Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password Aging with Openssh 5.2 SFTP Subsystem Jail
Top Forums UNIX for Advanced & Expert Users Password Aging with Openssh 5.2 SFTP Subsystem Jail Post 302381761 by fpmurphy on Sunday 20th of December 2009 11:39:42 AM
Old 12-20-2009
What are the contents of your .../pam.d/sshd and .../pam/system-auth files?
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

OpenSSH and password aging

Vesion 3.8.1 of OpenSSH has been compiled on a Solaris 8 host. I am having difficulties in enabling password aging to work from reading /etc/default/passwd and /etc/shadow. # passwd -f < user-id > works satisfactorily however once a password ages through due course from the settings in... (1 Reply)
Discussion started by: raylen
1 Replies

2. UNIX for Dummies Questions & Answers

password aging help

If the command passwd -f is used, Users get the below error. I need to force users to change there passwords at initial login. Anyone know what is going on? This is on a Non-Stop UX system UX:in.login: ERROR: Your password has been expired for too long UX:in.login: TO FIX: Consult your system... (0 Replies)
Discussion started by: breigner
0 Replies

3. UNIX for Dummies Questions & Answers

password aging

hi experts this is regarding password aging i tried searching forum but i cudnt locate given a login id, i would like to determine whether password ageing has been enabled for that and for the login id whether password has been expired on a particular point of time Thanks (4 Replies)
Discussion started by: teletype_error
4 Replies

4. Shell Programming and Scripting

is there anyway of implementing password aging in NIS?

Hi , is there anyway of implementing password aging in NIS? I would say thanks in advance. Thanks and regards, HAA (1 Reply)
Discussion started by: HAA
1 Replies

5. AIX

SFTP Failed---Request for subsystem 'sftp' failed on channel 0

Hi, While I am trying SFTP my machine to another unix machine , it was working fine till 10 min back. But now i am getting the below error "Request for subsystem 'sftp' failed on channel 0" Could you please someone help me to solve or analyise the root cause... Cheers:b:, Mahiban (0 Replies)
Discussion started by: mahiban
0 Replies

6. UNIX for Dummies Questions & Answers

SFTP subsystem requests

Hi there, what is the meaning of this line: SFTP subsystem requests: 5 Time(s) in: /var/mail/root??? Tks in advance, GB (0 Replies)
Discussion started by: Giordano Bruno
0 Replies

7. UNIX for Advanced & Expert Users

SFTP Jail With Sun SSH Not OpenSSH

Hi all, I have a Solaris 10 server with SUN_SSH_1.1 installed. I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work. ... (2 Replies)
Discussion started by: Donkey25
2 Replies

8. AIX

sftp : have to specify subsystem from client side

I have several ssh servers *running aix 5.3 and they respond to sftp requests just fine, but I have one that requires clients to specify the path to the sftp server using the -s flag which is*/usr/sbin/sftp-server I check the sshd_config across all servers and they are the same. *The other... (1 Reply)
Discussion started by: massdesign
1 Replies

9. Red Hat

sftp jail chroot env setup

Hi I need a specific user to be able to sftp to a server and get files from a specific location. The location is not the users home dir, i don't want the user to be able to view anything else apart from the files in that area. e.g ftp file are is - /logging/phplogs e.g user home is... (1 Reply)
Discussion started by: duckeggs01
1 Replies

10. Linux

Linux password aging and ssh keys

Recently I have been playing with password ageing and the usage of ssh keys. I have found that if usePAM yes (default) is set in the /etc/ssh/sshd_config file then any password ageing and inactiivity can adversely affect a client with ssh keys. For example: Set PASS_MAX_DAYS to 60 in... (5 Replies)
Discussion started by: smurphy_it
5 Replies

LEARN ABOUT DEBIAN

pam-auth-update

PAM-AUTH-UPDATE(8)					      System Manager's Manual						PAM-AUTH-UPDATE(8)

NAME

       pam-auth-update - manage PAM configuration using packaged profiles

SYNOPSIS

       pam-auth-update [--package [--remove profile [profile...]]]  [--force]

DESCRIPTION

       pam-auth-update	is  a utility that permits configuring the central authentication policy for the system using pre-defined profiles as sup-
       plied by PAM module packages.  Profiles shipped in the /usr/share/pam-configs/ directory specify the modules, with options, to enable;  the
       preferred ordering with respect to other profiles; and whether a profile should be enabled by default.  Packages providing PAM modules reg-
       ister their profiles at install time by calling pam-auth-update --package.  Selection of profiles is done using the standard debconf inter-
       face.   The  profile  selection	question  will be asked at `medium' priority when packages are added or removed, so no user interaction is
       required by default.  Users may invoke pam-auth-update directly to change their authentication configuration.

       The script makes every effort to respect local changes to /etc/pam.d/common-*.  Local modifications to the list of module options  will	be
       preserved, and additions of modules within the managed portion of the stack will cause pam-auth-update to treat the config files as locally
       modified and not make further changes to the config files unless given the --force option.

       If the user specifies that pam-auth-update should override local configuration  changes,  the  locally-modified	files  will  be  saved	in
       /etc/pam.d/ with a suffix of .pam-old.

OPTIONS

       --package
	      Indicate	that  the  caller is a package maintainer script; lowers the priority of debconf questions to `medium' so that the user is
	      not prompted by default.

       --remove profile [profile...]
	      Remove the specified profiles from the system configuration.  pam-auth-update --remove should be used to remove  profiles  from  the
	      configuration before the modules they reference are removed from disk, to ensure that PAM is in a consistent and usable state at all
	      times during package upgrades or removals.

       --force
	      Overwrite the current PAM configuration, without prompting.  This option must not be used  by  package  maintainer  scripts;  it	is
	      intended for use by administrators only.

FILES

       /etc/pam.d/common-*
	   Global configuration of PAM, affecting all installed services.

       /usr/share/pam-configs/
	   Package-supplied authentication profiles.

AUTHOR

       Steve Langasek <steve.langasek@canonical.com>

COPYRIGHT

       Copyright (C) 2008 Canonical Ltd.

SEE ALSO

       PAM(7), pam.d(5), debconf(7)

Debian								    08/23/2008							PAM-AUTH-UPDATE(8)
All times are GMT -4. The time now is 07:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy