Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Do you trust your users to follow your instructions?
The Lounge War Stories Do you trust your users to follow your instructions? Post 302950146 by Corona688 on Tuesday 21st of July 2015 11:16:19 AM
Old 07-21-2015
Short version, no. Long version, nnnnnnnnnno. I don't trust users to follow instructions. The ability to do so is shockingly rare.
This User Gave Thanks to Corona688 For This Post:
rbatte1
 

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

ssh2-keygen trust issue

I have two systems SysA & SysB having the same userid sharing the home directory via NFS mount. I need to know the steps to setup ssh trust between these two systems given that both share the home dir. I have tried all the steps to generate the keys & then creating identification &... (2 Replies)
Discussion started by: deo_kaustubh
2 Replies

2. Solaris

configuring user as trust

Hi Gurus, Got another issue. I am trying to configure a user to run some scripts through trusted user where in while logging to remote system it shouldn't ask for password. i did following to get it working but its not working i create a private and public key with the below... (1 Reply)
Discussion started by: kumarmani
1 Replies

3. HP-UX

Not Trust Host 10.10.10.10

I get a message similar to this, in the syslog file. Actually, I am trying to let the host at 10.10.10.10 access the HP-UX system. How do I get it trusted? Thanks! (2 Replies)
Discussion started by: instant000
2 Replies

4. UNIX for Dummies Questions & Answers

ssh trust issue

Hi, i am setting up ssh trust setup between two servers where SVRA is a solaris box and SVRB is a Red Hat Linux. It is asking for the password all the time. I have copied over the SVRA:/home/nagios/.ssh/id_dsa.pub as authorized_keys on to SVRB:/dat01/home/nagios/.ssh/ -bash-3.00$ ssh -vvv... (4 Replies)
Discussion started by: uxadmin007
4 Replies

5. Linux

SCEP and Trust Anchor

Hi Does anybody knows about the simple certificate enrollment protocol details ? if yes please provide me the details. And what is a trust anchor profile ? Thanks in advance. (0 Replies)
Discussion started by: chaitus.28
0 Replies

6. Shell Programming and Scripting

SSH Trust Testing

Hi, I want test the ssh trust between two host. It works fine if the trust is working fine but if the trust is not working fine it gets stuck. #!/bin/sh >/users/test/ssh.txt for i in `cat /users/test/host.txt`; do ssh test@$i uname -a >> /users/test/ssh.txt test=`cat... (0 Replies)
Discussion started by: Abhayman
0 Replies

7. What is on Your Mind?

Twitter Users: Follow the Forums on Twitter

Hey Twitter Users, You can follow the forums on Twitter: https://twitter.com/unixlinux @unixlinux Current Twitter Stats: TWEETS 76.4K FOLLOWERS 54.3K Comments or questions? Please post below. (1 Reply)
Discussion started by: Neo
1 Replies

LEARN ABOUT CENTOS

opieaccess

OPIEACCESS(5)							File Formats Manual						     OPIEACCESS(5)

NAME

       [/etc/]opieaccess - OPIE database of trusted networks

DESCRIPTION

       The  opieaccess	file  contains	a list of networks that are considered trusted by the system as far as security against passive attacks is
       concerned. Users from networks so trusted will be able to log in using OPIE responses, but not be required to do so, while users from  net-
       works  that  are  not trusted will always be required to use OPIE responses (the default behavior). This trust allows a site to have a more
       gentle migration to OPIE by allowing it to be non-mandatory for "inside" networks while allowing users to choose whether they with  to  use
       OPIE to protect their passwords or not.

       The  entire  notion  of	trust implemented in the opieaccess file is a major security hole because it opens your system back up to the same
       passive attacks that the OPIE system is designed to protect you against. The opieaccess support in  this  version  of  OPIE  exists  solely
       because we believe that it is better to have it so that users who don't want their accounts broken into can use OPIE than to have them pre-
       vented from doing so by users who don't want to use OPIE. In any environment, it should be considered a transition tool and not a permanent
       fixture.  When  it  is  not  being used as a transition tool, a version of OPIE that has been built without support for the opieaccess file
       should be built to prevent the possibility of an attacker using this file as a means to circumvent the OPIE software.

       The opieaccess file consists of lines containing three fields separated by spaces (tabs are properly interpreted, but spaces should be used
       instead) as follows:

       Field	     Description
       action	     "permit" or "deny" non-OPIE logins
       address	     Address of the network to match
       mask	     Mask of the network to match

       Subnets	can  be  controlled by using the appropriate address and mask. Individual hosts can be controlled by using the appropriate address
       and a mask of 255.255.255.255. If no rules are matched, the default is to deny non-OPIE logins.

SEE ALSO

       opie(4), opiekeys(5), opiepasswd(1), opieinfo(1), opiesu(1), opielogin(1), opieftpd(8)

AUTHOR

       Bellcore's S/Key was written by Phil Karn, Neil M. Haller, and John S. Walden of Bellcore. OPIE was created at NRL by Randall Atkinson, Dan
       McDonald, and Craig Metz.

       S/Key is a trademark of Bell Communications Research (Bellcore).

CONTACT

       OPIE is discussed on the Bellcore "S/Key Users" mailing list. To join, send an email request to:

       skey-users-request@thumper.bellcore.com

7th Edition							 January 10, 1995						     OPIEACCESS(5)
All times are GMT -4. The time now is 06:02 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy