12-20-2009
What are the contents of your .../pam.d/sshd and .../pam/system-auth files?
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Vesion 3.8.1 of OpenSSH has been compiled on a Solaris 8 host. I am having difficulties in enabling password aging to work from reading /etc/default/passwd and /etc/shadow.
# passwd -f < user-id > works satisfactorily however once a password ages through due course from the settings in... (1 Reply)
Discussion started by: raylen
1 Replies
2. UNIX for Dummies Questions & Answers
If the command passwd -f is used, Users get the below error. I need to force users to change there passwords at initial login. Anyone know what is going on? This is on a Non-Stop UX system
UX:in.login: ERROR: Your password has been expired for too long
UX:in.login: TO FIX: Consult your system... (0 Replies)
Discussion started by: breigner
0 Replies
3. UNIX for Dummies Questions & Answers
hi experts
this is regarding password aging
i tried searching forum but i cudnt locate
given a login id,
i would like to determine whether password ageing has been enabled for that
and
for the login id whether password has been expired on a particular point of time
Thanks (4 Replies)
Discussion started by: teletype_error
4 Replies
4. Shell Programming and Scripting
Hi ,
is there anyway of implementing password aging in NIS?
I would say thanks in advance.
Thanks and regards,
HAA (1 Reply)
Discussion started by: HAA
1 Replies
5. AIX
Hi,
While I am trying SFTP my machine to another unix machine ,
it was working fine till 10 min back.
But now i am getting the below error
"Request for subsystem 'sftp' failed on channel 0"
Could you please someone help me to solve or analyise the root cause...
Cheers:b:,
Mahiban (0 Replies)
Discussion started by: mahiban
0 Replies
6. UNIX for Dummies Questions & Answers
Hi there,
what is the meaning of this line:
SFTP subsystem requests: 5 Time(s)
in: /var/mail/root???
Tks in advance,
GB (0 Replies)
Discussion started by: Giordano Bruno
0 Replies
7. UNIX for Advanced & Expert Users
Hi all,
I have a Solaris 10 server with SUN_SSH_1.1 installed.
I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work.
... (2 Replies)
Discussion started by: Donkey25
2 Replies
8. AIX
I have several ssh servers *running aix 5.3 and they respond to sftp requests just fine, but I have one that requires clients to specify the path to the sftp server using the -s flag which is*/usr/sbin/sftp-server
I check the sshd_config across all servers and they are the same. *The other... (1 Reply)
Discussion started by: massdesign
1 Replies
9. Red Hat
Hi
I need a specific user to be able to sftp to a server and get files from a specific location. The location is not the users home dir, i don't want the user to be able to view anything else apart from the files in that area.
e.g ftp file are is - /logging/phplogs
e.g user home is... (1 Reply)
Discussion started by: duckeggs01
1 Replies
10. Linux
Recently I have been playing with password ageing and the usage of ssh keys. I have found that if usePAM yes (default) is set in the /etc/ssh/sshd_config file then any password ageing and inactiivity can adversely affect a client with ssh keys.
For example:
Set PASS_MAX_DAYS to 60 in... (5 Replies)
Discussion started by: smurphy_it
5 Replies
LEARN ABOUT DEBIAN
pam-auth-update
PAM-AUTH-UPDATE(8) System Manager's Manual PAM-AUTH-UPDATE(8)
NAME
pam-auth-update - manage PAM configuration using packaged profiles
SYNOPSIS
pam-auth-update [--package [--remove profile [profile...]]] [--force]
DESCRIPTION
pam-auth-update is a utility that permits configuring the central authentication policy for the system using pre-defined profiles as sup-
plied by PAM module packages. Profiles shipped in the /usr/share/pam-configs/ directory specify the modules, with options, to enable; the
preferred ordering with respect to other profiles; and whether a profile should be enabled by default. Packages providing PAM modules reg-
ister their profiles at install time by calling pam-auth-update --package. Selection of profiles is done using the standard debconf inter-
face. The profile selection question will be asked at `medium' priority when packages are added or removed, so no user interaction is
required by default. Users may invoke pam-auth-update directly to change their authentication configuration.
The script makes every effort to respect local changes to /etc/pam.d/common-*. Local modifications to the list of module options will be
preserved, and additions of modules within the managed portion of the stack will cause pam-auth-update to treat the config files as locally
modified and not make further changes to the config files unless given the --force option.
If the user specifies that pam-auth-update should override local configuration changes, the locally-modified files will be saved in
/etc/pam.d/ with a suffix of .pam-old.
OPTIONS
--package
Indicate that the caller is a package maintainer script; lowers the priority of debconf questions to `medium' so that the user is
not prompted by default.
--remove profile [profile...]
Remove the specified profiles from the system configuration. pam-auth-update --remove should be used to remove profiles from the
configuration before the modules they reference are removed from disk, to ensure that PAM is in a consistent and usable state at all
times during package upgrades or removals.
--force
Overwrite the current PAM configuration, without prompting. This option must not be used by package maintainer scripts; it is
intended for use by administrators only.
FILES
/etc/pam.d/common-*
Global configuration of PAM, affecting all installed services.
/usr/share/pam-configs/
Package-supplied authentication profiles.
AUTHOR
Steve Langasek <steve.langasek@canonical.com>
COPYRIGHT
Copyright (C) 2008 Canonical Ltd.
SEE ALSO
PAM(7), pam.d(5), debconf(7)
Debian 08/23/2008 PAM-AUTH-UPDATE(8)