Search Results

Search found 12055 results on 483 pages for 'password complexity'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 401/483 | < Previous Page | 397 398 399 400 401 402 403 404 405 406 407 408  | Next Page >

  • Don't let the mouse wake up displays from standby

    - by progo
    I like to put my displays to powersave/standby mode when I leave the computer for a while. It would be ok if it weren't for oversensitive mouse. Sometimes the driver reads in some movement that's not visible to the naked eye (the cursor, that is) and it breaks the power save. It would wait for another 10 minutes before going back to its standby. My workaround is the following script bound to C-S-q: xlock -startCmd 'xset dpms 2 2 2' -endCmd 'xset dpms 600 1200 1300' -mode blank -echokeys -timeelapsed +usefirst By using xset I set the values to 2 seconds each before going to standby. It's not nice, anyway. Sometimes there are cool fortunes that I want to read before typing in the password. I could keep the cursor moving but it's cludgy. (By the way, xlock's option mousemotion doesn't help -- it just hides the cursor but the displays fire up nevertheless.) So the question: is there a way to make displays go standby and stay there until a keyboard key is pressed? I'm running gentoo and recent Xorg, but I hope the answer doesn't have to be distro-specific. Basically the answer can be as simple as how to enable/disable mouse within command line? It think that would do the job if DPMS doesn't know the idea.

    Read the article

  • What is the advantage of not running as root? [closed]

    - by Shmuel Brill
    Possible Duplicate: What's wrong with always being root? All modern brands of Linux highly discourage (or disable) one from running as root instead of a normal user. I do not understand why. As a "normal" user, one could Download a rouge program from the internet. Run it (After all, one isn't root, what can it do). It installs itself in .bashrc or .xinitrc It writes a rouge "sudo" and "su" and adds . to the path Not noticing that . is in path, one runs sudo. The rouge program now has root password and can do anything it wants in the system. Even if 3-6 doesn't happen, the program could still Be part of a botnet. Read all files in the home directory and send them back (mine for SS#, Credit Card numbers, bank account numbers, etc). Send spam. Run a backdoor server to allow an attacker a chance to connect to the machine to determine vulnerabilities. It seems that the whole "permissions" thing (root/non-root) is just to prevent amateur crackers from getting into the system, so the question is: Is there a point in avoiding running as root, and is there a way to protect oneself if one wants to run unsafe code?

    Read the article

  • SSH public key authentication -- always require users to generate their own keypair?

    - by schinazi
    I was working with a partner today that I needed to upload files to my server using scp. I have passwords turned off in the server's SSH configuration, so I wanted them to use public key authentication. I generated the keypair for them on the server and gave them the private key and put the public key in the appropriate authorized_keys file. After a bunch of problems with them setting up their job, they finally got a more experienced sysadmin involved on their end, and he scolded me for handling the key generation this way. He said that by giving them a private key generated on my system, I had enabled them to do a brute-force attack against other keys generated on the same server. I even asked him "so if I have an account on a server, and I can log in with a password but I want to automate something and I generate a keypair on that system, does that then give me an attack vector for brute forcing other users' keys?" and he said yes. I've never heard of this, is it true? Can anyone point me to a discussion of this attack? Thanks in advance.

    Read the article

  • Bacula v5.0.2 Windows Installation Issues

    - by JohnyD
    First off, I am very new to Bacula but I'm very intriqued from what I've read. I'm looking to set up Bacula 5.0.2 on a Windows 2008 R2 server. I've run the installer and at the end it asks me to configure DIR name, DIR password, DIR Address. Windows documentation is somewhat hard to come by and I'm not certain what exactly I'm supposed to enter here. Do I need to create a local account that matches this info? Will the installation process create the account for me? Will this be the account that handles the FD daemon/service? I'm also not certain if Address means network location or local direcory. I apologize for my ignorance. Currently I'm trying to use the following information: Name: john pass: john address: thin1 (server name although I have also tried thin1.fqdm.local and 10.0.0.104) This info allows for the installer to complete successfully. However, when I run the BAT it hangs at, "Connecting to Director thin1:9101". The Bacula File Service is currently running under the local system account. What am I doing wrong? What do I have yet to do? Once I get this working properly I assume I will need to install clients on all my Windows boxes? Also, this is a 64-bit cpu but I am installing the 32-bit client. Are there any issues with this? Should I be using the 32-bit client? Thanks very much for the help.

    Read the article

  • JAWStats statspath error on windows

    - by crosenblum
    I have AWStats which works fine, and JAWStats I am trying to get working. I have tried back and forward slashes to get the program to read the dirdata files. I even moved the folder of dirdata outside of program files folder, in case it had problems with folder names with spaces in them. Here is my config file. // core config parameters $sConfigDefaultView = "thismonth.all"; $bConfigChangeSites = true; $bConfigUpdateSites = true; $sUpdateSiteFilename = "xml_update.php"; // individual site configuration // awstats092012.noname.jumpingcrab.com.txt $aConfig["site1"] = array( "statspath" => "C:\\Program Files\\AWStats\\DirData\\", "statsname" => "awstats[MM][YYYY].yourexample.com.txt", "updatepath" => "C:\\Program Files\\AWStats\\wwwroot\\cgi-bin\\awstats.pl\\", "siteurl" => "http://yourexample.com", "theme" => "default", "fadespeed" => 250, "password" => "", "includes" => "" ); Domain names changed to protect the innocent...:P Here is the error message: An error has occured: No AWStats Log Files Found JAWStats cannot find any AWStats log files in the specified directory: C:\Program Files\AWStats\DirData\ Is this the correct folder? Is your config name, site1, correct? Please refer to the installation instructions for more information.

    Read the article

  • EEE PC Keyboard malfunctioning - Ctrl key "sticks" after 10 seconds

    - by DWilliams
    I was given a EEE PC belonging to a friend of a friend to fix. The keyboard did not appear to work at all. I spent a while testing out various things, blowing the keyboard out, checking for damage, and so on. Nothing appeared to be physically wrong. At first I noticed that the keyboard appeared to work just fine for 10 seconds (on average, sometimes more sometimes less) after being powered on. It had been restored to the factory default xandros installation with no user set up, so I couldn't get in to mess with things since I couldn't type to make a user. I made an ubuntu live USB to boot it from, and managed to get the boot order changed to boot from USB in the ~10 seconds of working keyboard I had (I don't think I've ever had to rush around BIOS menus that quickly). After I got Ubuntu up on it, I played around a bit more and determined that apparently the ctrl key is stuck down (not literally, but it's on all the time). If I open gedit, pressing the "o" key brings the open dialog, "s" opens the save dialog, and all other behaviour you would expect to see if you were holding down the control key. The only exception that I noticed is the "9" and "0" keys. They function normally. Figuring that out I made a xandros user with a name/password consisting of 9's and 0's. I couldn't find any options in Xandros that could potentially be helpful. I'm not familiar with EEE PCs. Is it safe to assume that the keyboard is simply dead or could there be another problem? I don't want to purchase another keyboard for him if that isn't going to fix the problem. The netbook doesn't show any obvious signs of damage but the owner is a biker and very often has it with him on the road so it's been subjected to a good bit of vibration.

    Read the article

  • saslauthd authentication error

    - by James
    My server has developed an expected problem where I am unable to connect from a mail client. I've looked at the server logs and the only thing that looks to identify a problem are events like the following: Nov 23 18:32:43 hig3 dovecot: imap-login: Login: user=, method=PLAIN, rip=xxxxxxxx, lip=xxxxxxx, TLS Nov 23 18:32:55 hig3 postfix/smtpd[11653]: connect from xxxxxxx.co.uk[xxxxxxx] Nov 23 18:32:55 hig3 postfix/smtpd[11653]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Nov 23 18:32:55 hig3 postfix/smtpd[11653]: warning: xxxxxxx.co.uk[xxxxxxxx]: SASL LOGIN authentication failed: generic failure Nov 23 18:32:56 hig3 postfix/smtpd[11653]: lost connection after AUTH from xxxxxxx.co.uk[xxxxxxx] Nov 23 18:32:56 hig3 postfix/smtpd[11653]: disconnect from xxxxxxx.co.uk[xxxxxxx] The problem is unusual, because just half an hour previously at my office, I was not being prompted for a correct username and password in my mail client. I haven't made any changes to the server, so I can't understand what would have happened to make this error occur. Searches for the error messages yield various results, with 'fixes' that I'm uncertain of (obviously don't want to make it worse or fix something that isn't broken). When I run testsaslauthd -u xxxxx -p xxxxxx I also get the following result: connect() : No such file or directory But when I run testsaslauthd -u xxxxx -p xxxxxx -f /var/spool/postfix/var/run/saslauthd/mux -s smtp I get: 0: OK "Success." I found those commands on another forum and am not entirely sure what they mean, but I'm hoping they might give an indication of where the problem might lie. If it makes any difference, I'm running Ubuntu 10.04.1, Postfix 2.7.0 and Webmin/ Virtualmin.

    Read the article

  • Can one config LDAP to accept auth from ssh-agent instead of from Kerberos?

    - by Alex North-Keys
    [This question is not about getting your LDAP password to authenticate you for SSH logins. We have that working just fine, thank you :-) ] Let's suppose you're on a Linux network (Ubuntu 11.10, slapd 2.4.23), and you need to write a set of utilities that will use ldapmodify, ldapadd, ldapdelete, and so on. You don't have Kerberos, and don't want to deal with its timeouts (most users don't know how to get around this), quirks, etc. This resolves the question to one of where else to get credentials to feed to LDAP, probably through GSSAPI - which technically doesn't require Kerberos despite its dominance there - or something like it. However, nearly everyone seems to have an SSH agent program, complete with its key cache. I'd really like an ssh-add to be sufficient to allow passwordless LDAP command use. Does anyone know of a project working on using the SSH agent as the source of authentication to LDAP? It might be through an ssh-aware GSSAPI layer, or some other trick I haven't thought of. But it would be wonderful for making LDAP effortless. Assuming I haven't just utterly missed a way to use ldapmodify and kin without having to type my LDAP passwords - using -x is NOT acceptable. At my site, the LDAP server only accepts ldaps connections, and requires authentication for modifying operations. Those are requirements, of course. Any ideas would be greatly appreciated. :-)

    Read the article

  • Run Explorer in SYSTEM account on Windows Vista or 7 using Sysinternal’s psexec tool?

    - by Rob
    Has anyone been successful at launching an instance of Windows Explorer in the SYSTEM account on Windows Vista or 7? It is possible to do this on XP, but I haven't been able to get it to completely work in Vista or 7. Trying to launch Explorer as SYSTEM into session 1 (my user session) results in Explorer exiting immediately and returning an error code of 1. I can launch Explorer as SYSTEM into session 0 with the following command: psexec -i 0 -s explorer That will create an instance of explorer running as SYSTEM with a taskbar and start menu on the hidden session 0 desktop, but won't let you open a file browser window. If you switch to the hidden session 0 desktop and try to open an Explorer window from there to browse files, the following error message appears: "The server process could not be started because the configured identity is incorrect. Check the username and password." I have set the following registry key to 1 for my user account and the SYSTEM account: \Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess There has got to be a way to make this work? If it is not possible, can anyone explain why? -Rob

    Read the article

  • Trying to configure DNS on a Godaddy Virtual Dedicated host, Mediatemple Domain Registration [closed]

    - by dclowd9901
    A client of mine purchased VD hosting with Godaddy and a domain name with Mediatemple. I've never configured DNS from scratch, and I'm finding it very difficult to find any sort of explanation on how to go about it. As of right now, Mediatemple is pointing to the Godaddy's ns1.domaincontrol.com and ns2.domaincontrol.com nameservers. The VD hosting on Godaddy (via their Simple Control Panel) has options to "Add a new domain", which brings you through a wizard of sorts that asks you if the domain has already been registered (yes), what it is (dclowd9901.com for this example), create a system username and password for it (with checkboxes for SSH and FTP access), which level of user can administer it, and whether a mail account should be setup. When complete, it also creates a zone file. In this zone file, the Primary nameserver is ns1.dclowd9901.com; the records are as follow (where 12.23.12.34 is the presumed host): @ A 12.23.12.34 @ NS ns1 @ NS ns2 ns1 A 12.23.12.34 ns2 A 12.23.12.34 @ MX mail www A 12.23.12.34 ftp A 12.23.12.34 ssh A 12.23.12.34 mail A 12.23.12.34 If anyone can shed any light on this for me, explain to me the interactions between the registrar and the host and so on, I'd be very grateful. Thanks in advance for the help.

    Read the article

  • Unable to add datasource in ColdFusion 9 and SQL Server 2008 R2

    - by Evik James
    I just installed SQL Server 2008 R2 and ColdFusion 9.0.1 on my Windows 7 machine for development use only. I have ColdFusion running well and serving pages (that aren't connected to a database). I can view my databases in SQL Server Management Studio. I successfully restored a few small databases and now I am trying to set up datasources for them through the ColdFusion Administrator. On my other machine, this was super easy. Not so much this time. The database I just added is named "Test". I am getting this error: Connection verification failed for data source: Test java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]Error establishing socket to host and port: localhost:1433. Reason: Connection refused: connect The root cause was that: java.sql.SQLNonTransientConnectionException: [Macromedia][SQLServer JDBC Driver]Error establishing socket to host and port: localhost:1433. Reason: Connection refused: connect It looks like the connection between ColdFusion and SQL Server is being refused. I know, brilliant observation, right? On my other machine, I was able to create datasources with just the default settings, no server name, username, or password. Any clue as to what might be the cause and how I might fix it?

    Read the article

  • ProFTPD / PAM issues with new centos/virtualmin install

    - by iamthewit
    I just installed CentOS 5.4 on a rackspace cloud server and installed virtualmin which all seemed to go fine. The only problem I have is that I can not access the virtual servers directories via FTP. I get the following from filezilla: Status: Connecting to 1.1.1.1:21... Status: Connection established, waiting for welcome message... Response: 220 FTP Server ready. Command: USER username Response: 331 Password required for username. Command: PASS *************** Response: 230 User username logged in. Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is current directory. Command: TYPE I Response: 200 Type set to I Command: PASV Response: 227 Entering Passive Mode (1,1,1,1,216,214) Command: LIST Error: Connection timed out Error: Failed to retrieve directory listing and I get this from my /var/secure/log file Sep 22 19:40:42 stickeeserver proftpd: pam_unix(proftpd:session): session opened for user username by (uid=0) Sep 22 19:40:42 server proftpd[14051]: 94.136.40.82 (::ffff:217.207.31.60[::ffff:217.207.31.60]) - USER nastypasty: Login successful. Sep 22 19:40:42 server proftpd[14051]: 94.136.40.82 (::ffff:217.207.31.60[::ffff:217.207.31.60]) - Preparing to chroot to directory '/home/username' Sep 22 19:40:42 server proftpd[14051]: 94.136.40.82 (::ffff:217.207.31.60[::ffff:217.207.31.60]) - mod_delay/0.5: delaying for 728 usecs Sep 22 19:40:42 server proftpd[14051]: 94.136.40.82 (::ffff:217.207.31.60[::ffff:217.207.31.60]) - error setting IPV6_V6ONLY: Protocol not available Any help would be greatly appreciated, I'm not totally new to Linux but it's not my strongest subject. I do like to know exactly why problems occur though and how exactly to fix them so the more detail the better! cheers

    Read the article

  • Unable to install PEM/pkcs12 created by gnutls to Cisco ASA

    - by ACiD GRiM
    I've been pulling some hair out trying to figure out why cisco devices don't like my certificates. My primary need is to get a trustpoint set up with CA,cert,key on the ASA for VPN systems, however I'm having the same issues on my IOS devices. I created a pkcs12 with openssl a few months ago that imported with no issues, but now that I'm getting ready to move this lab to production I'm using gnutls certtool as I found it adds alt_dns and ip_address fields properly to the certificate, (which cost me a few more hairs trying to get to work with openssl's ca tool) I'm including the current test certs below, don't worry I'm not using these in production ;) The maddening thing is that after I thought gnutls was generating certs incorrectly, I tried making a pkcs12 for a printserver and it imported with no issues. Here's my command flow for creating these certs: certtool --generate-privkey --disable-quick-random --outfile nn-ca.key certtool --generate-self-signed --load-privkey nn-ca.key --outfile nn-ca.crt certtool --generate-privkey --disable-quick-random --outfile nn-g0.key certtool --generate-certificate --load-privkey nn-g0.key --outfile nn-g0.crt --load-ca-privkey nn-ca.key --load-ca-certificate nn-ca.crt openssl pkcs12 -export -certfile nn-ca.crt -in nn-g0.crt -inkey nn-g0.key -out nn-g0.p12 openssl enc -base64 -in nn-g0.p12 -out nn-g0.base64.p12 The password for the attatched pkcs12 is "ciscohelp" without quotes. Thanks for any help TestCerts

    Read the article

  • Accessing network shares on Windows7 via SonicWall VPN client

    - by Jack Lloyd
    I'm running Windows7 x64 (fully patched) and the SonicWall 4.2.6.0305 client (64-bit, claims to support Windows7). I can login to the VPN and access network resources (eg SSH to a machine that lives behind the VPN). However I cannot seem to be able to access shared filesystems. Windows is refusing to do discovery on the VPN network. I suspect part of the problem is Windows persistently considers the VPN connection to be a 'public network'. Normally, you can open the network and sharing center and modify this setting, however it does not give me a choice for the VPN. So I did the expedient thing and turned on file sharing for public networks. I also disabled the Windows firewall for good measure. Still no luck. I can access the server directly by putting \\192.168.1.240 in the taskbar, which brings up the list of shares on the server. However, trying to open any of the shares simply tells me "Windows cannot access \\192.168.1.240\share You do not have permission to access ..."; it never asks for a domain password. I also tried Windows7 native VPN functionality - it couldn't successfully connect to the VPN at all. I suspect this is because SonicWall is using some obnoxious special/undocumented authentication system; I had similar problems trying to connect on Linux with the normal IPsec tools there. What magical invocation or control panel option am I missing that will let this work? Are there any reasonable debugging strategies? I'm feeling quite frustrated at Windows tendency to not give me much useful information that might let me understand what it is trying to do and what is going wrong.

    Read the article

  • Windows file sharing with a private LAN when a public VPN is connected?

    - by netvope
    OS: Windows Vista My LAN interface is configured as a "private network". I want to have all the sharing and discovery features (Network Discovery, File Sharing, Public Folder Sharing, Printer Sharing, Password Protected Sharing, and Media Sharing), so I enabled them all. My VPN interfaces are configured as "public networks", and I do NOT want to have any of the above features. Now the problem is that if I disabled these sharing features while a VPN is connected, it affects both interfaces. I guess the Network and Sharing Center is probably an oversimplified tool that may not support multiple interfaces. Where can I tell Windows to enable sharing features for the private networks and not the public networks? For file sharing, I think I can disable "File and Printer Sharing for MS Networks" in each of the VPNs' properties. However, I will need to disable it every time I add a new VPN. Moreover, I can't find how to disable Media Sharing by this way. If this can be more easily done in Windows XP or 7, please let me know.

    Read the article

  • What's the right way to create a Ubuntu user whose home directory is /var/www/SITE?

    - by Leonnears
    First of, I need to state I'm a complete ignorant when it comes to server administration on Ubuntu, and I'm doing what I can. I have been trying to do this for hours with no luck. Basically, I want to create a Ubuntu user whose home directory is /var/www/SITE, and prefered it is chroot'd to it. The chroot part is not so important right now, as first I prefer to make anything work. The user should be able to upload files here and the webserver (www-data user?) should be able to pick them up with no problem. I was able to create the user and give it the home directory /var/www/SITE. (the user is "anders"). I gave him a password, and "anders" can connect to FTP just fine and upload files. But here's where things don't work: While my user can upload files to that /var/www/SITE directory, when I access the webpage on my browser I get a Forbidden error. Note that anders is also a member of the www-data group. I can fix this by running sudo chmod g+s /var/www/SITE/* anders -R but this is of course not ideal. Ideally the files should "work" as soon as I upload them. What's the right way to fix this? If it matters (don't think so), I'm editing my files in Coda 2 and anders is the user for it.

    Read the article

  • What's the best way to telnet from a remote Windows PC without using RDP?

    - by Rob D.
    Three Networks: 10.1.1.0 - Mine 172.1.1.0 - My Branch Office 172.2.2.0 - My Branch Office's VOIP VLAN. My PC is on 10.1.1.0. I need to telnet into a Cisco router on 172.2.2.0. The 10.1.1.0 network has no routes to 172.2.2.0, but a VPN connects 10.1.1.0 to 172.1.1.0. Traffic on 172.1.1.0 can route to 172.2.2.0. All PCs on 172.1.1.0 are running Windows XP. Without disrupting anyone using those PCs, I want to open a telnet session from one of those PCs to the router on 172.2.2.0. I've tried the following: psexec.exe \\branchpc telnet 172.2.2.1 psexec.exe \\branchpc cmd.exe telnet 172.2.2.1 psexec.exe \\branchpc -c plink -telnet 172.2.2.1 Methods 1 and 2 both failed because telnet.exe is not usable over psexec. Method 3 actually succeeded in creating the connection, but I cannot login because the session registers my carriage return twice. My password is always blank because at the "Username:" prompt I'm effectively typing: Routeruser[ENTER][ENTER] It's probably time to deploy WinRM... Does anyone know of any other alternatives? Does anyone know how I can fix plink.exe so it only receives one carriage return when I use it over psexec?

    Read the article

  • Wifi network undetectable on a Lenovo G470

    - by Rex
    I have a WPA2 secured network with a visible SSID at home that works perfectly fine with a Dell laptop,a HP netbook and sundry mobile phones. When I try connecting my sister's Lenovo G470, it refuses to detect the wifi network no matter what, but shows up the neighbors' networks. The Lenovo also works correctly at her office. Both laptops run Windows 7. Already tried/checked the following: Manually configure wifi network settings (copied over from the Dell) Ensure there is no MAC address filtering on the router. Ensure router DHCP server is not running out of addresses to assign (I have set it to allocate upto 10). Reboot laptop, router etc. Is this a known problem, and is there anything else one could try? Update - The problematic Lenovo uses Windows 7 Home Basic while the Dell that works uses Home Premium and the HP netbook uses Starter edition - if that makes any difference. Further update - It is able to connect if I reboot into safe mode with networking. However in 'normal' mode it shows up the network sporadically, and then says there was an error connecting to it. All the network parameters, password, encryption, etc etc are EXACTLY the same as they are on the Dell.

    Read the article

  • Deploying a Git server in a AWS linux instance

    - by Leroux
    I'm making a git server on my linux instance in AWS. I tried doing it using these instructions but in the end I always get stuck with a "Permission denied (publickey)" message. So here is my detailed steps, the client is my windows machine running mysysgit and the server is the AWS ubuntu instance : 1) I created user Git with a simple password. 2) Created the ssh directory in ~/.ssh 3) On the client I created ssh keys using ssh-keygen -t rsa -b 1024, they got dropped in my /Users/[Name]/.ssh directory, id_rsa and id_rsa.pub key pair was created. 4) Using notepad I copy pasted the text into newly created files on the server in the ~/.ssh directory of my Git user. ~/.ssh/id_rsa and **~/.ssh/id_rsa.pub** were copied. 5) On the server I made the authorized_hosts file using "cat id_rsa.pub authorized_hosts" (while inside the .ssh directory) 6) Now to test it, on my client machine I did ssh -v git@[ip.address] 7) Result : debug1: Host 'ip.address' is known and matches the RSA host key. debug1: Found key in /c/Users/[Name]/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /c/Users/[Name]/.ssh/identity debug1: Trying private key: /c/Users/[Name]/.ssh/id_rsa debug1: Offering public key: /c/Users/[Name]/.ssh/id_dsa debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey). I would appreciate any insight anyone can give me.

    Read the article

  • Nginx with PAM authentication through pam_script

    - by Envek
    Have anyone set up such a configuration? It's not work for me. So, I've installed nginx-extras on Ubuntu 12.04 (it's built with PAM module), and write to site config: location ^~ /restricted_place/ { auth_pam "Please specify login and password from main_site"; auth_pam_service_name "nginx"; } Afterwards, in /etc/pam.d/nginx: auth required pam_script.so dir=/path/to/my/auth_scripts And wrote simplest /path/to/my/auth_scripts/pam_script_auth (also I've tried to write complicated scripts) #!/bin/sh exit 0 # should allow anyone Doesn't work. The script is launched (I've wrote full functional script, that successfully executes, check credentials, writes to its own log and returns correct exit code, and executes noticeably long). But no access granted. Only rejected. In /var/log/nginx/error.log appears next record: 2012/09/13 10:44:42 [alert] 1666#0: waitpid() failed (10: No child processes) If I'm specify in /etc/pam.d/nginx: auth required pam_unix.so and grant for www-data user right to read /etc/shadow, unix authorization works fine. But script auth doesn't work. Can't understand, where is trouble. In nginx module, or in pam_script module.

    Read the article

  • Cannot access SMC8014WG-SI provided by TimeWarner/RoadRunner administrative interface...

    - by Matt Rogish
    I just received installation of RoadRunner internet/TV/Voice and I was given a wi-fi router from the TimeWarner folks. The model is a SMC SMC8014WG-SI. Unfortunately, the password it uses is WEP and that is, as we all know, completely insecure. The tech that was here didn't know how to change it to something like WPA2 w/TKIP, and I was on hold for 20 minutes with the TimeWarner folks before I gave up. My problem is that the default web interface (http://192.168.0.1) isn't responding. I can ping it, I can access the internet through it, but I can't get to the admin interface. I did a "hard reset" of the device but still no dice. My suspicion is that the wi-fi admin interface is disabled (a common setting) but the wired interface isn't working on either of my two laptops (I've tried two laptops with two different cables, no link light activated). Am I SOL? Did they lock this down so I can't do what I want to do? Worst-case is I just hook up my go-to WRT54G router to the other modem and leave this one turned off, but I'd rather use their hardware to avoid any "It's not our problem" in the future. Any thoughts? Thanks!!

    Read the article

  • Emails from web site sometimes blank or gibberish

    - by John Gardeniers
    Our company has one web site with an online store based on osCommerce. The system sends emails for various reasons, such as password changes, order confirmations, etc., using PHP's mail() function. We occasionally have customers report that the email they received is either blank (email is plain text format) or gibberish (email is in HTML format). In the latter case it's really just HTML that's being displayed as raw text but of course the customers can't read it. In this case the first opening tag's <, and sometimes a few more characters, has gone missing. In an attempt to determine whether this was happening only for certain customers or email systems I configured the web site to send a CC of each message to a service account at my end. Those CC'd messages always arrive intact and display correctly in Outlook. For what it's worth, it seems to happen a little more frequently to Hotmail users but is certainly not limited to them. As the web site is on a shared (Debian) host there's precious little I can do about debugging things from that end, although if I made the right request I feel the hosting company staff would help me, even though they have limited resources to spend on such matters. Any suggestions on what else I might do to try and determine just why those emails are not being received correctly by some customers, yet a CC copy arrives just fine?

    Read the article

  • Kerberos authentication not working for one single domain

    - by Buddy Casino
    We have a strange problem regarding Kerberos authentication with Apache mod_auth_kerb. We use a very simple krb5.conf, where only a single (main) AD server is configured. There are many domains in the forest, and it seems that SSO is working for most of them, except one. I don't know what is special about that domain, the error message that I see in the Apache logs is "Server not found in Kerberos database": [Wed Aug 31 14:56:02 2011] [debug] src/mod_auth_kerb.c(1025): [client xx.xxx.xxx.xxx] Using HTTP/[email protected] as server principal for password verification [Wed Aug 31 14:56:02 2011] [debug] src/mod_auth_kerb.c(714): [client xx.xxx.xxx.xxx] Trying to get TGT for user [email protected] [Wed Aug 31 14:56:02 2011] [debug] src/mod_auth_kerb.c(625): [client xx.xxx.xxx.xxx] Trying to verify authenticity of KDC using principal HTTP/[email protected] [Wed Aug 31 14:56:02 2011] [debug] src/mod_auth_kerb.c(640): [client xx.xxx.xxx.xxx] krb5_get_credentials() failed when verifying KDC [Wed Aug 31 14:56:02 2011] [error] [client xx.xxx.xxx.xxx] failed to verify krb5 credentials: Server not found in Kerberos database [Wed Aug 31 14:56:02 2011] [debug] src/mod_auth_kerb.c(1110): [client xx.xxx.xxx.xxx] kerb_authenticate_user_krb5pwd ret=401 user=(NULL) authtype=(NULL) When I try to kinit that user on the machine on which Apache is running, it works. I also checked that DNS lookups work, including reverse lookup. Who can tell me whats going?

    Read the article

  • Firefox and Chrome keeps forcing HTTPS on Rails app using nginx/Passenger

    - by Steve
    I've got a really weird problem here where every time I try to browse my Rails app in non-SSL mode Chrome (v16) and Firefox (v7) keeps forcing my website to be served in HTTPS. My Rails application is deployed on a Ubuntu VPS using Capistrano, nginx, Passenger and a wildcard SSL certificate. I have set these parameters for port 80 in the nginx.conf: passenger_set_cgi_param HTTP_X_FORWARDED_PROTO http; passenger_set_cgi_param HTTPS off; The long version of my nginx.conf can be found here: https://gist.github.com/2eab42666c609b015bff The ssl-redirect.include file contains: rewrite ^/sign_up https://$host$request_uri? permanent ; rewrite ^/login https://$host$request_uri? permanent ; rewrite ^/settings/password https://$host$request_uri? permanent ; It is to make sure those three pages use HTTPS when coming from non-SSL request. My production.rb file contains this line: # Enable HTTP and HTTPS in parallel config.middleware.insert_before Rack::Lock, Rack::SSL, :exclude => proc { |env| env['HTTPS'] != 'on' } I have tried redirecting to HTTP via nginx rewrites, Ruby on Rails redirects and also used Rails view url using HTTP protocol. My application.rb file contains this methods used in a before_filter hook: def force_http if Rails.env.production? if request.ssl? redirect_to :protocol => 'http', :status => :moved_permanently end end end Every time I try to redirect to HTTP non-SSL the browser attempts to redirect it back to HTTPS causing an infinite redirect loop. Safari, however, works just fine. Even when I've disabled serving SSL in nginx the browsers still try to connect to the site using HTTPS. I should also mention that when I pushed my app on to Heroku, the Rails redirect work just fine for all browsers. The reason why I want to use non-SSL is that my homepage contains non-secure dynamic embedded objects and a non-secure CDN and I want to prevent security warnings. I don't know what is causing the browser to keep forcing HTTPS requests.

    Read the article

  • FTP on Linux "Failed to retrieve directory listing" not firewall issue

    - by Jaka Prasnikar
    I've got an VPS in germany running Debian X64. I have very strange issue. I have ISPConfig CP installed using proftpd and I can not connect to FTP by any means. Few hours ago I've had installed DirectAdmin on CentOS same VPS and same issue. Simply when I connect to FTP server I get these: Status: Resolving address of web02.defikon.com Status: Connecting to 130.255.190.71:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 1 of 50 allowed. Response: 220-Local time is now 12:15. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command: USER default1 Response: 331 User default1 OK. Password required Command: PASS ****** Response: 230-User default1 has group access to: client0 sshusers Response: 230 OK. Current restricted directory is / Command: OPTS UTF8 ON Response: 200 OK, UTF-8 enabled Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is your current location Command: TYPE I Response: 200 TYPE is now 8-bit binary Command: PASV Error: Connection timed out Error: Failed to retrieve directory listing I even tried telnet localhost 21 and the same happends. Once I issue command "LIST" I get time out. I've tried every thing and I can't get this to work =( Please help ! P.S.: iptables is turned off.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 397 398 399 400 401 402 403 404 405 406 407 408  | Next Page >