Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Please help my computer has been compromised
Top Forums UNIX for Dummies Questions & Answers Please help my computer has been compromised Post 302895186 by MadeInGermany on Saturday 29th of March 2014 04:22:37 AM
Old 03-29-2014
1. Change your password.
2. Examine/delete your ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2
3. Do 1. and 2. for the administrator(root) user.
4. Watch the network connections with the command
Code:
netstat

 

9 More Discussions You Might Find Interesting

1. IP Networking

in.telnetd[5115] -- compromised?

/* Linux Slackware */ looking in my logs I see tons of entries similar to below. Does anyone know what these mean, and should I be concerned. I looked up a few of the IP's at Arin.net and saw that many of them belong to isp's (not good).. Any information is helpful.. Body of Messages log... (1 Reply)
Discussion started by: LowOrderBit
1 Replies

2. Programming

getting computer name

Hi all! Is there any function to get the name from a computer by the IP adresse? Thank you in advance! Greetings Mario (2 Replies)
Discussion started by: coredump2003
2 Replies

3. Shell Programming and Scripting

Another customisation for my computer

Hey, this time, I want my rhythmbox to play a different playlist at a set time (about sleeping time). my shellcode works, since if i run it it works, but when i make crontab run it, nothing happens. I try appending commands to the code, such as cp a file, and that occurs, so I have no idea what is... (1 Reply)
Discussion started by: davidY
1 Replies

4. OS X (Apple)

Change Computer Name

I am trying to change my computer name (located in system prefs-> sharing) using unix i've tried Macbook-Pro:~ user$ hostname Macbook-Pro.local Macbook-Pro:~ user$ sudo hostname hello Password: Macbook-Pro:~ user$ hostname hello It seems to work, but my computer is still called... (2 Replies)
Discussion started by: CBarraford
2 Replies

5. UNIX for Dummies Questions & Answers

How Can I To Power Off My Computer?

I have a SCO UNIX 5.0.6. and a computer ATX. My Question is: How can i to power off my computer without to push the power button? :confused: Please help me. :( Thanks :) (11 Replies)
Discussion started by: vhabalos
11 Replies

6. UNIX for Advanced & Expert Users

who - PC Computer name

Does anyone know of a way of identifying the PC / client name rather than IP address via who or some other AIX command (5.3). (4 Replies)
Discussion started by: gefa
4 Replies

7. What is on Your Mind?

What was your first computer?

Hey, the What Do You Do for a Living thread got me thinking about this. My first "computer" was a Timex Sinclair that I built from a kit. I also spent many hours painstakingly programming a Commodore Vic20 to display graphics and sound (and save them on that slooooow tape drive). My first "real"... (26 Replies)
Discussion started by: dday
26 Replies

8. Windows & DOS: Issues & Discussions

Which Computer to buy?

I currently own a macbook which I am happy with. I will be starting CS coursework in august, is it ok to buy a netbook just for programming purposes. The largest file would be the compiler; I do not see the actual programs taking up that much space. Thanks. (4 Replies)
Discussion started by: N-Training
4 Replies

9. Cybersecurity

Server has been compromised

Hi, I want to ask something about server that has been compromised. Recently, one of my VPS server has been hacked and the attacker install somekind like "IRC" script. Everytime I killed the process or close the port, it can open again .. and again ..I'm sure the attacker has installed... (14 Replies)
Discussion started by: franx47
14 Replies

LEARN ABOUT CENTOS

pam_ssh_agent_auth

pam_ssh_agent_auth(8)							PAM						     pam_ssh_agent_auth(8)

PAM_SSH_AGENT_AUTH
       This module provides authentication via ssh-agent.  If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
       the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.

SUMMARY

       /etc/pam.d/sudo: auth	sufficient     pam_ssh_agent_auth.so file=/etc/security/authorized_keys
       /etc/sudoers:
	    Defaults	env_keep += "SSH_AUTH_SOCK"

       This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
       /etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
       either be local, or forwarded.

       Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.

ARGUMENTS

       file=<path to authorized_keys>
	   Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)

       allow_user_owned_authorized_keys_file
	   A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
	   whenever the expansions %h or ~ are used.

       debug
	   A flag which enables verbose logging

       sudo_service_name=<service name you compiled sudo to use>
	   (when compiled with --enable-sudo-hack)

	   Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
	   is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.

	   This defaults to "sudo".

EXPANSIONS

       ~  -- same as in shells, a user's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
	   to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file

       %h -- User's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file

       %H -- The short-hostname
       %u -- Username
       %f -- FQDN

EXAMPLES

       in /etc/pam.d/sudo

       "auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
	   The default .ssh/authorized_keys file in a user's home-directory

       "auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
	   Same as above.

       "auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
	   If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys.  In this case, we have not
	   specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys.	In this case, we specified
	   allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys.	In this case, we
	   have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.

v0.8								    2009-08-09						     pam_ssh_agent_auth(8)
All times are GMT -4. The time now is 01:51 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy