Search Results

Search found 15798 results on 632 pages for 'authentication required'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 102/632 | < Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >

  • pam_tally2 causing unwanted lockouts with SCOM or Nervecenter

    - by Chris
    We use pam_tally2 in our system-auth config file which works fine for users. With services such as SCOM or Nervecenter it causes lockouts. Same behavior on RHEL5 and RHEL6 This is /etc/pam.d/nervecenter #%PAM-1.0 # Sample NerveCenter/RHEL6 PAM configuration # This PAM registration file avoids use of the deprecated pam_stack.so module. auth include system-auth account required pam_nologin.so account include system-auth and this is /etc/pam.d/system-auth auth sufficient pam_centrifydc.so auth requisite pam_centrifydc.so deny account sufficient pam_centrifydc.so account requisite pam_centrifydc.so deny session required pam_centrifydc.so homedir password sufficient pam_centrifydc.so try_first_pass password requisite pam_centrifydc.so deny auth required pam_tally2.so deny=6 onerr=fail auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account required pam_unix.so account sufficient pam_succeed_if.so uid < 500 quiet account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 minclass=3 minlen=8 lcredit=1 ucredit=1 dcredit=1 ocredit=1 difok=1 password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok remember=8 password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so The login does work but it also triggers the pam_tally counter up until it hits 6 "false" logins. Is there any pam-ninjas around that could spot the issue? Thanks.

    Read the article

  • ConfigServer Security and Firewall -- after setup, how much daily management required?

    - by Hope4You
    I'm looking at using ConfigServer Security and Firewall (CSF; iptables-based). After I configure it properly, how much daily ongoing management is required of me to keep my server secure? Am I going to be flooded with "alert" emails that I need to check? Or does the firewall automatically take care of most security threats for me? Note: I understand that there's more to server security than just a software firewall, but this question is specifically for CSF security management.

    Read the article

  • How does Ubuntu keep track of the "System restart required" flag in motd?

    - by Anders Lindahl
    I have a few Ubuntu servers (8.10, 9.10) that is set to automatically install security updates. Some times these updates requires a restart of the system, and this string is shown in motd: *** System restart required *** To get a notice about these, I plan to write a Nagios test to monitor if the server is in need of a reboot. So, my question: Is there a better way than parsing /etc/motd to find out if a reboot is needed?

    Read the article

  • Users Password does not reset after successful login at the console but works fine with SSH

    - by jnbbender
    The title says it all. I have my unsuccessful login attempts set to three. I purposefully fail logging in 2x, then when I SSH into the box successfully the 3rd time my count drops back to zero; exactly what should happen. But at the console I get failed login attempts EVEN for my successful login attempts. I am using RHEL 5.6 and no I am not able to upgrade. Here is my system-auth file: auth required pam_env.so auth required pam_tally.so onerr=fail deny=3 per_user auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account required pam_unix.so account required pam_tally.so account sufficient pam_succeed_if.so uid < 500 quiet account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password required pam_deny.so session optional pam_keyinit.co revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so I have tried adding reset after and in place of per_user in the auth required pam_tally.so field. Nothing seems to work and I don't know why SSH is working just fine. Any ideas?

    Read the article

  • Liferay - Custom Authentication Web Service. Do not need user info in liferay db

    - by user366504
    Hi, I have followed http://stackoverflow.com/questions/3035932/liferay-custom-authentication-web-service link to customize authentication. But Liferay is still checking whether the same user email id is configured in the liferay db or not. If its not, it is saying that authetication failed. I do not want to keep any user information in the liferay db. Do any one know how to do that? Regards Vishal G

    Read the article

  • Django with custom authentication backends, is Csrf middleware really required ?

    - by Hellnar
    Hello, Under Django 1.1.1, I am using several authentication backends such as social-registration for facebook connect and django-emailauth for email based authentication instead of user names. I am curious if the Csrf middleware is an essential security measure as it seems like it sometimes generates problems, especially with facebook connect. My project is rather simple. Each user have a profile which they can fill and a purchase page where they fill the payment for to do purchases. Either of these pages are protected via @login_required.

    Read the article

  • Hotmail Senders receiving NDR : "550-Please turn on SMTP Authentication in your mail client..."

    - by DKNUCKLES
    Recently, senders from Hotmail have begun to get the following NDR when trying to e-mail our domain. EDIT : Full NDR Message Action: failed Status: 5.5.0 Diagnostic-Code: smtp;550-Please turn on SMTP Authentication in your mail client, or login to the 550-IMAP/POP3 server before sending your message. 550-snt0-omc3-s36.snt0.hotmail.com [65.55.90.175]:49271 is not permitted to 550 relay through this server without authentication This is seemingly out of the blue and I'm at a loss as to why this is happening. Pertinent Information We have multiple domains hooked up to our Exchange server. We changed our company name in January of this year, and the old primary domain (olddomain.com) will accept e-mails from Hotmail accounts, however e-mails sent to the new primary domain (newdomain.com) bounce back with the NDR listed above. The bounces only appear to be happening when the Hotmail sender is sending a new e-mail, and not if they are responding to an e-mail sent from our end. We have made no changes to the configuration of our server recently. This e-mail first appeared last Friday. As far as I can tell, the mail doesn't even seem to get to our server We performed an Exchange 2003 to 2010 migration last year. The 2003 acts as a Smart Host Any advice on this issue would be greatly appreciated! I'm at a loss

    Read the article

  • Which ports are needed for NTLM (Windows Authentication) to connect to SQL Server?

    - by Adam Bellaire
    I've got SQL server running on a machine which is not in a domain, and which is not operating in mixed mode (it's running with "Windows Authentication"). I'm trying to connect to it from a Linux web server running freetds via TCP/IP, using NTLM to authenticate. The firewall on the SQL server is very restrictive. 1433 is open to my web server, but I'm getting conflicting information from the web on what additional ports (TCP/UDP) are needed for NTLM to succeed. It is currently fail; I can talk on 1433 to request NTLM, but the actual authentication always fails. One source says 137, 138, 139, but those are just the NetBIOS ports. Do I really need those? Another source says 135. Still others seem to say 1434... I can't make heads or tails of it. Dammit Jim, I'm a programmer, not a network administrator! EDIT: The exact error message: Msg 18452, Level 14, State 1, Server , Line 0 Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection. Msg 20002, Level 9, State -1, Server OpenClient, Line -1 Adaptive Server connection failed I am attempting to connect with a remote machine username, i.e. 'servername\username'. Some sources recommend that I set up mirrored accounts on the local and remote machines, but the local machine is running Linux, not IIS under Windows.

    Read the article

  • How to diagnose and solve an erratic "HDCP Support Required"?

    - by Jom Orgstrom
    I am playing a digital tv broadcast on Windows Media Center for Windows 7. I built this system so it works with HDCP, and in fact I have been able to watch tv and bluray before with this same computer. However, I suddenly started getting an "HDCP Support Required" error from WMC. The entire message is as follows: HDCP Support Required High-bandwidth Digital Content Protection (HDCP) may not be supported by the current video card. Use an HDCP-compliant display, video card, and video driver. Or, connect using an analog connection such as component or VGA. Relevant specs are: CPU: Ivy Bridge Core i7-3770 Motherboard: Asus P8H77-I Memory: 16GB DDR3-1600 Graphics: Radeon HD 7850 (Driver by AMD, version 8.982.0.0 built on 2012/07/27) Display: Acer P243w connected by HDMI Sound: Roland Quad-Capture (It complains even when I use the bundled VIA HD Audio) TV Tuner: I-O Data GV-MC7/HZ3 OS: Windows 7 Professional SP1, Windows Update enabled. All patched and up to date. As you can see, there is nothing weird or old about my setup. I am also not doing anything strange, not doing any overclocking, weird system changes and so on. One thing that does happen from time to time, is that the display goes black for a few seconds (sometimes when watching media contents, sometimes when just using photoshop or Visual Studio). This happened with my previous setup as well, so I'd be inclined to think it is a display or cable issue (apart from the BD drive, these are the only things I kept from my previous setup to this one). But being a digital transfer, as far as I know, these things either work or not. Never erratically or with decreased quality. The thing is that sometimes I can watch the TV, sometimes not. This happens with recorded programs as well, so it's not a per-program thing. Sometimes rebooting helps, sometimes it doesn't. Sometimes unplugging and plugging back the HDMI connector helps, sometimes it doesn't. Sometimes doing so doesn't even turn the screen back on, so I have to reboot. Unfortunately, WMC's error message is quite unhelpful. I'd like to know exactly where the problem is, so I can solve it. I don't want to buy a brand new display just to then find out it was a registry setting that was misconfigured. I've tried looking at the system event viewer, but these errors don't show up at all in there. Other people who have this problem seem to have a setup that is not HDCP compliant, so I turn to you guys here. Anybody knows how to diagnose this problem? Edit: So I got the Cyberlink Blu-ray disc advisor. I ran it and told me everything was okay, except for the Video Connection Type, which showed as "Digital (without HDCP)". I then proceeded to unplug the power cable from the monitor, plugged it in again, ran the tool again, and now it's "Digital (with HDCP)". Needless to say, I can watch my TV and recorded programs on WMP again. I'm guessing that at some point, something may be slightly wrong with the HDCP setup, and Windows decides to reset the entire content protection path (which leads to the screen blanking out). Usually the reset succeeds, but sometimes it doesn't, so Windows defaults to turning HDCP off. There's no way to turn it back on, except by doing a hard reset of the display. I really want to know what the exact error was, so I can fix it. Is it the cable? is it the display? is it the video card? the driver? Also, is there any other way to try and turn HDCP on again without having to hard reset the display? Oh, questions, questions...

    Read the article

  • SpringMvc java.lang.NullPointerException When Posting Form To Server [closed]

    - by dev_darin
    I have a form with a user name field on it when i tab out of the field i use a RESTFUL Web Service that makes a call to a handler method in the controller. The method makes a call to a DAO class that checks the database if the user name exists. This works fine, however when the form is posted to the server i call the same exact function i would call in the handler method however i get a java.lang.NullPointerException when it accesses the class that makes a call to the DAO object. So it does not even access the DAO object the second time. I have exception handlers around the calls in all my classes that makes calls. Any ideas as to whats happening here why i would get the java.lang.NullPointerException the second time the function is called.Does this have anything to do with Spring instantiating DAO classes using a Singleton method or something to that effect? What can be done to resolve this? This is what happens the First Time The Method is called using the Web Service(this is suppose to happen): 13011 [http-8084-2] INFO com.crimetrack.jdbc.JdbcOfficersDAO - Inside jdbcOfficersDAO 13031 [http-8084-2] DEBUG org.springframework.jdbc.core.JdbcTemplate - Executing prepared SQL query 13034 [http-8084-2] DEBUG org.springframework.jdbc.core.JdbcTemplate - Executing prepared SQL statement [SELECT userName FROM crimetrack.tblofficers WHERE userName = ?] 13071 [http-8084-2] DEBUG org.springframework.jdbc.datasource.DataSourceUtils - Fetching JDBC Connection from DataSource 13496 [http-8084-2] DEBUG org.springframework.jdbc.core.StatementCreatorUtils - Setting SQL statement parameter value: column index 1, parameter value [adminz], value class [java.lang.String], SQL type unknown 13534 [http-8084-2] DEBUG org.springframework.jdbc.datasource.DataSourceUtils - Returning JDBC Connection to DataSource 13537 [http-8084-2] INFO com.crimetrack.jdbc.JdbcOfficersDAO - No username was found in exception 13537 [http-8084-2] INFO com.crimetrack.service.ValidateUserNameManager - UserName :adminz does NOT exist The Second time When The Form Is 'Post' and a validation method handles the form and calls the same method the web service would call: 17199 [http-8084-2] INFO com.crimetrack.service.OfficerRegistrationValidation - UserName is not null so going to check if its valid for :adminz 17199 [http-8084-2] INFO com.crimetrack.service.OfficerRegistrationValidation - User Name in try.....catch block is adminz 17199 [http-8084-2] INFO com.crimetrack.service.ValidateUserNameManager - Inside Do UserNameExist about to validate with username : adminz 17199 [http-8084-2] INFO com.crimetrack.service.ValidateUserNameManager - UserName :adminz EXCEPTION OCCURED java.lang.NullPointerException ValidateUserNameManager.java public class ValidateUserNameManager implements ValidateUserNameIFace { private OfficersDAO officerDao; private final Logger logger = Logger.getLogger(getClass()); public boolean DoesUserNameExist(String userName) throws Exception { logger.info("Inside Do UserNameExist about to validate with username : " + userName); try{ if(officerDao.OfficerExist(userName) == true){ logger.info("UserName :" + userName + " does exist"); return true; }else{ logger.info("UserName :" + userName + " does NOT exist"); return false; } }catch(Exception e){ logger.info("UserName :" + userName + " EXCEPTION OCCURED " + e.toString()); return false; } } /** * @return the officerDao */ public OfficersDAO getOfficerDao() { return officerDao; } /** * @param officerdao the officerDao to set */ public void setOfficerDao(OfficersDAO officerDao) { this.officerDao = officerDao; } } JdbcOfficersDAO.java public boolean OfficerExist(String userName){ String dbUserName; try{ logger.info("Inside jdbcOfficersDAO"); String sql = "SELECT userName FROM crimetrack.tblofficers WHERE userName = ?"; try{ dbUserName = (String)getJdbcTemplate().queryForObject(sql, new Object[]{userName},String.class); logger.info("Just Returned from database"); }catch(Exception e){ logger.info("No username was found in exception"); return false; } if(dbUserName == null){ logger.info("Database did not find any matching records"); } logger.info("after JdbcTemplate"); if (dbUserName.equals(userName)) { logger.info("User Name Exists"); return true; }else{ logger.info("User Name Does NOT Exists"); return false; } }catch(Exception e){ logger.info("Exception Message in JdbcOfficersDAO is "+e.getMessage()); return false; } } OfficerRegistrationValidation.java public class OfficerRegistrationValidation implements Validator{ private final Logger logger = Logger.getLogger(getClass()); private ValidateUserNameManager validateUserNameManager; public boolean supports(Class<?> clazz) { return Officers.class.equals(clazz); } public void validate(Object target, Errors errors) { Officers officer = (Officers) target; if (officer.getUserName() == null){ errors.rejectValue("userName", "userName.required"); }else{ String userName = officer.getUserName(); logger.info("UserName is not null so going to check if its valid for :" + userName); try { logger.info("User Name in try.....catch block is " + userName); if (validateUserNameManager.DoesUserNameExist(userName)== true){ errors.rejectValue("userName", "userName.exist"); } } catch (Exception e) { logger.info("Error Occured When validating UserName"); errors.rejectValue("userName", "userName.error"); } } if(officer.getPassword()== null){ errors.rejectValue("password", "password.required"); } if(officer.getPassword2()== null){ errors.rejectValue("password2", "password2.required"); } if(officer.getfName() == null){ errors.rejectValue("fName","fName.required"); } if(officer.getlName() == null){ errors.rejectValue("lName", "lName.required"); } if (officer.getoName() == null){ errors.rejectValue("oName", "oName.required"); } if (officer.getEmailAdd() == null){ errors.rejectValue("emailAdd", "emailAdd.required"); } if (officer.getDob() == null){ errors.rejectValue("dob", "dob.required"); } if (officer.getGenderId().equals("A")){ errors.rejectValue("genderId","genderId.required"); } if(officer.getDivisionNo() == 1){ errors.rejectValue("divisionNo", "divisionNo.required"); } if(officer.getPositionId() == 1){ errors.rejectValue("positionId", "positionId.required"); } if (officer.getStartDate() == null){ errors.rejectValue("startDate","startDate.required"); } if(officer.getEndDate() == null){ errors.rejectValue("endDate","endDate.required"); } logger.info("The Gender ID is " + officer.getGenderId().toString()); if(officer.getPhoneNo() == null){ errors.rejectValue("phoneNo", "phoneNo.required"); } } /** * @return the validateUserNameManager */ public ValidateUserNameManager getValidateUserNameManager() { return validateUserNameManager; } /** * @param validateUserNameManager the validateUserNameManager to set */ public void setValidateUserNameManager( ValidateUserNameManager validateUserNameManager) { this.validateUserNameManager = validateUserNameManager; } } Update Error Log using Logger.Error("Message", e): 39024 [http-8084-2] INFO com.crimetrack.service.OfficerRegistrationValidation - UserName is not null so going to check if its valid for :adminz 39025 [http-8084-2] INFO com.crimetrack.service.OfficerRegistrationValidation - User Name in try.....catch block is adminz 39025 [http-8084-2] ERROR com.crimetrack.service.OfficerRegistrationValidation - Message java.lang.NullPointerException at com.crimetrack.service.OfficerRegistrationValidation.validate(OfficerRegistrationValidation.java:47) at org.springframework.validation.DataBinder.validate(DataBinder.java:725) at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.doBind(HandlerMethodInvoker.java:815) at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveHandlerArguments(HandlerMethodInvoker.java:367) at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:171) at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:436) at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:424) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:789) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Unknown Source) 39025 [http-8084-2] INFO com.crimetrack.service.OfficerRegistrationValidation - Error Occured When validating UserName

    Read the article

  • Ldap ssh authentication is super slow... any way to speed it up?

    - by Johnathon
    I am running OpenSUSE. Here is the output of ssh -vvv: OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to <ipaddress> [ipaddress] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Incorrect RSA1 identifier debug3: Could not load "/root/.ssh/id_rsa" as a RSA1 public key debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1 debug1: match: OpenSSH_5.1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "ipaddress" from file "/root/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:4 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 138/256 debug2: bits set: 529/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA cb:7f:ff:2e:65:28:f0:95:e6:8a:71:24:2a:67:02:2b debug3: load_hostkeys: loading entries for host "<ipaddress>" from file "/root/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:4 debug3: load_hostkeys: loaded 1 keys debug1: Host '<ipaddress>' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:4 debug2: bits set: 504/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /root/.ssh/id_rsa (0xb789d5c8) debug2: key: /root/.ssh/id_dsa ((nil)) debug2: key: /root/.ssh/id_ecdsa ((nil)) debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /root/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply It hangs here for a good 30 seconds to a minute then debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa debug1: Trying private key: /root/.ssh/id_ecdsa debug3: no such identity: /root/.ssh/id_ecdsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 I added PubkeyAuthentication no to the /etc/ssh/ssh_config and the /etc/ssh/sshd_config which makes it faster getting to the password prompt, but the password prompt still takes some time. Any way to fix that? Here is where the password hangs debug3: packet_send2: adding 32 (len 25 padlen 7 extra_pad 64) debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). Authenticated to ipaddress ([ipaddress]:22). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. FIXED!!!!!!!!!!!!!! What is did... In the nsswitch_conf I had ldap included in the group and passwd which slows it down a lot. Thank you everybody for your input passwd: compat group: files hosts: files dns networks: files dns

    Read the article

  • Active directory authentication for Ubuntu Linux login and cifs mounting home directories...

    - by Jamie
    I've configured my Ubuntu 10.04 Server LTS Beta 2 residing on a windows network to authenticate logins using active directory, then mount a windows share to serve as there home directory. Here is what I did starting from the initial installation of Ubuntu. Download and install Ubuntu Server 10.04 LTS Beta 2 Get updates # sudo apt-get update && sudo apt-get upgrade Install an SSH server (sshd) # sudo apt-get install openssh-server Some would argue that you should "lock sshd down" by disabling root logins. I figure if your smart enough to hack an ssh session for a root password, you're probably not going to be thwarted by the addition of PermitRootLogin no in the /etc/ssh/sshd_config file. If your paranoid or not simply not convinced then edit the file or give the following a spin: # (grep PermitRootLogin /etc/ssh/sshd_conifg && sudo sed -ri 's/PermitRootLogin ).+/\1no/' /etc/ssh/sshd_conifg) || echo "PermitRootLogin not found. Add it manually." Install required packages # sudo apt-get install winbind samba smbfs smbclient ntp krb5-user Do some basic networking housecleaning in preparation for the specific package configurations to come. Determine your windows domain name, DNS server name, and IP address for the active directory server (for samba). For conveniance I set environment variables for the windows domain and DNS server. For me it was (my AD IP address was 192.168.20.11): # WINDOMAIN=mydomain.local && WINDNS=srv1.$WINDOMAIN If you want to figure out what your domain and DNS server is (I was contractor and didn't know the network) check out this helpful reference. The authentication and file sharing processes for the Windows and Linux boxes need to have their clocks agree. Do this with an NTP service, and on the server version of Ubuntu the NTP service comes installed and preconfigured. The network I was joining had the DNS server serving up the NTP service too. # sudo sed -ri "s/^(server[ \t]).+/\1$WINDNS/" /etc/ntp.conf Restart the NTP daemon # sudo /etc/init.d/ntp restart We need to christen the Linux box on the new network, this is done by editing the host file (replace the DNS of with the FQDN of the windows DNS): # sudo sed -ri "s/^(127\.0\.0\.1[ \t]).*/\1$(hostname).$WINDOMAIN localhost $(hostname)/" /etc/hosts Kerberos configuration. The instructions that follow here aren't to be taken literally: the values for MYDOMAIN.LOCAL and srv1.mydomain.local need to be replaced with what's appropriate for your network when you edit the files. Edit the (previously installed above) /etc/krb5.conf file. Find the [libdefaults] section and change (or add) the key value pair (and it is in UPPERCASE WHERE IT NEEDS TO BE): [libdefaults] default_realm = MYDOMAIN.LOCAL Add the following to the [realms] section of the file: MYDOMAIN.LOCAL = { kdc = srv1.mydomain.local admin_server = srv1.mydomain.local default_domain = MYDOMAIN.LOCAL } Add the following to the [domain_realm] section of the file: .mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL Conmfigure samba. When it's all said done, I don't know where SAMBA fits in ... I used cifs to mount the windows shares ... regardless, my system works and this is how I did it. Replace /etc/samba/smb.conf (remember I was working from a clean distro of Ubuntu, so I wasn't worried about breaking anything): [global] security = ads realm = MYDOMAIN.LOCAL password server = 192.168.20.11 workgroup = MYDOMAIN idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes restrict anonymous = 2 Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start Setup the authentication. Edit the /etc/nsswitch.conf. Here are the contents of mine: passwd: compat winbind group: compat winbind shadow: compat winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start At this point I could login, home directories didn't exist, but I could login. Later I'll come back and add how I got the cifs automounting to work. Numerous resources were considered so I could figure this out. Here is a short list (a number of these links point to mine own questions on the topic): Samba Kerberos Active Directory WinBind Mounting Linux user home directories on CIFS server Authenticating OpenBSD against Active Directory How to use Active Directory to authenticate linux users Mounting windows shares with Active Directory permissions Using Active Directory authentication with Samba on Ubuntu 9.10 server 64bit How practical is to authenticate a Linux server against AD? Auto-mounting a windows share on Linux AD login

    Read the article

  • How do I use a custom authentication mechanism for a Java web application with Spring Security?

    - by Adam
    Hi, I'm working on a project to convert an existing Java web application to use Spring Web MVC. As a part of this I will migrate the existing log-on/log-off mechanism to use Spring Security. The idea at this stage is to replicate the existing functionality and replace only the web layer, leaving the service classes and objects in place. The required functionality is simple. Access is controlled to URLs and to access certain pages the user must log on. Authentication is performed with a simple username and password along with an extra static piece of information that comes from the login page. There is no notion of a role: once a user has logged on they have access to all of the pages. Behind the scenes, the service layer has a class with a simple authentication method: doAuthenticate(String username, String password, String info) throws ServiceException An exception is thrown if the login fails. I'd like to leave this existing service object that does the authentication intact but to "plug it into" the Spring Security mechanism. Can somebody suggest the best approach to take for this please? Naturally, I'd like to take the path of least resistance and leave the work where possible to Spring... Thanks in advance, Adam.

    Read the article

  • How do I resolve the message "Validating WSFC quorum vote configuration - Action Required."

    - by Rob Boek
    I have a 3 node AlwaysOn Availability Group on a 3 node WSFC using node majority. 2 nodes are setup as synchronous with automatic fail-over, the 3rd is setup as asynchronous with manual fail-over. When I try to fail-over using the GUI, I get a warning as shown in the screenshot. There is no warning or error if I fail-over with T-SQL. Adding a file share to the quorum doesn't help. The only way I can resolve the warning is to remove the asynchronous sql instance from the 3rd node (it remains part of the WSFC). Either way, the AlwaysOn dashboard says quorum is OK. Am I missing something? Is this a bug in the GUI that I should just ignore? Clicking "Action Required" gives the following error:

    Read the article

  • What's required to configure Ubuntu to use a specific DNS server?

    - by ks78
    I've setup two Amazon EC2 instances, both running Ubuntu Server. One is configured as a DNS server running bind9, which will be used to allow EC2 instances to communicate with each other based on hostname rather than IP, since their private IPs may change. I think I have the DNS server setup correctly. I want to use the second EC2 instance to test the DNS server. Using Webmin, I've added the DNS server's private IP to the client's DNS Servers list and added the domain to the Search Domains list. I did have to edit /etc/dhcp3/dhclint.conf to make my changes stick. After reboot, I expected I'd be able to ping or nslookup the DNS server from the test client, but it can't seem to find the server. Is there something I'm missing? What's required to configure an Ubuntu client to use a DNS server? I just want to make sure I'm not missing something before I assume the server's the problem.

    Read the article

  • "error 1723 there is a pr*blem with this windows installer package a dll required for this install to complete could not be run" while uninstall java

    - by user1650410
    I am having the following problem:I've installed java 1.6u33 on my windows 7 machine.Everything was fine, i was running eclipse for example.But i did a mistake -i deleted the jre6 dir.Now i am trying to reinstall java with no success.I got this msg when i try to uninstall it: "error 1723 there is a problem with this windows installer package a dll required for this install to complete could not be run..."I've deleted everything i had found for java in the registry,the Java dir, also tried JavaRa.I saw in MSI**.LOG files what dll is mising and put it where it was searched for.No success. So is there a way i can reinstall java without reinstalling windows?

    Read the article

  • Is a reboot required to refresh permissions after adding a user to a new group?

    - by Michael Prescott
    On ubuntu server, I've noticed more than once now that after adding a user to a group that user doesn't have group permissions until I reboot the system. For example: User 'hudson' needs permission to read directory 'root:shadow /etc/shadow' So I add hudson to the shadow group. hudson still cannot read. So, I 'sudo shutdown -h -r now' and when the system comes up again user hudson can read. Is a reboot required or is there a better way to get permissions applied after adding the user to the group?

    Read the article

  • how to fix An error occurred during the processing of a configuration file required to service this request

    - by Alex
    Just created branda new MVC 4 project and instead of expected "hello world" got following error: ==================================================== Server Error in '/' Application. Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Default Role Provider could not be found. Source Error: Line 244: Line 245: Line 246: Line 247: Line 248: Source File: c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Config\machine.config Line: 246 Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272 =============================================================== Any idea how to fix this? Thanks

    Read the article

  • My architecture has a problem with views that required information from different objects. How can I solve this?

    - by Oscar
    I am building an architecture like this: These are my SW layers ______________ | | | Views | |______________| ______________ | | |Business Logic| |______________| ______________ | | | Repository | |______________| My views are going to generate my HTML to be sent to the user Business logic is where all the business logics are Repository is a layer to access the DB My idea is that the repository uses entities (that are basically the representation of the tables, in order to perform DB queries. The layers communicate between themselves using Business Objects, that are objects that represent the real-world-object itself. They can contain business rules and methods. The views build/use DTOs, they are basically objects that have the information required to be shown on the screen. They expect also this kind of object on actions and, before calling the business logic, they create BO. First question: what is your overall feeling about this architecture? I've used similar architecture for some projects and I always got this problem: If my view has this list to show : Student1, age, course, Date Enrolled, Already paid? It has information from different BO. How do you think one should build the structure? These were the alternatives I could think of: The view layer could call the methods to get the student, then the course it studies, then the payment information. This would cause a lot of DB accesses and my view would have the knowledge about how to act to generate this information. This just seems wrong for me. I could have an "adapter object", that has the required information (a class that would have a properties Student, Course and Payment). But I would required one adapter object for each similar case, this may get very bad for big projects. I still don't like them. Would you have ideas? How would you change the architecture to avoid this kind of problems? @Rory: I read the CQRS and I don't think this suits my needs. As taken from a link references in your link Before describing the details of CQRS we need to understand the two main driving forces behind it: collaboration and staleness That means: many different actors using the same object (collaboration) and once data has been shown to a user, that same data may have been changed by another actor – it is stale (staleness). My problem is that I want to show to the user information from different BO, so I would need to receive them from the service layer. How can my service layer assemble and deliver this information? Edit to @AndrewM: Yes, you understood it correctly, the original idea was to have the view layer to build the BOs, but you have a very nice point about the creation of the BO inside the business layers. Assuming I follow your advice and move the creation logic inside the business layer, my business layer interface would contain the DTOs, for instance public void foo(MyDTO object) But as far as I understand, the DTO is tightly coupled to each view, so it would not be reusable by a second view. In order to use it, the second view would need to build a specific DTO from a specific view or I would have to duplicate the code in the business layer. Is this correct or am I missing something?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >