Search Results

Search found 1925 results on 77 pages for 'auth'.

Page 22/77 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • Openvpn - stuck on Connecting

    - by user224277
    I've got a problem with openvpn server... every time when I trying to connect to the VPN , I am getting a window with login and password box, so I typed my login and password (login = Common Name (user1) and password is from a challenge password from the client certificate. Logs : Jun 7 17:03:05 test ovpn-openvpn[5618]: Authenticate/Decrypt packet error: packet HMAC authentication failed Jun 7 17:03:05 test ovpn-openvpn[5618]: TLS Error: incoming packet authentication failed from [AF_INET]80.**.**.***:54179 Client.ovpn : client #dev tap dev tun #proto tcp proto udp remote [Server IP] 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert user1.crt key user1.key <tls-auth> -----BEGIN OpenVPN Static key V1----- d1e0... -----END OpenVPN Static key V1----- </tls-auth> ns-cert-type server cipher AES-256-CBC comp-lzo yes verb 0 mute 20 My openvpn.conf : port 1194 #proto tcp proto udp #dev tap dev tun #dev-node MyTap ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/VPN.crt key /etc/openvpn/keys/VPN.key dh /etc/openvpn/keys/dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt #push „route 192.168.5.0 255.255.255.0? #push „route 192.168.10.0 255.255.255.0? keepalive 10 120 tls-auth /etc/openvpn/keys/ta.key 0 #cipher BF-CBC # Blowfish #cipher AES-128-CBC # AES #cipher DES-EDE3-CBC # Triple-DES comp-lzo #max-clients 100 #user nobody #group nogroup persist-key persist-tun status openvpn-status.log #log openvpn.log #log-append openvpn.log verb 3 sysctl : net.ipv4.ip_forward=1

    Read the article

  • /etc/hosts: What is loghost? (fresh install of Solaris 10 update 9)

    - by cjavapro
    # # Internet host table # ::1 localhost 127.0.0.1 localhost XX.XX.XX.XX myserver loghost What is the purpose of loghost? If it was not for having loghost in there, all the /etc/hosts files on all the servers in this particular network could be identical. Edit: I looked at /etc/syslog.conf #ident "@(#)syslog.conf 1.5 98/12/14 SMI" /* SunOS 5.0 */ # # Copyright (c) 1991-1998 by Sun Microsystems, Inc. # All rights reserved. # # syslog configuration file. # # This file is processed by m4 so be careful to quote (`') names # that match m4 reserved words. Also, within ifdef's, arguments # containing commas must be quoted. # *.err;kern.notice;auth.notice /dev/sysmsg *.err;kern.debug;daemon.notice;mail.crit /var/adm/messages *.alert;kern.err;daemon.err operator *.alert root *.emerg * # if a non-loghost machine chooses to have authentication messages # sent to the loghost machine, un-comment out the following line: #auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost) mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost) # # non-loghost machines will use the following lines to cause "user" # log messages to be logged locally. # ifdef(`LOGHOST', , user.err /dev/sysmsg user.err /var/adm/messages user.alert `root, operator' user.emerg * ) Very interesting. when shutting down,, alerts go to all users probably through *.emerg * Looking at ifdef, it seems that the first parameter checks to see if current machine is a loghost, second parameter is what to do if it is and third parameter is what to do if it is not. Edit: If you want to test a logging rule you can use svcadm restart system-log to restart the logging service and then logger -p notice "test" to send a test log message where notice can be replaced with any type such as user.err, auth.notice, etc.

    Read the article

  • Dovecot starting and running, but not listening on any port

    - by Dženis Macanovic
    Among others things I'm in charge of a Debian GNU/Linux (Wheezy) DomU for the mail services of the company i work for. Yesterday one HDD that was used for this particular server has died. After installing Debian again, Dovecot decided to no longer listen on any ports (checked with netstat -l). Other services (like Postfix and MySQL) work without problems. dovecot -n: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-amd64 x86_64 Debian wheezy/sid ext3 auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 150 last_valid_uid = 150 mail_gid = mail mail_location = maildir:/var/vmail/%d/%n mail_uid = vmail namespace inbox { inbox = yes location = prefix = } pass db { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = mail mode = 0666 user = vmail } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = </etc/ssl/private/mail.crt ssl_key = </etc/ssl/private/mail.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { mail_max_userip_connections = 25 } UID 150 is vmail (I double checked file permissions). I didn't install Dovecot from source, but via apt from the official Debian US mirror. There are no messages concerning Dovecot in /var/log/syslog except for: Oct 21 06:36:29 server dovecot: master: Dovecot v2.1.7 starting up (core dumps disabled) Any ideas?

    Read the article

  • Automatically reconnect to VPN when it drops

    - by IAmAI
    I use OpenVPN to connect to a VPN service. I will often use it unattended and on occasion I have come back to find the service disconnected and GUI asking for login credentials. If the connection is disconnected by the service, and not me, I'd like it to attempt to reconnect automatically with no intervention from me, and ideally, if the reconnection attempt initially fails, keep attempting to do so at regular intervals until a connection is successfully. Is there anyway to configure OpenVPN to do this? If not, can someone suggest a way of doing it with scripting (I use Windows)? Failing that, can anyone suggest a VPN solution that does this? The VPN provider supports PPTP as well as OpenVPN. I have configured OpenVPN to read login credentials from a file. Below is my config script. I have censored any details specific to the VPN provider. client dev tun proto tcp remote ???.???.??? 0000 resolv-retry infinite nobind persist-key persist-tun ca ???.???.??? verb 3 mute-replay-warnings float reneg-sec 0 auth-user-pass auth.conf auth-nocache Thanks for your help.

    Read the article

  • Django & google openid authentication with socialauth

    - by Zayatzz
    Hello I am trying to use django-socialauth (http://github.com/uswaretech/Django-Socialauth) for authenticating users for my django project. This is firs time working with openid and i've had to figure out how exactly this open id works. I have more or less understood it, by now, but there are few things that elude me. The authentication process starts when the request is put together in in django-socialauth.openid_consumer.views.begin. I can see that the outgoing authentication request is more or less something like this: https://www.google.com/accounts/o8/ud?openid.assoc_handle=AOQobUckRThPUj3K1byG280Aze-dnfc9Iu6AEYaBwvHE11G0zy8kY8GZ& openid.ax.if_available=fname& openid.ax.mode=fetch_request& openid.ax.required=email& openid.ax.type.email=http://axschema.org/contact/email& openid.ax.type.fname=http://example.com/schema/fullname& openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select& openid.identity=http://specs.openid.net/auth/2.0/identifier_select& openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0& openid.ns.ax=http://openid.net/srv/ax/1.0& openid.ns.sreg=http://openid.net/extensions/sreg/1.1& openid.realm=http://localhost/& openid.return_to=http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T11%3A19%3A44ZPZCjNc&openid.sreg.optional=postcode,country,nickname,email This is lot like 2nd example here: http://code.google.com/apis/accounts/docs/OpenID.html#Samples The problem is, that the request, i get back, is nothing like the corresponding example from code.google.com (look at the 3rd example in example responses. Response dict i get is like this: { 'openid.op_endpoint': 'https://www.google.com/accounts/o8/ud', 'openid.sig': 'QWMa4x4ruMUvSCfLwKV6CZRuo0E=', 'openid.ext1.type.email': 'http://axschema.org/contact/email', 'openid.return_to': 'http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T17%3A54%3A06ZHV4cqh', 'janrain_nonce': '2010-03-20T17:54:06ZHV4cqh', 'openid.response_nonce': '2010-03-20T17:54:06ZdC5mMu9M_6O4pw', 'openid.claimed_id': 'https://www.google.com/accounts/o8/id?id=AItOghawkFz0aNzk91vaQWhD-DxRJo6sS09RwM3SE', 'openid.mode': 'id_res', 'openid.ns.ext1': 'http://openid.net/srv/ax/1.0', 'openid.signed': 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,ns.ext1,ext1.mode,ext1.type.email,ext1.value.email', 'openid.ext1.value.email': '[email protected]', 'openid.assoc_handle': 'AOQobUfssTJ2IxRlxrIvU4Xg8HHQKKTEuqwGxvwwuPR5rNvag0elGlYL', 'openid.ns': 'http://specs.openid.net/auth/2.0', 'openid.identity': 'https://www.google.com/accounts/o8/id?id=AItOawkghgfhf1FkvaQWhD-DxRJo6sS09RwMKjASE', 'openid.ext1.mode': 'fetch_response'} The socialauth itself has been built to accept my email address this way: elif request.openid and request.openid.ax: email = request.openid.ax.get('email') And obviously this fails. Why i am asking all this is, that perhaps i am doing something wrong and my outgoing request is wrong? Or am i doing all correctly and should change the socialaouth module to accept info in a new way and then commit the change? Alan

    Read the article

  • Django & google openid authentication (openid.ax) with socialauth

    - by Zayatzz
    Hello I am trying to use django-socialauth (http://github.com/uswaretech/Django-Socialauth) for authenticating users for my django project. This is firs time working with openid and i've had to figure out how exactly this open id works. I have more or less understood it, by now, but there are few things that elude me. The authentication process starts when the request is put together in in django-socialauth.openid_consumer.views.begin. I can see that the outgoing authentication request is more or less something like this: https://www.google.com/accounts/o8/ud?openid.assoc_handle=AOQobUckRThPUj3K1byG280Aze-dnfc9Iu6AEYaBwvHE11G0zy8kY8GZ& openid.ax.if_available=fname& openid.ax.mode=fetch_request& openid.ax.required=email& openid.ax.type.email=http://axschema.org/contact/email& openid.ax.type.fname=http://example.com/schema/fullname& openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select& openid.identity=http://specs.openid.net/auth/2.0/identifier_select& openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0& openid.ns.ax=http://openid.net/srv/ax/1.0& openid.ns.sreg=http://openid.net/extensions/sreg/1.1& openid.realm=http://localhost/& openid.return_to=http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T11%3A19%3A44ZPZCjNc&openid.sreg.optional=postcode,country,nickname,email This is lot like 2nd example here: http://code.google.com/apis/accounts/docs/OpenID.html#Samples The problem is, that the request, i get back, is nothing like the corresponding example from code.google.com (look at the 3rd example in example responses. Response dict i get is like this: { 'openid.op_endpoint': 'https://www.google.com/accounts/o8/ud', 'openid.sig': 'QWMa4x4ruMUvSCfLwKV6CZRuo0E=', 'openid.ext1.type.email': 'http://axschema.org/contact/email', 'openid.return_to': 'http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T17%3A54%3A06ZHV4cqh', 'janrain_nonce': '2010-03-20T17:54:06ZHV4cqh', 'openid.response_nonce': '2010-03-20T17:54:06ZdC5mMu9M_6O4pw', 'openid.claimed_id': 'https://www.google.com/accounts/o8/id?id=AItOghawkFz0aNzk91vaQWhD-DxRJo6sS09RwM3SE', 'openid.mode': 'id_res', 'openid.ns.ext1': 'http://openid.net/srv/ax/1.0', 'openid.signed': 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,ns.ext1,ext1.mode,ext1.type.email,ext1.value.email', 'openid.ext1.value.email': '[email protected]', 'openid.assoc_handle': 'AOQobUfssTJ2IxRlxrIvU4Xg8HHQKKTEuqwGxvwwuPR5rNvag0elGlYL', 'openid.ns': 'http://specs.openid.net/auth/2.0', 'openid.identity': 'https://www.google.com/accounts/o8/id?id=AItOawkghgfhf1FkvaQWhD-DxRJo6sS09RwMKjASE', 'openid.ext1.mode': 'fetch_response'} The socialauth itself has been built to accept my email address this way: elif request.openid and request.openid.ax: email = request.openid.ax.get('email') And obviously this fails. Why i am asking all this is, that perhaps i am doing something wrong and my outgoing request is wrong? Or am i doing all correctly and should change the socialaouth module to accept info in a new way and then commit the change? Alan

    Read the article

  • How can I conditionally only log something if it's a certain Class?

    - by BryanWheelock
    Something like this: if self.class == "User": logging.debug("%s non_pks were found" % (str(len(non_pks))) ) In [2]: user = User.objects.get(pk=1) In [3]: user.class Out[3]: In [4]: if user.class == 'django.contrib.auth.models.User': print "yes" ...: In [5]: user.class == 'django.contrib.auth.models.User' Out[5]: False In [6]: user.class == 'User' Out[6]: False In [7]: user.class == "" Out[7]: False

    Read the article

  • Google Hybrid OpenID+OAuth with dotnetopenauth

    - by Max Favilli
    I have spent probably more than 10 hours in the last two days trying to understand how to implement user login with Google Hybrid OpenID+OAuth (Federated Login) To trigger the authorization request I use: InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager( ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) { Realm realm = HttpContext.Current.Request.Url.Scheme + Uri.SchemeDelimiter + ConfigurationManager.AppSettings["googleConsumerKey"] + "/"; IAuthenticationRequest request = openid.CreateRequest(identifier, Realm.AutoDetect, new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + "/OAuth/google")); var authorizationRequest = new AuthorizationRequest { Consumer = ConfigurationManager.AppSettings["googleConsumerKey"], Scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/plus.me", }; request.AddExtension(authorizationRequest); request.AddExtension(new ClaimsRequest { Email = DemandLevel.Request, Gender = DemandLevel.Require }); request.RedirectToProvider(); } To retrieve the accesstoken I use: using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) { IAuthenticationResponse authResponse = openid.GetResponse(); if (authResponse != null) { switch (authResponse.Status) { case AuthenticationStatus.Authenticated: HttpContext.Current.Trace.Write("AuthenticationStatus", "Authenticated"); FetchResponse fr = authResponse.GetExtension<FetchResponse>(); InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager(ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); ServiceProviderDescription spd = new ServiceProviderDescription { spd.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); spd.AccessTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); spd.UserAuthorizationEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/auth?access_type=offline", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); spd.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }; WebConsumer wc = new WebConsumer(spd, tm); AuthorizedTokenResponse accessToken = wc.ProcessUserAuthorization(); if (accessToken != null) { HttpContext.Current.Trace.Write("accessToken", accessToken.ToString()); } else { } break; case AuthenticationStatus.Canceled: HttpContext.Current.Trace.Write("AuthenticationStatus", "Canceled"); break; case AuthenticationStatus.Failed: HttpContext.Current.Trace.Write("AuthenticationStatus", "Failed"); break; default: break; } } } Unfortunatelly I get AuthenticationStatus.Authenticated but wc.ProcessUserAuthorization() is null. What am I doing wrong? Thanks a lot for any help.

    Read the article

  • sudo taking long time

    - by Sam
    On a Ubuntu 9 64bit Linux machine, sudo takes longer time to start. "sudo echo hi" takes 2-3 minutes. strace on sudo tells poll("/etc/pam.d/system-auth", POLLIN) timesout after 5 seconds and there are multiple calls(may be a loop) to same system call (which causes 2-3min delay). Any idea why sudo has to wait for /etc/pam.d/system-auth? Any tunable to make sudo to timeout faster? Thanks Samuel

    Read the article

  • authorizet.net local testing and ssl certificate

    - by Funky Dude
    hi i am integrating authorize.net AIM api into my shopping cart. i have a developer account from auth.net and i am working locally. when i do auth.net api call, i get SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed i assume it's because i dont have ssl on my local machine. how do i get over this so i can test on my local machine? thank you

    Read the article

  • cake php AppController and inheritance

    - by RSK
    hello folks........ In many tutorial of Acl component in cakephp i got instruction that add component either in AppController or in all the other controllers which inherits AppController....... but problem is var $components=array('Auth',Acl); when i use the above line in AppConroller i cant use the Auth or Acl component... but when i use the same code in all the child classes it works fine........ what will be the problem thanks in advance any help will be appreciated.

    Read the article

  • Any good OpenID php consumer libs?

    - by daniels
    I need a php lib that can auth using OpenID against sites offering this service, like Google, Yahoo, Wordpress, etc... Anyone used any lib that actuallly works? I've tryied a few but couldn't get any to auth against Google, Yahoo, or Wordpress.

    Read the article

  • Maven site deploy authentication error with scp

    - by Navi
    I get Auth fail error when running mvn -X site:deploy. org.apache.maven.wagon.authentication.AuthenticationException: Cannot connect. Reason: Auth fail It seems that the correct private key is used and I can scp files normally to the project site directory using scp on Ubuntu. What can be causing this?

    Read the article

  • Combine Related Resources With TastyPie

    - by Aaron Ng
    How can I combine multiple Resources in TastyPie? I have 3 models I'd like to combine: users, profiles and posts. Ideally I'd like profiles nested within user. I'm not sure where to go from here. class UserResource(ModelResource): class Meta: queryset = User.objects.all() resource_name = 'user' fields = ['username','id','date_joined'] #Improper Auth authorization = Authorization() class UserProfileResource(ModelResource): class Meta: queryset = UserProfile.objects.all() resource_name = 'profile' class UserPostResource(ModelResource): user = fields.ForeignKey(UserResource,'user', full=True) class Meta: queryset = UserPost.objects.all() resource_name = 'userpost' #Improper Auth authorization = Authorization()

    Read the article

  • Adding user role constraint redirects Browser to jsf.js script?

    - by simgineer
    My JSF form login was working with Constraint 1 however when I added Constraint 2 to my web.xml doing a submit on the form now takes me to a jsf javascript page. Can someone tell me what I am doing wrong? I would like only administrators to be able to access the /admin/* pages and only registered users to access the entire site included admin files. BTW after I see the java script page I can still navigate to the intended page in the browser, I just don't want the user to see the intermediate js page or need to know the target page URL. Constraint 1 <security-constraint> <display-name>Admin</display-name> <web-resource-collection> <url-pattern>/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ADMIN</role-name> </auth-constraint> </security-constraint> Constraint 2 <security-constraint> <display-name>Users</display-name> <web-resource-collection> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>USER</role-name> </auth-constraint> </security-constraint> Here is the undesired url I am being redirected to: javax.faces.resource/jsf.js.xhtml?ln=javax.faces&stage=Development Here is the start of the jsf.js.xhtml... /** @project JSF JavaScript Library @version 2.0 @description This is the standard implementation of the JSF JavaScript Library. */ /** * Register with OpenAjax */ if (typeof OpenAjax !== "undefined" && typeof OpenAjax.hub.registerLibrary !== "undefined") { OpenAjax.hub.registerLibrary("jsf", "www.sun.com", "2.0", null); } // Detect if this is already loaded, and if loaded, if it's a higher version if (!((jsf && jsf.specversion && jsf.specversion >= 20000 ) && (jsf.implversion && jsf.implversion >= 3))) { ... Notes I'm using Firefox 10.0.4, Glassfish 3.1 w JSF2.0 lib, j_security_check, and my login realm setup is similar to this

    Read the article

  • Freeradius problem

    - by IceAgeBosna
    Hello my Dear friends! Firstly sorry to my English I am not an expert:) I am using freeradius 2.1.7 and MySQL instaled on Ubuntu server 9.04. Now, the perl script called: "auth.pl" is verifying usersnames, passwords, and updating information. The problem is that on a certain number of connections simply "NAS" - Mikrotik until the next reboot users can not connect. If you need i cann show you auth.pl script

    Read the article

  • Authenticate User manually

    - by Sergey
    I am trying to authenticate the user after I got credentials using oAuth (with Twitter if that makes a difference). As far as I could understand it, I can directly put the Authentication object into SecurityContextHolder. Here is how I do it: Authentication auth = new TwitterOAuthAuthentication(member, userDetailsService.loadUserByUsername(member.getUsername()).getAuthorities()); SecurityContextHolder.getContext().setAuthentication(auth); This for some reason does absolutely nothing. What am I missing and what should I do to accomplish what need?

    Read the article

  • Php framework for fast developing

    - by nucleartux
    Please advise a php framework for fast developing and for don't digress to write often using code(auth, db/orm,etc..). Requrements: Active community Easy to use simple many to many and many to one relations auth. mechanism RoR like Please sorry for english.

    Read the article

  • My login controller doesn't work. Problem with fetching username.

    - by misterwebz
    Currently my login controller doesn't work because i can't seem to fetch the username and password. I'm currently using something like this: form_username = str(request.params.get('username')) db_user = meta.Session.query(User).filter_by(username=form_username) if db_user is None: return redirect('auth/error') No matter which username is use, db_user always returns True and thus never goes to auth/error. I used the shell to play with this and i was able establish a connection with the database, so i'm not sure what i'm doing wrong here.

    Read the article

  • Can't send mail from Windows Phone (Postfix server)

    - by Dominic Williams
    Some background: I have a Dovecot/Postfix setup to handle email for a few domains. We have imap and smtp setup on various devices (Macs, iPhones, PCs, etc) and it works no problem. I've recently bought a Windows Phone and I'm trying to setup the mail account on there. I've got the imap part working great but for some reason it won't send mail. mail.log with debug_peer_list I've put this on pastebin because its quite long: http://pastebin.com/KdvMDxTL dovecot.log with verbose_ssl Apr 14 22:43:50 imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [109.151.23.129] Apr 14 22:43:51 imap-login: Info: Login: user=<pixelfolio>, method=PLAIN, rip=109.151.23.129, lip=94.23.254.175, mpid=24390, TLS Apr 14 22:43:53 imap(pixelfolio): Info: Disconnected: Logged out bytes=9/331 Apr 14 22:43:53 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [109.151.23.129] postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix debug_peer_list = 109.151.23.129 inet_interfaces = all mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 message_size_limit = 50240000 milter_default_action = accept milter_protocol = 2 mydestination = ks383809.kimsufi.com, localhost.kimsufi.com, localhost myhostname = ks383809.kimsufi.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname non_smtpd_milters = inet:127.0.0.1:8891,inet:localhost:8892 readme_directory = no recipient_delimiter = + smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_milters = inet:127.0.0.1:8891,inet:localhost:8892 smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_domains = domz.co.uk ruck.in vjgary.co.uk scriptees.co.uk pixelfolio.co.uk filmtees.co.uk nbsbar.co.uk virtual_alias_maps = hash:/etc/postfix/alias_maps doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38.2-grsec-xxxx-grs-ipv6-64 x86_64 Ubuntu 11.10 auth_mechanisms = plain login log_path = /var/log/dovecot.log mail_location = mbox:~/mail/:INBOX=/var/mail/%u passdb { driver = pam } protocols = imap service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } verbose_ssl = yes Any suggestions or help greatly appreciated. I've been pulling my hair out with this for hours! EDIT This seems to be my exact problem, but I already have broken_sasl set to yes and the 'login' auth mechanism added? http://forums.gentoo.org/viewtopic-t-898610-start-0.html

    Read the article

  • How to start dovecot?

    - by chudapati09
    I'm building a web server to host multiple websites. I got everything working except the mail server. I'm using linode to host my vps and I've been following their tutorials. FYI, I'm using Ubuntu 11.10. Here is the link I've been following, http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid. I got up to the part where it tells me to restart dovecot, so I tried "service dovecot restart". But then I get this "restart: Unknown instance:". I'm logged in as root, so I'm not using sudo. Since that didn't work I tried "/etc/init.d/dovecot restart" and I get "dovecot start/running, process 4760". So I try "/etc/init.d/dovecot status" and I get "dovecot stop/waiting". So I tried "service dovecot start" and I get "dovecot start/running, process 4781". So I tried to get the status, so I tired "service dovecot status" and got "dovecot stop/waiting" Then I tired "/etc/init.d/dovecot start" and I get "dovecot start/running, process 4794". So I tired to get the status, so I tired "/etc/init.d/dovecot status" and got "dovecot stop/waiting" Just for kicks and giggles I tired to kill the process, I used the PID that I got when I did "service dovecot start", this was the command "kill -9 4444" and I get this "bash: kill: (4805) - No such process" Am I doing something wrong? --EDIT 1-- The following are logs that were found in /var/log/syslog that involved dovecot dovecot: master: Dovecot v2.0.13 starting up (core dumps disabled) dovecot: ssl-params: Generating SSL parameters dovecot: ssl-params: SSL parameters regeneration completed dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) kernel: init: dovecot main process (10276) terminated with status 89 kernel: init: dovecot main process (10289) terminated with status 89 kernel: init: dovecot main process (10452) terminated with status 89 kernel: init: dovecot main process (2275) terminated with status 89 kernel: init: dovecot main process (3028) terminated with status 89 kernel: init: dovecot main process (3216) terminated with status 89 kernel: init: dovecot main process (3230) terminated with status 89 kernel: init: dovecot main process (3254) terminated with status 89 kernel: init: dovecot main process (3813) terminated with status 89 kernel: init: dovecot main process (3845) terminated with status 89 kernel: init: dovecot main process (4664) terminated with status 89 kernel: init: dovecot main process (4760) terminated with status 89 kernel: init: dovecot main process (4781) terminated with status 89 kernel: init: dovecot main process (4794) terminated with status 89 kernel: init: dovecot main process (4805) terminated with status 89 --Edit 2 (/etc/dovecot/dovecot.conf)-- The following is the dovecot.conf file protocols = imap imaps pop3 pop3s log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/home/vmail/%d/%n/Maildir ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem namespace private { separator = . prefix = INBOX. inbox = yes } protocol lda { log_path = /home/vmail/dovecot-deliver.log auth_socket_path = /var/run/dovecot/auth-master postmaster_address = postmaster@[mydomainname.com] mail_plugins = sieve global_script_path = /home/vmail/globalsieverc } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } auth default { user = root passdb sql { args = /etc/dovecot/dovecot-sql.conf } userdb static { args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes } socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } -- Edit 3 (/var/log/mail.log) -- The following is what is in /var/log/mail.log dovecot: master: Dovecot v2.0.13 starting up (core dumps disabled) dovecot: ssl-params: Generating SSL parameters postfix/master[9917]: daemon started -- version 2.8.5, configuration /etc/postfix dovecot: ssl-params: SSL parameters regeneration completed postfix/master[9917]: terminating on signal 15 postfix/master[10196]: daemon started -- version 2.8.5, configuration /etc/postfix dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) postfix/master[2435]: daemon started -- version 2.8.5, configuration /etc/postfix postfix/master[2435]: terminating on signal 15 postfix/master[2965]: daemon started -- version 2.8.5, configuration /etc/postfix

    Read the article

  • Ubuntu 12.04 // Likewise Open // Unable to ever authenticate AD users

    - by Rob
    So Ubuntu 12.04, Likewise latest from the beyondtrust website. Joins domain fine. Gets proper information from lw-get-status. Can use lw-find-user-by-name to retrieve/locate users. Can use lw-enum-users to get all users. Attempting to login with an AD user via SSH generates the following errors in the auth.log file: Nov 28 19:15:45 hostname sshd[2745]: PAM unable to dlopen(pam_winbind.so): /lib/security/pam_winbind.so: cannot open shared object file: No such file or directory Nov 28 19:15:45 hostname sshd[2745]: PAM adding faulty module: pam_winbind.so Nov 28 19:15:51 hostname sshd[2745]: error: PAM: Authentication service cannot retrieve authentication info for DOMAIN\\user.name from remote.hostname Nov 28 19:16:06 hostname sshd[2745]: Connection closed by 10.1.1.84 [preauth] Attempting to login via the LightDM itself generates similar errors in the auth.log file. Nov 28 19:19:29 hostname lightdm: PAM unable to dlopen(pam_winbind.so): /lib/security/pam_winbind.so: cannot open shared object file: No such file or directory Nov 28 19:19:29 hostname lightdm: PAM adding faulty module: pam_winbind.so Nov 28 19:19:47 hostname lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "DOMAIN\user.name" Nov 28 19:19:52 hostname lightdm: [lsass-pam] [module:pam_lsass]pam_sm_authenticate error [login:DOMAIN\user.name][error code:40022] Nov 28 19:19:54 hostname lightdm: PAM unable to dlopen(pam_winbind.so): /lib/security/pam_winbind.so: cannot open shared object file: No such file or directory Nov 28 19:19:54 hostname lightdm: PAM adding faulty module: pam_winbind.so Attempting to login via a console on the system itself generates slightly different errors: Nov 28 19:31:09 hostname login[997]: PAM unable to dlopen(pam_winbind.so): /lib/security/pam_winbind.so: cannot open shared object file: No such file or directory Nov 28 19:31:09 hostname login[997]: PAM adding faulty module: pam_winbind.so Nov 28 19:31:11 hostname login[997]: [lsass-pam] [module:pam_lsass]pam_sm_authenticate error [login:DOMAIN\user.name][error code:40022] Nov 28 19:31:14 hostname login[997]: FAILED LOGIN (1) on '/dev/tty2' FOR 'DOMAIN\user.name', Authentication service cannot retrieve authentication info Nov 28 19:31:31 hostname login[997]: FAILED LOGIN (2) on '/dev/tty2' FOR 'DOMAIN\user.name', Authentication service cannot retrieve authentication info I am baffled. The errors obviously are correct, the file /lib/security/pam_winbind.so does not exist. If its a dependancy/required, surely it should be part of the package? I've installed/reinstalled, I've used the downloaded package from the beyondtrust website, i've used the repository, nothing seems to work, every method of installing this application generates the same errors for me. UPDATE : Hrmm, I thought likewise didn't use native winbind but its own modules. Installing winbind from apt-get uninstalls pbis-open (likewise) and generates failures when installing if pbis-open is installed first. Uninstalled winbind, reinstalled pbis-open, same issue as above. The file pam_winbind.so does not exist in that location. Setting up pbis-open-legacy (7.0.1.918) ... Installing Packages was successful This computer is joined to DOMAIN.LOCAL New libraries and configurations have been installed for PAM and NSS. Clearly it thinks it has installed it, but it hasn't. It may be a legacy issue with the previous attempt to configure domain integration manually with winbind. Does anyone have a working likewise-open installation and does the /etc/nsswitch.conf include references to winbind? Or do the /etc/pam.d/common-account or /etc/pam.d/common-password reference pam_winbind.so? I'm unsure if those entries are just legacy or setup by likewise. UPDATE 2 : Complete reinstall of OS fixed it and it worked seamlessly, like it was meant to and those 2 PAM files did NOT include entries for pam_winbind.so, so that was the underlying problem. Thanks for the assist.

    Read the article

  • Desktop login fails, terminal works

    - by Tobias
    I have a freshly setup 12.04 LTS pc system (120 GB SSD, 1 TB HDD, 16 GiB RAM); since a few days, I can't login to the graphical desktop anymore: there is very short flashing shell window which disappears very quickly, and I'm confronted with the login screen again. I believe there is something about modprobe and vbox, but I can't read it fast enough ... I can login to a terminal (Ctrl+Alt+F1). It did not help to chown all contents of my home directory to me:my-group, like suggested here. This is what I could find in /var/log, grepping for the date and time (I inserted linebreaks after <my-hostname>; real time values preserved): auth.log: <date> 22:43:01 <my-hostname> lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "tobias" <date> 22:43:08 <my-hostname> lightdm: pam_unix(lightdm:session): session closed for user lightdm <date> 22:43:08 <my-hostname> lightdm: pam_unix(lightdm:session): session opened for user tobias by (uid=0) <date> 22:43:08 <my-hostname> lightdm: pam_ck_connector(lightdm:session): nox11 mode, ignoring PAM_TTY :0 <date> 22:43:08 <my-hostname> lightdm: pam_unix(lightdm:session): session closed for user tobias <date> 22:43:09 <my-hostname> lightdm: pam_unix(lightdm:session): session opened for user lightdm by (uid=0) <date> 22:43:09 <my-hostname> lightdm: pam_ck_connector(lightdm:session): nox11 mode, ignoring PAM_TTY :0 <date> 22:43:10 <my-hostname> lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "tobias" <date> 22:43:10 <my-hostname> dbus[756]: [system] Rejected send message, 2 matched rules; type="method_call", sender="1:43" (uid=104 pid=1639 comm="/usr/lib/indicator-datetime/indicator-datetime-ser") interface="org.freedesktop.DBus.Properties" member="GetAll" error name="(unset)" requested_reply="0" destination=":1.15" (uid=0 pid=1005 comm="/usr/sbin/console-kit-daemon --no-daemon ") kern.log: <date> 22:43:00 <my-hostname> kernel: [ 16.084525] eth0: no IPv6 routers present syslog: <date> 22:43:00 <my-hostname> kernel: [ 16.084525] eth0: no IPv6 routers present <date> 22:43:01 <my-hostname> ntpdate[1492]: adjust time server 91.189.94.4 offset -0.162831 sec <date> 22:43:08 <my-hostname> acpid: client 969[0:0] has disconnected <date> 22:43:08 <my-hostname> acpid: client connected from 1553[0:0] <date> 22:43:08 <my-hostname> acpid: 1 client rule loaded I have Virtualbox and Truecrypt installed, but I can't think of a reason why they might prevent a graphical login. I'm confused: What is this about requirement "user ingroup nopasswdlogin" not met? I do login using a password, and the password works ok when logging in to a terminal! Can I somehow read the error output, e.g. by delaying it, redirecting it to a file, or having the system prompt me for pressing a key? Has possibly any recent update caused my problem? Should I install the pending updates? How, btw, without access to the graphical UI? I have some working knowledge about the Linux shell, but I'm new to Ubuntu. Any help would be appreciated.

    Read the article

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >