Search Results

Search found 17378 results on 696 pages for 'remote x session'.

Page 218/696 | < Previous Page | 214 215 216 217 218 219 220 221 222 223 224 225 | Next Page >

Immediate logout after login with PAM, Kerberos, and LDAP

- by Dylan Klomparens

I've set up remote login on a computer using Kerberos and LDAP. I've also configured NFS to mount onto /home so that the user's home directory is the same wherever they login. Kerberos authentication seems to work fine. I can get a ticket using kinit user1 (assuming user1 is a remote user) and see the ticket with klist. I'm pretty sure LDAP is working because I see the proper output from getent passwd, which lists all the remote users. The contents of /home are present when I list the files. The problem is: when I try to login as a remote user the session is immediately ended. Why is it not letting me stay logged in? Here is the output from /var/log/messages after a login attempt: # /var/log/messages: Oct 9 10:57:53 tophat login[6472]: pam_krb5[6472]: authentication succeeds for 'user1' ([email protected]) Oct 9 10:57:53 tophat login[6472]: pam_krb5[6472]: pam_setcred (establish credential) called Oct 9 10:57:53 tophat login[6472]: pam_krb5[6472]: pam_setcred (delete credential) called EDIT: The distro is openSUSE. Here are the common-* files in /etc/pam.d: # /etc/pam.d/common-account account required pam_unix.so # /etc/pam.d/common-auth auth sufficient pam_krb5.so minimum_uid=1000 auth required pam_unix.so nullok_secure try_first_pass # /etc/pam.d/common-session session optional pam_umask.so umask=002 session sufficient pam_krb5.so minimum_uid=1000 session required pam_unix.so There doesn't appear to be a /var/log/auth.log file nor a /var/log/secure file.

Read the article
Mapping an sFTP connection to a Windows drive?

- by Nicolas

I'm looking for a way to map an sFTP connection to a Windows (Vista) drive. In other words, a tool that would add a new drive (let's say N:) to my computer, that would directly point to my remote server via sFTP. That way, "N:\my_dir\file.txt" would actually be something like "/home/user/my_dir/file.txt" on the remote server. Reading the file on Windows would download it, and writing content in it would upload it...network transfers being made via sFTP. I'm aware of Novell NetDrive, but it has various issues with long filenames, and seems to corrupt UTF-8 files content depending on the BOM. Do you know about any reliable alternative ? Thanks ! Edit : I have complete control of the remote server, except that it's remote enough for me not to be able to physically access it.

Read the article
How can I keep gnu screen from becoming unresponsive after losing my SSH connection?

- by Mikey

I use a VPN tunnel to connect to my work network and then SSH to connect to my work PC running cygwin. Once logged in I can attach to a screen session and everything works great. Now, after a while, I walk away from my computer and sooner or later, the VPN tunnel times out. The SSH connection on each end eventually times out and then I eventually come back to my computer to do some work. Theoretically, this should be a simple matter of just restarting the VPN, reconnecting via SSH, and then running "screen -r -d". However apparently when the sshd daemon times out on the cygwin PC, it leaves the screen session in some kind of hung state. I can reproduce a similar hung state by clicking the close box on a cygwin bash shell window while it's running a screen session. Is there any way to get the screen session to recover once this has happened, so that I don't lose anything?

Read the article
pam_tally2 causing unwanted lockouts with SCOM or Nervecenter

- by Chris

We use pam_tally2 in our system-auth config file which works fine for users. With services such as SCOM or Nervecenter it causes lockouts. Same behavior on RHEL5 and RHEL6 This is /etc/pam.d/nervecenter #%PAM-1.0 # Sample NerveCenter/RHEL6 PAM configuration # This PAM registration file avoids use of the deprecated pam_stack.so module. auth include system-auth account required pam_nologin.so account include system-auth and this is /etc/pam.d/system-auth auth sufficient pam_centrifydc.so auth requisite pam_centrifydc.so deny account sufficient pam_centrifydc.so account requisite pam_centrifydc.so deny session required pam_centrifydc.so homedir password sufficient pam_centrifydc.so try_first_pass password requisite pam_centrifydc.so deny auth required pam_tally2.so deny=6 onerr=fail auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account required pam_unix.so account sufficient pam_succeed_if.so uid < 500 quiet account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 minclass=3 minlen=8 lcredit=1 ucredit=1 dcredit=1 ocredit=1 difok=1 password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok remember=8 password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so The login does work but it also triggers the pam_tally counter up until it hits 6 "false" logins. Is there any pam-ninjas around that could spot the issue? Thanks.

Read the article
How to create a static IP on Windows Server 2008 R2 so I can access the server remotely

- by Aesir

I have just purchased a HP Proliant N40L which I am intending to use as a NAS, learning tool and just in general something to mess around with. As a student via the Microsoft dreamspark program I can get a free copy of Windows Server 2008 R2 which I am using as the OS. So that I can remote to the box from outside of my local network and so that I can stream media from it to my PS3, I have read that I need to create a static IP for the server and use port forwarding to forward to this IP so I can remote in. Is this correct? I am not really sure how to do this and if I need to make these changes on my router configuration, on the OS or both. I am a novice when it comes to networking however most resources for Windows server 2008 R2 seem to assume a fair amount of experience already. I realise that using this particular OS may seem like overkill for what I currently wish to do with it (stream content to other devices and backup) but as I can get a copy for free it seems sensible. Edit: From reading answers posted I feel I should give more information. I have now tried to add a static IP address using my router configuration settings. I have used the getmac command to get the mac address of the server. My ISP is Virgin Media and I have gone to the LAN IP section and I have added an IP address to the DHCP Reservation Lease Info. I can now use remote desktop connection internally to remote to the server (so I am assuming assigning this IP has worked). How do I configure this on the OS as well? I am also unsure on how I would remote to this machine outside of my local network?

Read the article
make file readable by other users

- by Alaa Gamal

i was trying to make one sessions for my all subdomains (one session across subdomains) subdomain number one auth.site.com/session_test.php session_set_cookie_params(0, '/', '.site.com'); session_start(); echo session_id().'<br />'; $_SESSION['stop']='stopsss this'; print_r($_SESSION); subdomain number two anscript.site.com/session_test.php session_set_cookie_params(0, '/', '.site.com'); session_start(); echo session_id().'<br />'; print_r($_SESSION); Now when i visit auth.site.com/session_test.php i get this result 06pqdthgi49oq7jnlvuvsr95q1 Array ( [stop] => stopsss this ) And when i visit anscript.site.com/session_test.php i get this result 06pqdthgi49oq7jnlvuvsr95q1 Array () session id is same! but session is empty after two days of failed trys, finally i detected the problem the problem is in file promissions the file is not readable by the another user session file on my server -rw------- 1 auth auth 25 Jul 11 11:07 sess_06pqdthgi49oq7jnlvuvsr95q1 when i make this command on the server chmod 777 sess_06pqdthgi49oq7jnlvuvsr95q1 i get the problem fixed!! the file is became readable by (anscript.site.com) So, how to fix this problem? How to set the default promissions on session files? this is the promissions of the sessions directory Access: (0777/drwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)

Read the article
Secure copy uucp style

- by Alexander Janssen

I often have the case that I have to make a lot of hops to the remote host, just because there is no direct routing between my client and the remote host. When I need to copy files from a remote host two or more hops away, I always have to: client$ ssh host1 host1$ ssh host2 host2$ scp host3:/myfile . host2$ exit host1$ scp host2:myfile . host1$ exit client$ scp host1:myfile . Back when uucp still was being used this would be as simple as a uucp host1!host2!host3 /myfile . I know that there's uucp over ssh, but unfortunately I don't have the proper privileges on those machines to set it up. Also, I'm not sure if I really want to fiddle around with customer's machines. Does anyone know of a method doing this tasks without the need to setup a lot of tunnels or deploying new software to remote hosts? Maybe some kind of recursive script which clones itself to all the remote hosts, doing the hard work for me? Assume that authentication takes place with public keys and that all hosts do SSH Agent Forwarding. Edit: I'm not looking for a way to automatically forwarding my interactive sesssion to the nexthop host. I want a solution to copy files bangpath-style using scp via multiple hops without the need to install uucp on any of those machines. I don't have the (legal) rights or the privileges to make permanent changes to the ssh-config. Also, I'm sharing this username and hosts with a lot of other people. I'm willing to hack up my own script, but I wanted to know if anyone knows something which already does it. Minimum-invasive changes to hosts on the bangpath, simple invocation from the client. Edit 2: To give you an impression of how it's properly been done in interactive sessions, have a look at the GXPC clustershell. This is basically a Python-script, which spwans itself over to all remote hosts which have connectivity and where your ssh-key is installed. The great thing about it is, that you can tell "I can reach HostC via HostB via HostA." It just works. I want to have this for scp.

Read the article
Offlineimap -- push changes to all folders; only pull from INBOX folder

- by g33kz0r

I would like to be able to set up offlineimap to do the following Sync Remote/INBOX - Local Sync Local/Maildirs/* - Remote Possible? The use case here is: I download all new mail from my remote IMAP INBOX folder with offlineimap. offlineimap's posthook command calls a custom python script which does junk filtering, then sorts and categorizes my mail in the local INBOX folder to various local maildirs based on sender, etc. I read my mail with mutt and perhaps do some more categorization. ? Step 4 is what I'm after. I want offlineimap to push my local changes (categorization, filtering, deletion in the case of spam) back to the various folders on the imap server, but as you can see, there's no need for me to be pulling any changes from folders other than Remote/INBOX, as no changes happen on the IMAP server itself. I hope that's a clear explanation of the problem.

Read the article
Windows 7: This notification icon is currently not active

- by icelava

Some time this week, without any major change done to one of my x64 Windows 7 computers, the Media eject icon goes missing in the systray taskbar area. When I attempt to reset the notification settings, i see this "This notification icon is currently not active" info warning Initially KB945011 managed to restore the icon after a reboot. But now it appears to have disappeared again. It seems to have disappeared (cannot really confirm) after I unlock the physical logon session (which was previously rerouted to a virtual Remote Desktop session). Anybody have knowledge on possible causes to this missing behaviour? UPDATE 1 Feb 11 It seems that happens often when I remote desktop to the computer, I see it from the remote screen, but when i unlock the screen physically, it disappears. It would reappear when I connect to remote desktop again. Hmmmmm.

Read the article
Is there a way to automatically display the username on the Desktop background in Win7?

- by Jonas

We have computer used by multiple users running Win7. Unfortunately, people forget to log out, or they just use the session that is currently open, or they think that they're using their own session, but in the meantime, somebody else has logged on without logging out. To make it clear to people that they're using somebody else's session, I'd like to display the username of the person logged on (the one that's visible in the start menu) on the Desktop wallpaper; something like "John Doe's session". Is that possible?

Read the article
/etc/environment and cron

- by clorz

Hi, I've got two machines: Fedora and CentOS. And a cronjob 0-59 * * * * env > /home/me/env.log On CentOS I can see that /etc/environment is affecting the output while on Fedora it does not. I want Fedora to be like CentOS. What do I need to make it happen? /etc/pam.d/crond on Fedora auth sufficient pam_rootok.so auth required pam_env.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/pam.d/crond on CentOS auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/security/pam_env.conf is the same on both systems and consists of commented out lines. Even if I make /etc/pam.d/cron.d files the same, problem still persists.

Read the article
Adding local users / passwords on Kerberized Linux box

- by Brian

Right now if I try to add a non-system user not in the university's Kerberos realm I am prompted for a Kerberos password anyway. Obviously there is no password to be entered, so I just press enter and see: passwd: Authentication token manipulation error passwd: password unchanged Typing passwd newuser has the same issue with the same message. I tried using pwconv in the hopes that only a shadow entry was needed, but it changed nothing. I want to be able to add a local user not in the realm and give them a local password without being bothered about Kerberos. I am on Ubuntu 10.04. Here are my /etc/pam.d/common-* files (the defaults that Ubuntu's pam-auth-update package generates): account # here are the per-package modules (the "Primary" block) account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so # here's the fallback if no module succeeds account requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around account required pam_permit.so # and here are more per-package modules (the "Additional" block) account required pam_krb5.so minimum_uid=1000 # end of pam-auth-update config auth # here are the per-package modules (the "Primary" block) auth [success=2 default=ignore] pam_krb5.so minimum_uid=1000 auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config password # here are the per-package modules (the "Primary" block) password requisite pam_krb5.so minimum_uid=1000 password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512 # here's the fallback if no module succeeds password requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around password required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config session # here are the per-package modules (the "Primary" block) session [default=1] pam_permit.so # here's the fallback if no module succeeds session requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around session required pam_permit.so # and here are more per-package modules (the "Additional" block) session optional pam_krb5.so minimum_uid=1000 session required pam_unix.so # end of pam-auth-update config

Read the article
Is it possible to have replication between an unknown number of databases?

- by MJB

In other words, can I have a single central database, that gets data from remote databases, but that does not know which remote databases exist until data from the remote database arrives? This does not sound like "replication" to me. Is there another term I should use for this, or is it a type of replication?

Read the article
Using screen to monitor non-interactive scripts (or some other solution)

- by Michael

I have some autonomous scripts that run commands on remote machines over ssh. These scripts rely on getting stdout, stderr, and the return code of each command run. I want to be able to monitor the progress of the scripts on each target machine so that I can see if something has hung and possibly intervene if necessary. My initial idea was to have the scripts run commands in a screen session, so that the person monitoring could simply attach to the session with screen -x. However, it was hard to do that from a script since screen is an interactive program. I can send a command to the screen session with screen -S session -X stuff "command^M", but then I don't get the output and return code that I need back. My second idea was to put script /path/to/log in ~/.bash_profile and log the entire session to a file. Then the monitoring person could simply tail the log file. However, this doesn't provide the interactivity that I was looking for. Any ideas on how to solve this problem?

Read the article
Can I read a smartcard in a virtual machine?

- by endian

My employer requires a smartcard to login to their web-based remote working platform. I want to access this platform by using a Remote Desktop Connection on to my Windows 7 Virtual Machine, with the smartcard plugged into my home PC. However, whilst I can see the smartcard on my home PC, it doesn't appear in the virtual machine, despite me having "Smart Cards" enabled in the Local Resources page of Remote Desktop Connection. Is it possible to get this working?

Read the article
/etc/environment and cron

- by clorz

I've got two machines: Fedora and CentOS. And a cronjob 0-59 * * * * env > /home/me/env.log On CentOS I can see that /etc/environment is affecting the output while on Fedora it does not. I want Fedora to be like CentOS. What do I need to make it happen? /etc/pam.d/crond on Fedora auth sufficient pam_rootok.so auth required pam_env.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/pam.d/crond on CentOS auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/security/pam_env.conf is the same on both systems and consists of commented out lines. Even if I make /etc/pam.d/cron.d files the same, problem still persists.

Read the article
htaccess rewriterule leading slash

- by Tiddo

I'm using htaccess to rewrite my urls so that I can have nice clean urls. However, the same htaccess file does different things on my local server and my remote server: On my local server the url to the website is like http://localhost/example/ and on my remote server the url is http://example.com/. For my local server I can use the following htaccess redirect rule: RewriteRule ^(.*)$ index.php?page=$1 [L,QSA] However, when I use this on my remote server I get an internal server error. Instead I have to use this: (note the leading slash) RewriteRule ^(.*)$ /index.php?page=$1 [L,QSA] Unfortunately this doesn't work on my local server: this rewrite rule requests http://localhost/index.php instead of http://localhost/example/index.php on my local server. How can I make this work on both my remote and local server?

Read the article
How can I run a PowerShell function remotely?

- by Aimar

Using powershell, I plan to run many functions on a remote host to gather information. Here is an example to retrieve the content of file remotely just by running a function called getcontentfile with the parameter as the name of the remote host: function getcontentfile { [CmdletBinding()] param($hostname) $info = Get-Content "C:\fileinfo.xml" write-host $info } This function should return information about the remote host to the local instance of PowerShell. How can I modify this script to do that?

Read the article
close ssh sessions

- by egor7

I'm using ~/.ssh/config for logging to the internal.local corporate server: Host internal.local ProxyCommand ssh -e none corporate.proxy nc %h %p But after closing session (typing exit), my sshd session on server stays still active (I see it through different connection). Hot do I close session or change my config in the appropriate way, to eleminate hang sessions? First check from the second, root session: ps -fu user_name user_name 861 855 0 16:58:16 pts/3 0:00 -bash user_name 855 854 0 16:58:13 ? 0:00 /usr/lib/ssh/sshd After logging out: user_name 855 854 0 16:58:13 ? 0:00 /usr/lib/ssh/sshd Just after scp files to/from the internal.local a new scp sessions still hangs on the server.

Read the article
SVN over VPN on Fedora 10

- by bryan

I would like to be able to pull changes on a remote server from an SVN server on a local development box. The SVN port is closed to the WAN but available via our LAN and we have a VPN setup locally. Is it difficult to setup the remote server to use VPN to connect to the remote SVN server and update code? If possible, how/where can I find out how to do this? Thanks in advance.

Read the article
How to inspect/modify Windows Firewall rules while the Windows Firewall/ICS service is stopped and disabled?

- by Kal

I'm trying to fix up my friend's remote Windows Server 2003 R2 machine. I have Remote Desktop access at the moment. However, I notice that Windows Firewall/Internet Connection Sharing service of the remote machine is disabled, which seems to be a bad idea. If I enable and start the service now, I may lose my Remote Desktop access in case the exception rule for Remode Desktop has not been defined in Windows Firewall. So I need a way to inspect and modify exception rules even as the Windows Firewall/ICS service is stopped and disabled. Does anybody know how?

Read the article
SSH login without password prompt

- by user477519

I am trying to set up Opennebula. I want to set up my local host so that I can log into my remote host without having to use the password. I have followed the instructions in the "Secure Shell Access" section in the installation instructions. I can not log into my remote host from my local host, but I can log into my local host from my remote host. Not sure what's going on. Any help would be appreciated. Thanks

Read the article
Windows Server VPN: Error 720

- by Nikita Zernov

I want to created vpn server on Windows Server 2012. First I installed Active Directory domain services, then Remote Access server role. Opened Gettng Started Wizard, entered configure just vpn. Then in Routing and Remote access selected Configure and Enable Routing and Remote Access. There selected custom configuration, vpn. Then created user in active directory and allowed network access permission. After this I tried to connect to vpn from windows 8. I get the following error: Error 720: A connection t the remote computer could not be established. You might need to change the network settings for this connection. What should I do?

Read the article
cron+pam heavily spamming my logs

- by Lo'oris

Two times every minute I get this in auth.log: May 12 15:21:01 ruptai CRON[25303]: pam_unix(cron:session): session opened for user root by (uid=0) May 12 15:21:01 ruptai CRON[25303]: pam_unix(cron:session): session closed for user root This never stops, two times every minute, every minute of every day. I've no idea what it is, I would just to stop it from pointless logging this stuff. This has been going on for ages so I can't recall when it started. OS is debian stable. Btw, I've found questions on google but no answers

Read the article
How can I push a git repository to a folder over SSH?

- by Rich

I have a folder called my-project inside which I've done git init, git commit -a, etc. Now I want to push it to an empty folder at /mnt/foo/bar on a remote server. How can I do this? I did try, based on what I'd read: cd my-project git remote add origin ssh://user@host/mnt/foo/bar/my-project.git git push origin master which didn't seem right (I'd assume source would come before destination) and it failed: fatal: '/mnt/boxee/git/midwinter-physiotherapy.git' does not appear to be a git repository fatal: The remote end hung up unexpectedly I'd like this to work such that I don't have to access the remote host and manually init a git repository every time ... do I have to do that? Am I going down the right route at all? Thanks.

Read the article

< Previous Page | 214 215 216 217 218 219 220 221 222 223 224 225 | Next Page >