Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password Aging with Openssh 5.2 SFTP Subsystem Jail
Top Forums UNIX for Advanced & Expert Users Password Aging with Openssh 5.2 SFTP Subsystem Jail Post 302382214 by markdjones82 on Tuesday 22nd of December 2009 04:46:47 PM
Old 12-22-2009
That is where the issue was! I updated the SSHD pam file from another RHEL box that had the correct SSHD and it works. When I compiled openssh5.2 it didn't have the correct entries in /etc/pam.d/sshd

Thanks!


Here is the correct PAM if anyone cares:
Code:
#%PAM-1.0
auth       include      system-auth
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
session    optional     pam_keyinit.so force revoke
session    include      system-auth
session    required     pam_loginuid.s

 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

OpenSSH and password aging

Vesion 3.8.1 of OpenSSH has been compiled on a Solaris 8 host. I am having difficulties in enabling password aging to work from reading /etc/default/passwd and /etc/shadow. # passwd -f < user-id > works satisfactorily however once a password ages through due course from the settings in... (1 Reply)
Discussion started by: raylen
1 Replies

2. UNIX for Dummies Questions & Answers

password aging help

If the command passwd -f is used, Users get the below error. I need to force users to change there passwords at initial login. Anyone know what is going on? This is on a Non-Stop UX system UX:in.login: ERROR: Your password has been expired for too long UX:in.login: TO FIX: Consult your system... (0 Replies)
Discussion started by: breigner
0 Replies

3. UNIX for Dummies Questions & Answers

password aging

hi experts this is regarding password aging i tried searching forum but i cudnt locate given a login id, i would like to determine whether password ageing has been enabled for that and for the login id whether password has been expired on a particular point of time Thanks (4 Replies)
Discussion started by: teletype_error
4 Replies

4. Shell Programming and Scripting

is there anyway of implementing password aging in NIS?

Hi , is there anyway of implementing password aging in NIS? I would say thanks in advance. Thanks and regards, HAA (1 Reply)
Discussion started by: HAA
1 Replies

5. AIX

SFTP Failed---Request for subsystem 'sftp' failed on channel 0

Hi, While I am trying SFTP my machine to another unix machine , it was working fine till 10 min back. But now i am getting the below error "Request for subsystem 'sftp' failed on channel 0" Could you please someone help me to solve or analyise the root cause... Cheers:b:, Mahiban (0 Replies)
Discussion started by: mahiban
0 Replies

6. UNIX for Dummies Questions & Answers

SFTP subsystem requests

Hi there, what is the meaning of this line: SFTP subsystem requests: 5 Time(s) in: /var/mail/root??? Tks in advance, GB (0 Replies)
Discussion started by: Giordano Bruno
0 Replies

7. UNIX for Advanced & Expert Users

SFTP Jail With Sun SSH Not OpenSSH

Hi all, I have a Solaris 10 server with SUN_SSH_1.1 installed. I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work. ... (2 Replies)
Discussion started by: Donkey25
2 Replies

8. AIX

sftp : have to specify subsystem from client side

I have several ssh servers *running aix 5.3 and they respond to sftp requests just fine, but I have one that requires clients to specify the path to the sftp server using the -s flag which is*/usr/sbin/sftp-server I check the sshd_config across all servers and they are the same. *The other... (1 Reply)
Discussion started by: massdesign
1 Replies

9. Red Hat

sftp jail chroot env setup

Hi I need a specific user to be able to sftp to a server and get files from a specific location. The location is not the users home dir, i don't want the user to be able to view anything else apart from the files in that area. e.g ftp file are is - /logging/phplogs e.g user home is... (1 Reply)
Discussion started by: duckeggs01
1 Replies

10. Linux

Linux password aging and ssh keys

Recently I have been playing with password ageing and the usage of ssh keys. I have found that if usePAM yes (default) is set in the /etc/ssh/sshd_config file then any password ageing and inactiivity can adversely affect a client with ssh keys. For example: Set PASS_MAX_DAYS to 60 in... (5 Replies)
Discussion started by: smurphy_it
5 Replies

LEARN ABOUT OSF1

pam_loginuid

PAM_LOGINUID(8) 						 Linux-PAM Manual						   PAM_LOGINUID(8)

NAME

       pam_loginuid - Record user's login uid to the process attribute

SYNOPSIS

       pam_loginuid.so [require_auditd]

DESCRIPTION

       The pam_loginuid module sets the loginuid process attribute for the process that was authenticated. This is necessary for applications to
       be correctly audited. This PAM module should only be used for entry point applications like: login, sshd, gdm, vsftpd, crond and atd. There
       are probably other entry point applications besides these. You should not use it for applications like sudo or su as that defeats the
       purpose by changing the loginuid to the account they just switched to.

OPTIONS

       require_auditd
	   This option, when given, will cause this module to query the audit daemon status and deny logins if it is not running.

MODULE TYPES PROVIDED

       Only the session module type is provided.

RETURN VALUES

       PAM_SESSION_ERR
	   An error occurred during session management.

EXAMPLES

	   #%PAM-1.0
	   auth       required	   pam_unix.so
	   auth       required	   pam_nologin.so
	   account    required	   pam_unix.so
	   password   required	   pam_unix.so
	   session    required	   pam_unix.so
	   session    required	   pam_loginuid.so

SEE ALSO

       pam.conf(5), pam.d(5), pam(7), auditctl(8), auditd(8)

AUTHOR

       pam_loginuid was written by Steve Grubb <sgrubb@redhat.com>

Linux-PAM Manual						    09/19/2013							   PAM_LOGINUID(8)
All times are GMT -4. The time now is 07:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy