_roles(5)
NAME
pam_roles - Solaris Roles account management module
SYNOPSIS
pam_roles.so.1
DESCRIPTION
The pam_roles module implements pam_sm_acct_mgmt(3PAM). It provides functionality to verify that a user is authorized to assume a role. It
also prevents direct logins to a role. The user_attr(4) database is used to determine which users can assume which roles.
The PAM items PAM_USER and PAM_AUSER, and PAM_RHOST are used to determine the outcome of this module. PAM_USER represents the new identity
being verified. PAM_AUSER, if set, represents the user asserting a new identity. If PAM_AUSER is not set, the real user ID of the calling
service implies that the user is asserting a new identity. Notice that root can never have roles.
This module is generally stacked above the pam_unix_account(5) module.
The following options are interpreted:
allow_remote Allows a remote service to specify the user to enter as a role.
debug Provides syslog(3C) debugging information at the LOG_DEBUG level.
ERRORS
The following values are returned:
PAM_IGNORE If the type of the new user identity (PAM_USER) is "normal". Or, if the type of the new user identity is "role" and the
user asserting the new identity (PAM_AUSER) has the new identity name in its list of roles.
PAM_USER_UNKNOWN No account is present for user.
PAM_PERM_DENIED If the type of the new user identity (PAM_USER) is "role" and the user asserting the new identity (PAM_AUSER) does not
have the new identity name in its list of roles.
EXAMPLES
Example 1 Using the pam_roles.so.1 Module
The following are sample entries from pam.conf(4). These entries demonstrate the use of the pam_roles.so.1 module:
cron account required pam_unix_account.so.1
#
other account requisite pam_roles.so.1
other account required pam_unix_account.so.1
#
The cron service does not invoke pam_roles.so.1. Delayed jobs are independent of role assumption. All other services verify that roles can-
not directly login. The "su" service (covered by the "other" service entry) verifies that if the new user is a role, the calling user is
authorized for that role.
Example 2 Allowing Remote Roles
Remote roles should only be allowed from remote services that can be trusted to provide an accurate PAM_AUSERname. This trust is a function
of the protocol (such as sshd-hostbased).
The following is a sample entry for a pam.conf(4) file. It demonstrates the use of pam_roles configuration for remote roles for the sshd-
hostbased service.
sshd-hostbased account requisite pam_roles.so.1 allow_remote
sshd-hostbased account required pam_unix_account
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
|MT Level |MT-Safe with exceptions |
+-----------------------------+-----------------------------+
SEE ALSO
roles(1), sshd(1M), su(1M), libpam(3LIB), pam(3PAM), pam_acct_mgmt(3PAM), pam_setcred(3PAM), pam_set_item(3PAM), pam_sm_acct_mgmt(3PAM),
syslog(3C), pam.conf(4), user_attr(4), attributes(5), pam_authtok_check(5), pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5),
pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5)
NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
This module should never be stacked alone. It never returns PAM_SUCCESS, as it never makes a positive decision.
The allow_remote option should only be specified for services that are trusted to correctly identify the remote user (that is, sshd-host-
based).
PAM_AUSER has replaced PAM_RUSER whose definition is limited to the rlogin/rsh untrusted remote user name. See pam_set_item(3PAM).
SunOS 5.11 6 Mar 2007 pam_roles(5)