06-13-2013
"interactive password authentication" means "password typed by a human being in realtime authentication", and no substitutes for humans are acceptable to it. It makes sure it reads from a terminal, not a file, not a pipe.
To force it to accept a stored plaintext password, you would have to install a third-party brute forcing utility like expect or the like, which creates virtual terminals to fool things into thinking they're interactive when they're not. It would make your scripts a great deal more complicated since you must lead it step by step.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi All,
I have some SFTP Key. I would like to know how do I add them to UAT Server? Please help.
Thanks (0 Replies)
Discussion started by: jingi1234
0 Replies
2. Shell Programming and Scripting
I am trying to SFTP to a couple sites. One has an RSA-KEY that was sent to me. Currently I am running that manually using WinSCP. I would like to set it up as a CRON process on our Linux host (Sun).
Can I use the rsa-key they sent me in any directory or does it need to be placed in a specific... (2 Replies)
Discussion started by: alemat
2 Replies
3. UNIX for Advanced & Expert Users
Hello,
We have an issue attempting to login from a Unix Solaris to an NT server using key authentication. I will attempt to provide you with as much of the relevant information regarding the way the system is set up, although I'm workingin solely on the Unix side, so don't have full access to... (3 Replies)
Discussion started by: SteveBurch
3 Replies
4. Shell Programming and Scripting
Hi everybody,
I need some help on writing a script that is able to remote copy file to one server. I already created this types of scripts, and works ok as long as this server I want to copy from is access through telnet. Here is how I do it:
ftp -n xxx.xxx.xxx.xxx << _EOF_
user user_name... (6 Replies)
Discussion started by: Alexis Duarte
6 Replies
5. UNIX for Dummies Questions & Answers
Hi,
I am trying to connect through SFTP. Though the DSA 2048 public key is installed in the server machine, the connection is established only with password authentication! When i turn off password authentication in sshd_config file the connection is not working.
Please advise,
Best... (0 Replies)
Discussion started by: Maharajan
0 Replies
6. UNIX and Linux Applications
Hi,
I am trying to connect through SFTP. Though the DSA 2048 public key is installed in the server machine, the connection is established only with password authentication! When i turn off password authentication in sshd_config file the connection is not working.
Please advise,
Best... (0 Replies)
Discussion started by: Maharajan
0 Replies
7. Shell Programming and Scripting
Hello All,
I am stuck!
I have access to an external server via SFTP. In order to access the external server I was given a specific port, password, and a ppk.
I would to create a script on my server end that can I can setup as a corn job, that will connect to the external server and... (1 Reply)
Discussion started by: kingr008
1 Replies
8. HP-UX
Hi All,
I am facing an issue wherein a new sft public key for a user is not working on our HP-UX m/c.
So i have to check where the sftp public keys for some other sample users were installed earlier in the system i.e. under which folder.
Can you please help me out on this. (2 Replies)
Discussion started by: ammbhhar
2 Replies
9. UNIX for Dummies Questions & Answers
Hi all,
I need to connect using SFTP from Red Hat to Windows. Connection between servers work when I specify location of my private key in the script. However, I want to use syntax without private key location specified. I know this should work, as I found it in older scripts.
Scripts were... (0 Replies)
Discussion started by: yavvie
0 Replies
10. Shell Programming and Scripting
Hi All,
I am trying to transfer a file from one server to a remote server using SFTP. Client is not ready for key setup.
I am working on Solaris 10.
Here is the code.
#!/bin/ksh
# sample automatic Sftp script to dump a file
USER="user1"
PASSWORD="pass1"
HOST="host1"
sftp $USER@$HOST... (6 Replies)
Discussion started by: megha2525
6 Replies
LEARN ABOUT SUSE
pam_userdb
PAM_USERDB(8) Linux-PAM Manual PAM_USERDB(8)
NAME
pam_userdb - PAM module to authenticate against a db database
SYNOPSIS
pam_userdb.so db=/path/database [debug] [crypt=[crypt|none]] [icase] [dump] [try_first_pass] [use_first_pass] [unknown_ok] [key_only]
DESCRIPTION
The pam_userdb module is used to verify a username/password pair against values stored in a Berkeley DB database. The database is indexed
by the username, and the data fields corresponding to the username keys are the passwords.
OPTIONS
crypt=[crypt|none]
Indicates whether encrypted or plaintext passwords are stored in the database. If it is crypt, passwords should be stored in the
database in crypt(3) form. If none is selected, passwords should be stored in the database as plaintext.
db=/path/database
Use the /path/database database for performing lookup. There is no default; the module will return PAM_IGNORE if no database is
provided.
debug
Print debug information.
dump
Dump all the entries in the database to the log. Don't do this by default!
icase
Make the password verification to be case insensitive (ie when working with registration numbers and such). Only works with plaintext
password storage.
try_first_pass
Use the authentication token previously obtained by another module that did the conversation with the application. If this token can
not be obtained then the module will try to converse. This option can be used for stacking different modules that need to deal with the
authentication tokens.
use_first_pass
Use the authentication token previously obtained by another module that did the conversation with the application. If this token can
not be obtained then the module will fail. This option can be used for stacking different modules that need to deal with the
authentication tokens.
unknown_ok
Do not return error when checking for a user that is not in the database. This can be used to stack more than one pam_userdb module
that will check a username/password pair in more than a database.
key_only
The username and password are concatenated together in the database hash as 'username-password' with a random value. if the
concatenation of the username and password with a dash in the middle returns any result, the user is valid. this is useful in cases
where the username may not be unique but the username and password pair are.
MODULE TYPES PROVIDED
The auth and account module types are provided.
RETURN VALUES
PAM_AUTH_ERR
Authentication failure.
PAM_AUTHTOK_RECOVERY_ERR
Authentication information cannot be recovered.
PAM_BUF_ERR
Memory buffer error.
PAM_CONV_ERR
Conversation failure.
PAM_SERVICE_ERR
Error in service module.
PAM_SUCCESS
Success.
PAM_USER_UNKNOWN
User not known to the underlying authentication module.
EXAMPLES
auth sufficient pam_userdb.so icase db=/etc/dbtest.db
SEE ALSO
crypt(3), pam.conf(5), pam.d(5), pam(8)
AUTHOR
pam_userdb was written by Cristian Gafton >gafton@redhat.com<.
Linux-PAM Manual 03/02/2009 PAM_USERDB(8)