10 More Discussions You Might Find Interesting
1. AIX
I am running AIX 7.1 and currently we have samba 3.6.25 installed on the server. As it stands some AIX folders are shared that can be accessed by certain Windows users.
The problem is that since Windows 10 the guest feature no longer works so users have to manually type in their Windows login/pwd... (14 Replies)
Discussion started by: linuxsnake
14 Replies
2. UNIX for Advanced & Expert Users
Using below below command i'm able to connect or authenticate server, In below command password contains special characters
sshpass -v -p 'ASJBA%hs76)#' ssh -q -o ConnectTimeout=5 hostname
But If I pass password as a variable I'm not able to connect or authenticate server, can you please help... (1 Reply)
Discussion started by: sam@sam
1 Replies
3. SuSE
We are having an issue with slow password prompts via SSH login on all of our SLES 11.2 boxes. The output from a ssh -v login attempt shows a delay here:
debug1: SSH2_MSG_SERVICE_ACCEPT receivedThis issue only happens on the first logon of the day; subsequent logons are normal. Adding the client's... (8 Replies)
Discussion started by: j_aix
8 Replies
4. UNIX for Dummies Questions & Answers
Hi!
Im trying to set access from ServerA(SunOS) to ServerB(Some custom Linux with Keyboard Interactive login) with SSH Keys. As a proof of concept I was able to do it between 2 virtual machines. Now in my real life scenario it isnt working.
I created the keys in ServerA, copied them to... (7 Replies)
Discussion started by: RedSpyder
7 Replies
5. Solaris
Hi,
I am facing strange problem in solaris 10.
My requirement is that on server A using user test, any user which is created on Server B will be able to login wihtout password (ssh) from Server A
All the users which are on Server B are able able to login from Server A using test user.
... (8 Replies)
Discussion started by: manoj.solaris
8 Replies
6. Shell Programming and Scripting
Hello Friends,
I know this issue has been raised many times and hence I tried every resolution provided in the forum before I posted this issue again.
My Password-less RSA authentication was working fine for quite some time. Whenever the remote server password used to change I used to re-do... (5 Replies)
Discussion started by: mehimadri
5 Replies
7. Solaris
I can able to SFTP from my web server unix to apps server unix end. but the other way from APPS server to Web server is still asking me the password. I have done same procedure both side. still i am having same problem. Any one help on this. thanks, regards (3 Replies)
Discussion started by: vijill
3 Replies
8. Solaris
I am using solaris unix 8.2 version. I want to bypass password authentication for sftp. Can you please give some ideas on this. thanks.Regards. (4 Replies)
Discussion started by: vijill
4 Replies
9. Solaris
Hello;
I am moving a customer from Solaris 2.6 to Solaris 2.8. The customer has requested the following two requirements also be implemented:
1. Lock a user account out for X number of days after 3 unsuccessful login attempts.
2. No reuse of the last 5-10 passwords. Also referred to... (1 Reply)
Discussion started by: rambo15
1 Replies
10. Cybersecurity
I would like to know how to validate an unix password from shell script (If is possible)
Thanks very much
;) (3 Replies)
Discussion started by: juan_o_morillo
3 Replies
pam_dce(5) pam_dce(5)
NAME
pam_dce - authentication, account, and password management PAM functions for DCE
SYNOPSIS
/usr/lib/security/libpam_dce.so.1
DESCRIPTION
The DCE PAM modules allow integration of DCE into the system entry services (such as login, telnet, rlogin, ftp) through the pam.conf(4)
file. The DCE service module for PAM consists of the following three modules: the authentication module, the account management module,
and the password management module. All three modules are supported through the same loadable library, /usr/lib/security/libpam_dce.so.1
is the interface that services the requests from These requests will be communicated to the DCE security server, which in turn sends the
response back to ilogind. This response is then sent back to /usr/lib/security/libpam_dce.so.1.
Authentication Module
The authentication module certifies the identity of a user and the user's credentials. It passes the authentication key derived from the
user's password to the DCE Security Service. The Security Service then uses the authentication key to certify the user and the user's cre-
dentials. The following options can be passed to the authentication module through the pam.conf(4) file:
debug Turn on syslog debugging at the LOG_DEBUG level.
nowarn Turn off warning messages about not being able to acquire DCE credentials.
use_first_pass Use the initial password (entered when the user is authenticated to the first authentication module in the stack) to
authenticate with DCE. If the user can not be authenticated or if this is the first authentication module in the
stack, quit and do not prompt a password. It is recommended that this option be used only if the authentication mod-
ule is designated as optional in the pam.conf(4) configuration file.
try_first_pass Use the initial password (entered when the user is authenticated to the first authentication module in the PAM stack)
to authenticate with DCE. If the user cannot be authenticated or if this is the first authentication module in the
stack, prompt for a password.
A user must be authenticated and the user's credentials set before a system entry service can access any file directories owned by the user
that are mounted through DTS.
Account Management Module
The account management module provides a function to perform account management (pam_sm_acct_mgmt(3)). sends a request to the
DCE implementation of pam_sm_acct_mgmt(3) function which retrieves the user's account and password expiration information from the DCE
Security Server and verifies that the user's account and password have not expired. The following options can be passed to the account
module through the pam.conf(4) file:
debug Turn on syslog debugging at the LOG_DEBUG level.
nowarn Turn off warning messages displayed when a user's account and/or password are going to expire.
pam_sm_acct_mgmt(3) calls the function sec_login_inquire_net_info(3) to retrieve information about when a user's account and/or password is
going to expire.
Password Management Module
The password management module provides a function to change passwords (pam_sm_chauthtok(3)). The following options can be passed to the
password module through the pam.conf(4) file:
debug Turn on syslog debugging at the LOG_DEBUG level.
nowarn Turn off warning messages about not being able to change passwords.
try_first_pass Use the initial password (entered to the first password module in the PAM stack) to authenticate with DCE. If the
user cannot be authenticated or if this is the first password module in the stack, prompt for a password.
use_first_pass Use the initial password (entered to the first password module in the PAM stack) to authenticate with DCE. If user
cannot be authenticated or if this is the first password module in the stack, quit and do not prompt for a password.
It is recommended that this option be used only if the DCE password module is designated as optional in the
pam.conf(4) configuration file.
SEE ALSO
pam(3), sec_login_setup_identity(3), sec_login_valid_and_cert_ident(3), sec_login_set_context(3), sec_login_inquire_net_info(3),
pam.conf(4), pam_unix(5) ilogind(1m)
HP DCE
pam_dce(5)