Wiki

Käyttäjän työkalut

Sivuston työkalut

Jäljet: taulukot tehtavia workflow pyzor perus
ssh:perus

SSH

eduwww2:/etc/ssh# cat sshd_config|grep Separati
#Privilege Separation is turned on for security
UsePrivilegeSeparation no
eduwww2:/etc/pam.d# cat common-account
#
# /etc/pam.d/common-account - authorization settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authorization modules that define
# the central access policy for use on the system.  The default is to
# only deny service to users whose accounts are expired in /etc/shadow.
#
account sufficient      pam_winbind.so
account required        pam_unix.so
eduwww2:/etc/pam.d# cat common-auth
#
# /etc/pam.d/common-auth - authentication settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
# traditional Unix authentication mechanisms.
#
auth    sufficient      pam_winbind.so
auth    required        pam_unix.so nullok_secure
eduwww2:/etc/pam.d# cat common-password
#
# /etc/pam.d/common-password - password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define  the services to be
#used to change user passwords.  The default is pam_unix

# The "nullok" option allows users to change an empty password, else
# empty passwords are treated as locked accounts.
#
# (Add `md5' after the module name to enable MD5 passwords)
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
# login.defs. Also the "min" and "max" options enforce the length of the
# new password.

password   required   pam_unix.so nullok obscure min=4 max=8 md5

# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
# You will need to comment out the password line above and
# uncomment the next two in order to use this.
# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
#
# password required       pam_cracklib.so retry=3 minlen=6 difok=3
# password required       pam_unix.so use_authtok nullok md5
eduwww2:/etc/pam.d# cat common-session
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).  The default is pam_unix.
#
session sufficient      pam_mkhomedir.so skel=/etc/skel umask=0077
session sufficient      pam_winbind.so
session required        pam_unix.so
login as: markusop1
markusop1@192.168.176.x's password:
Creating directory '/home/EDU/markusop1'.
markusop1@eduwww2:~$ ls
ssh/perus.txt · Viimeksi muutettu: 2015/08/13 16:36 / 127.0.0.1