UNIX Logon/Authentication Types


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers UNIX Logon/Authentication Types
# 1  
Old 11-18-2015
UNIX Logon/Authentication Types

Hi,

I was wondering if someone may be able to help me with finding out the different *nix logon types.

The different logon types for a Successful Logon event type in Windows (4624) is well documented both on the M$ site and also on many tech related sites, listing the different logon types and descriptions. [I tried to post a link but I'm not allowed yet - happy to supply one in the comments.]
(Sorry for using Windows as a comparison but it was an easy example.)

So far from our logging I have collected the following list of different logon types:
accepted keyboard-interactive
accepted keyboard-interactive/pam
accepted password
accepted publickey
login

This has been collected either from the messages or the auth logs with an example below:
Code:
[DATE] [TIME] [serverName] sshd[5698]: Accepted keyboard-interactive for [user] from [Address] port 64967 ssh2

I have managed to find info for most of them (I believe 'login' is to do with an issue in our logging), but I am asking if there are any other login/auth types that I haven't listed?
If so, would you please be able to link me to a page so that I can grab a description the type?

I'm not interested in the different methods, unless they'd appear in the auth logs as 'Accepted LDAP interactive', or similar.

Please let me know if you'd like any clarification on the question.

Thanks in advance.

Last edited by urhero; 11-18-2015 at 12:06 PM..
# 2  
Old 11-18-2015
Not every system uses or even allows all possible login "types". If you read the pam manpage or vi pam.conf in the /etc directory tree you can see what your system does. Also note that you can deny interactive ssh sessions on a per user or per group basis - see your sshd.conf file. This affects the types of logins that you will see.

LDAP, for instance, can be set up to employ a remote server or to use the local box as the ldap server. What you may see in the auth logs will be different - at least on Solaris.

edit: As a second thought - please share what are you trying to accomplish ultimately - NOT how you think it should be done.
# 3  
Old 11-18-2015
First of all you have to specify, what kind of UNIX or Linux you have. Messages about successful logons can be very different and can be found in different places on different UNIXes.
# 4  
Old 11-18-2015
Quote:
Originally Posted by agent.kgb
First of all you have to specify, what kind of UNIX or Linux you have. Messages about successful logons can be very different and can be found in different places on different UNIXes.
You're right, sorry.
We're running a mix of the following:

RedHat
AIX
Solaris
SUSE

Generally, checking in /var/log/messages or /var/log/auth (after syslog has been enabled) gives me the auth event info that I need.

I guess the easier question is:

Aside from the 'logon types' that I've listed in my OP, are there any other anyone can think of that would appear in /var/log/auth when a user logs in?
# 5  
Old 11-18-2015
Just because AIX console is near and you've mentioned it:

Code:
Nov 18 18:07:15 SERVER1 auth|security:notice tsm: Login successful for root from  on /dev/vty0

---------- Post updated at 10:48 PM ---------- Previous update was at 06:10 PM ----------

RHEL7:

Code:
Nov 18 22:46:10 SERVER login: ROOT LOGIN ON tty1

# 6  
Old 11-19-2015
Quote:
Originally Posted by agent.kgb
Just because AIX console is near and you've mentioned it:

Code:
Nov 18 18:07:15 SERVER1 auth|security:notice tsm: Login successful for root from  on /dev/vty0

---------- Post updated at 10:48 PM ---------- Previous update was at 06:10 PM ----------

RHEL7:

Code:
Nov 18 22:46:10 SERVER login: ROOT LOGIN ON tty1

Thanks!
And how were these authentications made?
# 7  
Old 11-19-2015
as you can see both were local logins using console.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Secondary Authentication of UNIX .

Hi All, My Servers are enabled with a secondary authentication of login. Whenever we are logging in to the servers with a common id it is asking like something " Enet your personal id and password" which has been created by UNIX admins previously. Just curious how to achieve this... (1 Reply)
Discussion started by: Showdown
1 Replies

2. AIX

UNIX authentication strategy - LDAP or AD

We are looking at using Tivoli Directory Server (LDAP) or Active Directory 2003 for authentication. I wanted to get some feedback from the community. Our goal is to do it the simplest, easiest, and cheapest way that allows for centralized user authentication. We are mainly an AIX environment with... (3 Replies)
Discussion started by: x96riley3
3 Replies

3. Shell Programming and Scripting

Get all types of shell supported on any unix flavors.

Hello - Is there a command/way we can find out, what shells are supported on a Unix machine? Please let me know. Thanks, Manju (3 Replies)
Discussion started by: manju--
3 Replies

4. Solaris

bypass password authentication for sftp in unix

I am using solaris unix 8.2 version. I want to bypass password authentication for sftp. Can you please give some ideas on this. thanks.Regards. (4 Replies)
Discussion started by: vijill
4 Replies

5. Solaris

Identify which authentication method was used at logon

Experts, Is there any way to know which authentication method the user used to login into the box? I mean, is possible to identify if an active user had logged using keys or password for example? Let me clarify: we have a script that we want to allow users to execute only if they have used... (2 Replies)
Discussion started by: fmattos
2 Replies

6. Windows & DOS: Issues & Discussions

Windows AD for Unix authentication

I am not an expert in Unix at all. My knowledge of Unix is average. We have a couple of Unix servers, Solaris and Linux, which run mostly web servers, and Oracle databases. Currently users have multiple user IDs for Unix and AD applications. Is it possible to make use of the Windows Active... (2 Replies)
Discussion started by: speriya
2 Replies

7. UNIX for Dummies Questions & Answers

UNIX logon script/batch

Hi everyone, I am a newbies to Unix and hope someone can help me on: 1. Do anyone has batch file example that can be logon to a unix sever through telnet and exec a nohup command without typing in username and passward everytime ? 2. A java script exmaple for doing the same logon so it... (1 Reply)
Discussion started by: oht
1 Replies

8. UNIX for Dummies Questions & Answers

What file types does unix support?

Hello, I've search this site many times and ave not been able to find my answer. So I'm going to post my question....(duh) Ok. I'm wanting to know what file types does unix support. if you can try and list them like this: php, .php or somthing like that. plus don't forget that I said I... (3 Replies)
Discussion started by: dgames
3 Replies

9. UNIX for Dummies Questions & Answers

What all Unix types can be installed on PC?

I would like to know as what all Unix types can be installed on PC, i.e. Intel Pentium processor and having HDD of let us say 4 GB or so? What RAM would be sufficient? I know for sure that Linux is free and can be installed on PC, can some one tell about other UNIX types which can be obtained for... (3 Replies)
Discussion started by: SANJAY
3 Replies
Login or Register to Ask a Question