央视文艺节目部门安排2018年全面从严治党工作
百度 其中,获2A2B及以上(包括4A、3A1B、2A2B三种情况)等级的赋予5分;获2B2C及以上但未达到2A2B及以上(包括3A1C、2A1B1C、2A2C、1A3B、1A2B1C、1A1B2C、4B、3B1C、2B2C九种情况)等级的赋予4分;获其他等级的赋予3分。
Pluggable authentication modules, a flexible framework for configuring authentication, most commonly the login component of Linux systems, but used in other components and operating systems.
769 questions
0
votes
1
answer
54
views
How to configure SSH with PAM to require TOTP only for publickey logins, but allow password-only login without OTP?
I’m configuring a Linux server with OpenSSH and pam_google_authenticator.so for TOTP-based 2FA. I want to enforce different authentication paths based on the login method:
If a user logs in using ...
0
votes
1
answer
102
views
Ubuntu 24.04, restricting the physical access to GDM?
I made users for SFTP access (openssh).
My problem is I don't want to let them connect physically to the server. Most of them are chrooted. One of them has some privileges, he can use commands like ...
- 51
0
votes
1
answer
223
views
SSH and sudo extremely slow on first login/session, instant afterwards - all common causes ruled out
Summary of the issue
I am experiencing a very long delay (~20–40 seconds) when opening a new SSH session or using sudo for the first time in a terminal on my Debian 11 system. Subsequent sudo commands ...
- 3
0
votes
1
answer
106
views
sshd: How to enable PAM authentication for groups with special secret location
I want to use google authentication and have a special secret path in the PAM module for user groups.
I'm probably missing something like:
If the user is in groupx, use alternative OTP file path.
I ...
- 99
0
votes
1
answer
70
views
ssh connect with either publickey+mfa or password+mfa
I'm trying for hours to correctly configure ssh MFA with either the publickey or the password being asked before the OTP code on Debian 12.
Currently I've been able to configure publickey+MFA and ...
- 123
0
votes
0
answers
36
views
Kanidm PAM and nsswitch in Incus (LXD) system container
getent passwd and getent group works as expected.
But when I want to login over SSH
Login with SSH key:
LOG:
Mar 10 07:06:05 ah sshd[1727]: fatal: initgroups: [email protected]: Invalid argument
...
- 101
0
votes
1
answer
233
views
Sudo authentication with kerberos pam module
Anyone familiar with the possibility to authenticate sudo command in /etc/pam.d/sudo with kerberos5 a.k.a with pam_krb5.so library?
- 13
0
votes
1
answer
70
views
enable last login for ftp server
Trying to use pam_lastlog to log last login on a ftp server, vsftp with virtual users. The virtual users are not present as "real" user on the system but use the pam_pwdfile module as ...
- 21
0
votes
1
answer
315
views
Dovecot local user lookup and login fails. Where is my configuration incorrect?
I'm running dovecot 2.3.21 with Ubuntu 24.04.1 LTS. I'm trying to configure the server to work with both virtual and local users. Virtual users are working fine, but I'm having trouble authenticating ...
0
votes
1
answer
1k
views
Problems authenticating users using SSSD/Kerberos against an AD Forest on AlmaLinux/Rocky Linux 9
I have upgraded CentOS 7 AD clients to Alma/Rocky 9 but something must have changed because I cannot use AD for user logins anymore.
There always was a problem. When we set up the system 10 years ago ...
- 343
0
votes
0
answers
90
views
SSH with public key and google auth 2fa with whitelist ips
I'm trying to find a configuration that will required public key and 2fa by default but only public key from whitelisted ips for the same user.
With the config below login from an external ip works as ...
- 1
1
vote
0
answers
74
views
getent passwd only shows ldap user from OU People
I've connected my Solaris 11 Server with my OpenLDAP Server. The connection works and with "ldaplist" I can see the ldap users that should be in the search base.
Looks like that:
dn: cn=...
- 111
0
votes
1
answer
71
views
auth_pam in nginx seems to do nothing
On a Debian 12 host I just installed nginx.
Other than change the listen directives from 80 to 8000 (still have apache2 running), I have changed nothing.
I added a new file in sites-available (and ...
1
vote
0
answers
83
views
Writing a libnss routines - Secondary groups don't show up when SSH is used
I've been working on a new project to expand the authentication options for Linux. Overall, the software is functional, but I am encountering unexpected results when groups are accessed through my ...
- 11
0
votes
1
answer
350
views
Proftpd error Unable to open config file: /etc/security/pam_env.conf
I'm getting this error in my syslog:
pam_env(proftpd:setcred): Unable to open config file: /etc/security/pam_env.conf: No such file or directory
pam_systemd(proftpd:session): Failed to connect to ...
- 121