Questions tagged [authentication]
Use this tag for questions relating to authentication mechanism (i.e. proving to the system that you are you, using passwords, keycards etc.). In general don't use this and the security tag on the same question, unless it is about the security of the authentication process.
609
questions
0
votes
0
answers
54
views
How can I prove a user is present?
For some actions, one needs to ensure a user is actually present. As an example, sudo requires you to type your password, a secret which is kept carefully by the OS. Thus, if sudo sees the correct ...
2
votes
1
answer
122
views
How to config SSH authentication with all 3 components: publickey, password and OTP
Update 1: I'm able to apply all publickey + password + OTP with this basic config in /etc/pam.d/common-auth.
auth [success=ok] pam_unix.so
auth [success=1] pam_google_authenticator.so nullok ...
0
votes
0
answers
41
views
How to configure local smtp server sendmail/postfix to occur error 503 5.5.4 send AUTH command first?
I want to achieve sendmail/postfix configuration as in smtp.yandex.ru to make error "503 5.5.4 send AUTH command first" occur after:
telnet localhost 25
EHLO test
MAIL FROM: user@hostname
...
0
votes
1
answer
58
views
Are all packages necessarily reproducible on GUIX?
By default, what will happen if I try to install a package with GUIX and it's not bit-for-bit reproducible?
I'm very concerned about the state of package managers in 2024 (and the risks of supply ...
1
vote
0
answers
37
views
SSH authentication
I am trying to make ssh on VM have an authentication before the user is connected to the session. Right now I have an Azure MFA app, that when the user authenticates, it shows a password. I want this ...
1
vote
1
answer
39
views
Check SHA256SUMS and exit non-zero on unexpected file (file not present in digest)
I'm trying to check the integrity of a set of downloaded files using sha256sum.
I cryptographically signed a digest file (named SHA256SUMS) with PGP. I create the file by recursively calculating the ...
0
votes
0
answers
106
views
Unexpected password authentication problem
I have been using a properly configured system with no authentication changes for over a month now. And suddenly I get this error message:
Sorry, password authentication didn't work. Please try again.
...
0
votes
1
answer
39
views
Linux multi-server user access
Our organization has a private network of Linux servers. This network is air gapped from the internet and we have limited personal access to the network and servers.
Each server has a standard user ...
0
votes
1
answer
117
views
Totally Legit Signing Key <[email protected]>
I run:
gpg --list-keys
I get:
pub rsa1024 2014-01-26 [C]
<REMOVED>
uid [ unknown] Totally Legit Signing Key <[email protected]>
Can this be dangerous? What is this? ...
5
votes
1
answer
748
views
/var/log/auth.log stops recording authentication errors
As the title says, /var/log/auth.log stops recording authentication errors. It all began with I accidentally deleting it. Then I created it using touch command and changed the owner:group to syslog:...
0
votes
0
answers
44
views
Store files in ftp server, accessible only for users from authentication server via OAuth2 protocol and separately for each other
We have in company authentication server with support of OAuth 2 protocol.
We are thinking about ftp repository.
Could it be possible to configure ftp repository/server so that we could provide files ...
0
votes
1
answer
408
views
Enable faillock on Debian 12
Can anyone tell my how to enable faillock on Debian 12?
I had a look to several tutorials but nothing worked for me.
This is what I get after installation - without comments.
/etc/pam.d/common-account
...
0
votes
0
answers
65
views
Limit shellinabox users to specific accounts
Setup and target
I am running a server with ssh and shellinabox and would like to restrict login via shellinabox to one specific user only.
Reasoning and approach
For security reasons, the main user ...
1
vote
0
answers
1k
views
PAM - Disabling "check pass; user unknown" syslog messages
TLDR: We use PAM with SSHD. CentOS and Ubuntu exist in the environment. For every SSHD failure of an unknown user, it creates two messages. One of the messages doesn't provide the unknown username and ...
0
votes
0
answers
610
views
How to authenticate with password in terminal, with fprintd authentication enabled?
I enabled fingerprint authentication on my laptop running Debian 12 by following this guide:
$ doas apt install fprintd libpam-fprintd
$ fprintd-enroll -f right-middle-finger
$ fprintd-verify
$ doas ...