Search Results

Search found 158 results on 7 pages for 'sudoers'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 6/7 | < Previous Page | 2 3 4 5 6 7  | Next Page >

  • How to fix sudo: setreuid(ROOT_UID, user_uid): Operation not permitted error?

    - by David R.
    I am using LDAP authentication on my Ubuntu 11.10 server. I installed libpam-ldap, and configured things accordingly. It works great, except that I get this error every once in a while when I try to sudo: sudo: setreuid(ROOT_UID, user_uid): Operation not permitted I know I have sudoers set up correctly, since it works most of the time. It's not just my log in either, others have the same problem when I have it. When this error is occurring, I can't ssh in with my regular system user at all. When I sign in directly, I can't get any gnome-terminal to start. Once I restart the server, the problem goes away. 'Course, that's not a solution, if it was a prod server, I'd be in trouble. How do I fix this? Edit 3/1/12: I just figured out that if stop and start the nscd service, the problem goes away. service nscd stop service nscd start Not much of a solution since I have to be logged into the server directly, not via ssh.

    Read the article

  • Auto-starting a GUI application that requires sudo

    - by nanostuff
    Question: I need to auto-start a GUI application that requires sudo. I know I need to edit the sudoers file with: sudo visudo However, I don't know what to write in the file. What I already tried: sudo visudo and then added the following: nanostuff ALL = NOPASSWD: /usr/lib/AirVPN/AirVPN.exe I also tried with: nanostuff ALL = NOPASSWD /usr/bin/X11/airvpn and nanostuff ALL = NOPASSWD /usr/bin/airvpn None of those worked. By doing: ps aux | grep airvpn I get the following output: nanostuff 6805 0.2 0.4 483520 17384 ? Sl 17:13 0:01 /usr/bin/gksu -u root -m AirVPN Client needs administrative privileges. Please enter your password. mono /usr/lib/AirVPN/AirVPN.exe path=/home/nanostuff/.airvpn root 6806 0.0 0.0 78604 2392 ? Ss 17:13 0:00 /usr/bin/sudo -H -S -p GNOME_SUDO_PASS -u root -- mono /usr/lib/AirVPN/AirVPN.exe path=/home/nanostuff/.airvpn root 6808 3.2 2.0 1257532 83032 ? Sl 17:13 0:12 mono /usr/lib/AirVPN/AirVPN.exe path=/home/nanostuff/.airvpn root 6832 0.0 0.0 22652 3336 ? S 17:14 0:00 /usr/sbin/openvpn --config /home/nanostuff/.airvpn/384ef91f85df5ea2abc88c7416b95bbdf2bc4299edd2850614d4e343ba721ae3.tmp.ovpn nanostuff 6951 0.0 0.0 18932 932 pts/2 S+ 17:20 0:00 grep --color=auto airvpn Additional info: OS: Ubuntu 14.04 64bits Application: It's a VPN client

    Read the article

  • No root account

    - by user107744
    Okay, here's my problem. I was being an idiot and installed compiz-core on my Xubuntu 12.10. So there I was, trying to figure out how to fix my issue, and I did sudo xfwm4 --replace. Then I was unable to login. So I logging with guest, delete my old account, without deleting the home folder, of course, and I create a new account "michael2". Instead of creating a new home folder for it, I instead instructed the program to use my old home folder. Unfortunately, it completely erased the folder, along with over 150GB worth of downloads and about 200 hours worth of work (I work from home, so, yeah). And to top it all off, whenever I try to use the sudo command, I get the error michael2 is not in the sudoers file. This incident will be reported. I don't know how to fix this, nor can I login to root (I never set the root password, because I never had the need to login as root to do anything). Any help will be appreciated. Is there maybe a way that I can do system restore to restore my previous files and username? I need answers as soon as possible, because I'm literally losing money by the second (the entire work from home kinda thing).

    Read the article

  • security issue of Linux sudo command?

    - by George2
    Hello everyone, 1. I am using Red Hat Enterprise 5 Linux box. I find if a user is in /etc/sudoers file, then if the user run command with sudo, the user will run this command with root privilege (without knowing root password, the user runs sudo only need to input the user's own password in order to run a command with sudo). Is that correct understanding? 2. If yes, then is it a security hole? Since users other than root could run with root privilege? thanks in advance, George

    Read the article

  • How to call ejabberdctl from PHP (Apache)

    - by Adil
    Hi, I am trying to call ejabberdctl from PHP but i keep getting an error code of 3 (Failed RPC connection to the node ejabberd@localhost: nodedown). My PHP script contains the following code to add friends : exec('sudo /opt/ejabberd-2.1.2/bin/ejabberdctl add_rosteritem adil.baig40122310029739 godudu.com chburaska0822431111022397 godudu.com chburaska0822431111022397 Friends both', $output, $retCode); exec('sudo /opt/ejabberd-2.1.2/bin/ejabberdctl add_rosteritem chburaska0822431111022397 godudu.com adil.baig40122310029739 godudu.com adil.baig40122310029739 Friends both', $output, $retCode); I have also added ejabberdctl to /etc/sudoers like so : # Custom entry for ejabberdctl, so it can be used via PHP www-data ALL= NOPASSWD: /opt/ejabberd-2.1.2/bin/ejabberdctl I have also added the ejabberd bin directory to /etc/environment, like so : PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/ejabberd-2.1.2/bin" source /etc/environment Everytime i run the PHP script $retCode (the exec return code) returns 3, but if i run the same php file from the command line it works. Help!

    Read the article

  • Can connect to EC2 as ubuntu user but not as the user i created

    - by Sid
    I created a new ebs backed EC2-instance and the necessary key-pair. Now I am able to connect to the instance as ubuntu user. Once i did that I created another user and added it to the sudoers list but I am unable to connect to the instance as the new user I created. I get the following error. I am using the same key to connect with the new user i created. Can somebody help me. Am I missing something here? Permission denied (publickey)"

    Read the article

  • how to make PHP lists all Linux Users?

    - by Data-Base
    Hello I want to build a php based site that (automate) some commands on my Ubuntu Server first thing I did was going to the file (sudoers) and add the user www-data so I can execute php commands with root privileges! # running the web apps with root power!!! www-data ALL=(ALL) NOPASSWD: ALL then my PHP code was <?php $command = "cat /etc/passwd | cut -d\":\" -f1"; echo 'running the command: <b>'.$command."</b><br />"; echo exec($command); ?> it returns only one user (the last user) !!! how to make it return all users? thank you

    Read the article

  • Broken php/localhost/something

    - by ghego1
    I was trying to install the mcrypt libraries following this tutorial (http://www.glenscott.co.uk/blog/2011/08/29/install-mcrypt-php-extension-on-mac-os-x-lion/), but something must have gone wrong and now when I load a php page on my localhost I see this: query="SELECT DISTINCT ".$field." as a,".$field2." as b FROM ".$tab." ".$where. " Group by ".$field." order By ".$orderBy; return $this->query; } And all the remaining code of the php page that should get loaded. I've retrieved the previous versions of the private/etc folder and usr/lib/php folder with time machine but it didn't help. And now if I execute sudo pachectl restart it gives me this error: sudo: no valid sudoers sources found, quitting (while before it worked. PS I'm on a mac with Mountain Lion

    Read the article

  • Use sudo su - <username> to access the <username's> account but sudo su - shouldn't be possible with a sudo user

    - by Winnie
    There is a requirement I got. My sudo users (for which their entry in sudoers file) should be able to access other user's account say Oracle using following command: sudo su - Oracle The above should work with giving current users password. But if the same user is firing the following command, sudo su - it shouldn't work and thus root access shouldnt be given to current user. I am not using su because because i dont want current user to know the credentials of other user(root,Oracle etc.). Can anyone please help me . Its urgent...

    Read the article

  • YUM Update Failed - Error in POSTIN scriptlet in rpm package

    - by Tiffany Walker
    Running "yum update" and it gets to installing and then breaks. Not sure what the problem is. Google shows nothing. Error in POSTIN scriptlet in rpm package gtk2-2.18.9-10.el6.x86_64 error: error creating temporary file /var/tmp/rpm-tmp.NB84HC: Invalid argument error: Couldn't create temporary file for %post(gtk2-2.18.9-10.el6.x86_64): Invalid argument Updating : e2fsprogs-libs-1.41.12-12.el6.x86_64 44/378 Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/yum/rpmtrans.py", line 387, in callback self._instCloseFile( bytes, total, h ) File "/usr/lib/python2.6/site-packages/yum/rpmtrans.py", line 463, in _instCloseFile self.base.history.trans_data_pid_end(pid, state) File "/usr/lib/python2.6/site-packages/yum/history.py", line 858, in trans_data_pid_end """, ('TRUE', self._tid, pid, state)) File "/usr/lib/python2.6/site-packages/yum/sqlutils.py", line 168, in executeSQLQmark return cursor.execute(query, params) sqlite3.OperationalError: unable to open database file error: python callback <bound method RPMTransaction.callback of <yum.rpmtrans.RPMTransaction instance at 0x45c2290>> failed, aborting! With a check all: yum check Loaded plugins: fastestmirror, rhnplugin, security MySQL-client-5.5.27-1.cp.1132.x86_64 is obsoleted by MySQL-client-5.5.27-1.cp.1132.x86_64 MySQL-server-5.5.27-1.cp.1132.x86_64 is obsoleted by MySQL-server-5.5.27-1.cp.1132.x86_64 abrt-libs-2.0.8-6.el6.x86_64 is a duplicate with abrt-libs-2.0.4-14.el6.centos.x86_64 audit-libs-2.2-2.el6.x86_64 is a duplicate with audit-libs-2.1.3-3.el6.x86_64 bandmin-1.6.1-5.noarch has missing requires of perl(bandmin.conf) bandmin-1.6.1-5.noarch has missing requires of perl(bmversion.pl) bandmin-1.6.1-5.noarch has missing requires of perl(services.conf) 32:bind-libs-9.8.2-0.10.rc1.el6_3.3.x86_64 is a duplicate with 32:bind-libs-9.7.3-8.P3.el6_2.2.x86_64 cagefs-safebin-3.6-6.el6.cloudlinux.x86_64 is a duplicate with cagefs-safebin-3.5-1.el6.cloudlinux.x86_64 chkconfig-1.3.49.3-2.el6.x86_64 is a duplicate with chkconfig-1.3.49.3-1.el6_2.x86_64 cloudlinux-release-6-6.3.0.x86_64 is a duplicate with cloudlinux-release-6-6.2.2.x86_64 coreutils-8.4-19.el6.x86_64 is a duplicate with coreutils-8.4-16.el6.x86_64 coreutils-libs-8.4-19.el6.x86_64 is a duplicate with coreutils-libs-8.4-16.el6.x86_64 1:cups-libs-1.4.2-48.el6_3.1.x86_64 is a duplicate with 1:cups-libs-1.4.2-44.el6_2.3.x86_64 1:dbus-libs-1.2.24-7.el6_3.x86_64 is a duplicate with 1:dbus-libs-1.2.24-5.el6_1.x86_64 12:dhcp-common-4.1.1-31.P1.el6_3.1.x86_64 is a duplicate with 12:dhcp-common-4.1.1-25.P1.el6_2.1.x86_64 e2fsprogs-libs-1.41.12-12.el6.x86_64 is a duplicate with e2fsprogs-libs-1.41.12-11.el6.x86_64 exim-4.80-0.x86_64 has missing requires of perl(SafeFile) expat-2.0.1-11.el6_2.x86_64 is a duplicate with expat-2.0.1-9.1.el6.x86_64 frontpage-2002-SR1.2.i386 has missing requires of libexpat.so.0 gawk-3.1.7-10.el6.x86_64 is a duplicate with gawk-3.1.7-9.el6.x86_64 glib2-2.22.5-7.el6.x86_64 is a duplicate with glib2-2.22.5-6.el6.x86_64 glibc-2.12-1.80.el6_3.5.x86_64 is a duplicate with glibc-2.12-1.47.el6_2.12.x86_64 glibc-common-2.12-1.80.el6_3.5.x86_64 is a duplicate with glibc-common-2.12-1.47.el6_2.12.x86_64 gtk2-2.18.9-10.el6.x86_64 is a duplicate with gtk2-2.18.9-6.el6.centos.x86_64 kernel-firmware-2.6.32-320.4.1.lve1.1.4.el6.noarch is obsoleted by kernel-firmware-2.6.32-320.4.1.lve1.1.4.el6.noarch kernel-firmware-2.6.32-320.4.1.lve1.1.4.el6.noarch is obsoleted by kernel-firmware-2.6.32-379.5.1.lve1.1.9.6.1.el6.noarch kernel-firmware-2.6.32-379.5.1.lve1.1.9.6.1.el6.noarch is a duplicate with kernel-firmware-2.6.32-320.4.1.lve1.1.4.el6.noarch kernel-firmware-2.6.32-379.5.1.lve1.1.9.6.1.el6.noarch is obsoleted by kernel-firmware-2.6.32-320.4.1.lve1.1.4.el6.noarch kernel-firmware-2.6.32-379.5.1.lve1.1.9.6.1.el6.noarch is obsoleted by kernel-firmware-2.6.32-379.5.1.lve1.1.9.6.1.el6.noarch kernel-headers-2.6.32-379.5.1.lve1.1.9.6.1.el6.x86_64 is a duplicate with kernel-headers-2.6.32-320.4.1.lve1.1.4.el6.x86_64 keyutils-libs-1.4-4.el6.x86_64 is a duplicate with keyutils-libs-1.4-3.el6.x86_64 krb5-libs-1.9-33.el6_3.3.x86_64 is a duplicate with krb5-libs-1.9-22.el6_2.1.x86_64 libblkid-2.17.2-12.7.el6.x86_64 is a duplicate with libblkid-2.17.2-12.4.el6.x86_64 libcom_err-1.41.12-12.el6.x86_64 is a duplicate with libcom_err-1.41.12-11.el6.x86_64 libgcc-4.4.6-4.el6.x86_64 is a duplicate with libgcc-4.4.6-3.el6.x86_64 libselinux-2.0.94-5.3.el6.x86_64 is a duplicate with libselinux-2.0.94-5.2.el6.x86_64 libstdc++-4.4.6-4.el6.x86_64 is a duplicate with libstdc++-4.4.6-3.el6.x86_64 libtiff-3.9.4-6.el6_3.x86_64 is a duplicate with libtiff-3.9.4-5.el6_2.x86_64 libudev-147-2.42.el6.x86_64 is a duplicate with libudev-147-2.40.el6.x86_64 libuuid-2.17.2-12.7.el6.x86_64 is a duplicate with libuuid-2.17.2-12.4.el6.x86_64 libxml2-2.7.6-8.el6_3.3.x86_64 is a duplicate with libxml2-2.7.6-4.el6_2.4.x86_64 nspr-4.9.1-2.el6_3.x86_64 is a duplicate with nspr-4.8.9-3.el6_2.x86_64 nss-util-3.13.5-1.el6_3.x86_64 is a duplicate with nss-util-3.13.1-3.el6_2.x86_64 openssl-1.0.0-25.el6_3.1.x86_64 is a duplicate with openssl-1.0.0-20.el6_2.5.x86_64 python-2.6.6-29.el6_3.3.x86_64 is a duplicate with python-2.6.6-29.el6.x86_64 python-libs-2.6.6-29.el6_3.3.x86_64 is a duplicate with python-libs-2.6.6-29.el6.x86_64 readline-6.0-4.el6.x86_64 is a duplicate with readline-6.0-3.el6.x86_64 sed-4.2.1-10.el6.x86_64 is a duplicate with sed-4.2.1-7.el6.x86_64 tzdata-2012c-3.el6.noarch is a duplicate with tzdata-2012c-1.el6.noarch xmlrpc-c-1.16.24-1209.1840.el6.x86_64 is a duplicate with xmlrpc-c-1.16.24-1200.1840.el6_1.4.x86_64 xmlrpc-c-client-1.16.24-1209.1840.el6.x86_64 is a duplicate with xmlrpc-c-client-1.16.24-1200.1840.el6_1.4.x86_64 Error: check all Tried: #rm /var/lib/rpm/__db* #rpm --rebuilddb #yum clean all Tried also running yum-complete-transaction still won't finish the update. ls -ld /var/tmp/ drwxrwxrwt. 20 root root 12288 Oct 3 18:44 /var/tmp/ df -h /var/tmp/ Filesystem Size Used Avail Use% Mounted on /tmp 3.9G 1.2G 2.6G 32% /var/tmp Latest errors: Error: Protected multilib versions: libgcc-4.4.6-4.el6.i686 != libgcc-4.4.6-3.el6.x86_64 Error: Protected multilib versions: glibc-2.12-1.80.el6_3.5.i686 != glibc-2.12-1.47.el6_2.12.x86_64 EDITED: yum repolist Loaded plugins: fastestmirror, rhnplugin, security Loading mirror speeds from cached hostfile * cloudlinux-x86_64-server-6: cl.banahosting.com repo id repo name status cloudlinux-x86_64-server-6 CloudLinux Server 6 x86_64 10,948+725 repolist: 10,948 [~]# package-cleanup --dupes Loaded plugins: fastestmirror, rhnplugin xmlrpc-c-client-1.16.24-1209.1840.el6.x86_64 xmlrpc-c-client-1.16.24-1200.1840.el6_1.4.x86_64 bind-libs-9.7.3-8.P3.el6_2.2.x86_64 bind-libs-9.8.2-0.10.rc1.el6_3.3.x86_64 libblkid-2.17.2-12.4.el6.x86_64 libblkid-2.17.2-12.7.el6.x86_64 libtiff-3.9.4-5.el6_2.x86_64 libtiff-3.9.4-6.el6_3.x86_64 audit-libs-2.1.3-3.el6.x86_64 audit-libs-2.2-2.el6.x86_64 libstdc++-4.4.6-3.el6.x86_64 libstdc++-4.4.6-4.el6.x86_64 sed-4.2.1-10.el6.x86_64 sed-4.2.1-7.el6.x86_64 python-libs-2.6.6-29.el6_3.3.x86_64 python-libs-2.6.6-29.el6.x86_64 coreutils-libs-8.4-16.el6.x86_64 coreutils-libs-8.4-19.el6.x86_64 libudev-147-2.40.el6.x86_64 libudev-147-2.42.el6.x86_64 chkconfig-1.3.49.3-2.el6.x86_64 chkconfig-1.3.49.3-1.el6_2.x86_64 keyutils-libs-1.4-4.el6.x86_64 keyutils-libs-1.4-3.el6.x86_64 glibc-2.12-1.47.el6_2.12.x86_64 glibc-2.12-1.80.el6_3.5.x86_64 tzdata-2012c-3.el6.noarch tzdata-2012c-1.el6.noarch coreutils-8.4-19.el6.x86_64 coreutils-8.4-16.el6.x86_64 dbus-libs-1.2.24-7.el6_3.x86_64 dbus-libs-1.2.24-5.el6_1.x86_64 libxml2-2.7.6-4.el6_2.4.x86_64 libxml2-2.7.6-8.el6_3.3.x86_64 abrt-libs-2.0.8-6.el6.x86_64 abrt-libs-2.0.4-14.el6.centos.x86_64 expat-2.0.1-9.1.el6.x86_64 expat-2.0.1-11.el6_2.x86_64 python-2.6.6-29.el6.x86_64 python-2.6.6-29.el6_3.3.x86_64 gtk2-2.18.9-6.el6.centos.x86_64 gtk2-2.18.9-10.el6.x86_64 libcom_err-1.41.12-12.el6.x86_64 libcom_err-1.41.12-11.el6.x86_64 gawk-3.1.7-10.el6.x86_64 gawk-3.1.7-9.el6.x86_64 readline-6.0-4.el6.x86_64 readline-6.0-3.el6.x86_64 glibc-common-2.12-1.80.el6_3.5.x86_64 glibc-common-2.12-1.47.el6_2.12.x86_64 libselinux-2.0.94-5.2.el6.x86_64 libselinux-2.0.94-5.3.el6.x86_64 cups-libs-1.4.2-48.el6_3.1.x86_64 cups-libs-1.4.2-44.el6_2.3.x86_64 nspr-4.9.1-2.el6_3.x86_64 nspr-4.8.9-3.el6_2.x86_64 cagefs-safebin-3.5-1.el6.cloudlinux.x86_64 cagefs-safebin-3.6-6.el6.cloudlinux.x86_64 libuuid-2.17.2-12.4.el6.x86_64 libuuid-2.17.2-12.7.el6.x86_64 xmlrpc-c-1.16.24-1209.1840.el6.x86_64 xmlrpc-c-1.16.24-1200.1840.el6_1.4.x86_64 openssl-1.0.0-20.el6_2.5.x86_64 openssl-1.0.0-25.el6_3.1.x86_64 dhcp-common-4.1.1-25.P1.el6_2.1.x86_64 dhcp-common-4.1.1-31.P1.el6_3.1.x86_64 krb5-libs-1.9-33.el6_3.3.x86_64 krb5-libs-1.9-22.el6_2.1.x86_64 nss-util-3.13.5-1.el6_3.x86_64 nss-util-3.13.1-3.el6_2.x86_64 cloudlinux-release-6-6.2.2.x86_64 cloudlinux-release-6-6.3.0.x86_64 e2fsprogs-libs-1.41.12-11.el6.x86_64 e2fsprogs-libs-1.41.12-12.el6.x86_64 glib2-2.22.5-6.el6.x86_64 glib2-2.22.5-7.el6.x86_64 UPDATE 2 I removed all the dupes and then did update and got this: Updating : sudo-1.7.4p5-13.el6_3.x86_64 79/361 Error in POSTIN scriptlet in rpm package sudo-1.7.4p5-13.el6_3.x86_64 warning: /etc/sudoers created as /etc/sudoers.rpmnew error: error creating temporary file /var/tmp/rpm-tmp.hjTOqJ: Invalid argument error: Couldn't create temporary file for %post(sudo-1.7.4p5-13.el6_3.x86_64): Invalid argument Updating : pcre-7.8-6.el6.x86_64 80/361 Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/yum/rpmtrans.py", line 399, in callback self._instCloseFile( bytes, total, h ) File "/usr/lib/python2.6/site-packages/yum/rpmtrans.py", line 475, in _instCloseFile self.base.history.trans_data_pid_end(pid, state) File "/usr/lib/python2.6/site-packages/yum/history.py", line 858, in trans_data_pid_end """, ('TRUE', self._tid, pid, state)) File "/usr/lib/python2.6/site-packages/yum/sqlutils.py", line 168, in executeSQLQmark return cursor.execute(query, params) sqlite3.OperationalError: unable to open database file error: python callback <bound method RPMTransaction.callback of <yum.rpmtrans.RPMTransaction instance at 0x5c7cfc8>> failed, aborting! - [~]# lsattr /var/tmp/ -------------e- /var/tmp/cache_5b07945563e03aec1c44917886fd99a6 -------------e- /var/tmp/sess_6edfafda1a191f6986bd020ed945eea0 -------------e- /var/tmp/sess_1b837feecdd4c9e6aa6ecd81d41fda75 -------------e- /var/tmp/sess_70bec5f392b4f5f75ac444f5c82db2dc -------------e- /var/tmp/sess_24cd226ba0a370a6d3838a37745b2e15 -------------e- /var/tmp/nginx_proxy -------------e- /var/tmp/sess_19fb1dd060e42c9de8786ef34d7fcf6e -------------e- /var/tmp/sess_b4ac777076c5122a6e27d776de0a2fcb -------------e- /var/tmp/sess_5077441775ef8d07a2185e8fd48a4aa8 -------------e- /var/tmp/cache_4e71d930fe8250e222ae4d1dc39646ff -------------e- /var/tmp/sess_eb6eb29b38b55b85303c3137611f0a2faa15c21d -------------e- /var/tmp/sess_81e7e8d93b395f2c8d7e3fe12cc59e56 -------------e- /var/tmp/sess_05c7f305bdbf9a4c7af251d33ac59766 -------------e- /var/tmp/sess_0ad9369063a37b6b399688a835d69ed2 -------------e- /var/tmp/cache_c780deda617678faeea8f8a34395ac27 -------------e- /var/tmp/sess_9773332e3c99ee18dca0b05e8f02a41e -------------e- /var/tmp/sess_1d9b02b068ea81a3975599ddc12bcfb1 -------------e- /var/tmp/sess_1ffeff444123e924834dc5e80d07571e -------------e- /var/tmp/sess_aa56725471c84d9a06745c56dc499db7 -------------e- /var/tmp/sess_51e19964d7e1a164c63f4c72fa43475c33debbc0 -------------e- /var/tmp/sess_a83c7a05bb189a465b8813ff9e566aa8f9124079 -------------e- /var/tmp/sess_2f506ba5b77c61107871e8cf80393cdb -------------e- /var/tmp/sess_7bfe1578605b259ec5e4fd2200df4cd0 -------------e- /var/tmp/sess_f6e47011789d8d48d56dd78a398d98d5719414a7 -------------e- /var/tmp/sess_b7c43a90a8b8d8f02b0fffca77796ce5 -------------e- /var/tmp/sess_6c3e7103453ad4daba815bd96a903785 -------------e- /var/tmp/sess_86f32a22507d8410b3f0fc7d71a135d5 -------------e- /var/tmp/sess_aaf72d3e8cfb2f27ffdff61323f97e7553855a05 -------------e- /var/tmp/sess_5de4488e2ee03ac0f99ab9494573ccb1 -------------e- /var/tmp/sess_716d97bba4abdb38704a9e4212f6fddc -------------e- /var/tmp/sess_534908a9510a32eda13a5dc95ac022cc -------------e- /var/tmp/sess_626a58203d93427c79621ea4fec0906d -------------e- /var/tmp/sess_827ca92d10d3797f2c187c41764a7036 -------------e- /var/tmp/sess_6282962d77f7bead20e785fbdb9a3d8f -------------e- /var/tmp/cache_b012c8a729fc54a296a700ed92930a0e -------------e- /var/tmp/sess_631e5ba769773da056108d3fbd143963 -------------e- /var/tmp/cache_30bb7f1333ba5f96a229c91a3385d8b5 -------------e- /var/tmp/sess_93e085706b29c3e4e3593bfe39b1079e -------------e- /var/tmp/sess_abd78bd6c285d681c90de8c617747ab3 -------------e- /var/tmp/sess_e144544ed925569018e6607b05f43f253f75e2aa -------------e- /var/tmp/sess_5d3d036c772847a4508d3e100b173d84 -------------e- /var/tmp/sess_f35243d1f40bd8d9ce08940fafc00d93 -------------e- /var/tmp/sess_761c3ffa811b959638ed0b266741eaa4 -------------e- /var/tmp/mm.sem.sNdxjf -------------e- /var/tmp/sess_006d45dbd807291f7bffbd1db3707ed6 -------------e- /var/tmp/cache_2d0162aac9f87c1978ac644923a5e2fe -------------e- /var/tmp/sess_22c534418c380b72d105935b59713dd1 -------------e- /var/tmp/sess_94f72ef408567a15f6287c518e93898e -------------e- /var/tmp/cache_6fe03c83bb87489f3921db1c974dfc0e -------------e- /var/tmp/sess_48bbfa2a2a8793a62c7fd6a389a2763e -------------e- /var/tmp/mm.sem.ERERMV -------------e- /var/tmp/sess_20aba82c03a69b2dc6af66c499c38ee67e27368f -------------e- /var/tmp/sess_f94fe0589a79c934815ef359bcb0a16c7080d937 -------------e- /var/tmp/sess_460390801eb004593b4dee83779f414e -------------e- /var/tmp/spamd-52811-init -------------e- /var/tmp/cache_6427fdb235d59b0b2fbd105bf23d2e87 -------------e- /var/tmp/cache_4ce12d8350d7c0361dc1bf15d552a2d8 -------------e- /var/tmp/sess_039fec2a643340f118b6355e4c836ae8 -------------e- /var/tmp/sess_fa46fa80b26e6cf3d9c7de942d5dbcff -------------e- /var/tmp/cache_664858e614367812148716536e22d030 -------------e- /var/tmp/sess_4c8d4c44fbd828dc17415ce6aa213115 -------------e- /var/tmp/sess_d231a6c0e5dd4d7bacbf9de3d8bb298f -------------e- /var/tmp/sess_a82f8a088a8e37d375f6a9fede4a54d2 -------------e- /var/tmp/sess_604697227ae5359e5783dc9407845338 -------------e- /var/tmp/sess_5b4e623536640abe671b40563d03817d -------------e- /var/tmp/sess_2aba0aff64f3c18f22e0b79d591259e2 -------------e- /var/tmp/sess_bfd52a2d2d80880f8e26ad460739a0494f0d1e9e -------------e- /var/tmp/sess_ba9f3e3a7c7111930d6b801aaa833b46 -------------e- /var/tmp/sess_5cc8c5b620015a465359359a0805fbdd -------------e- /var/tmp/sess_84945c41d604b4653a1bf45d83a1917c -------------e- /var/tmp/sess_5f52569b27430780c07d25cfb8177e5c1ef647f0 -------------e- /var/tmp/sess_45896aef9e77f16be1b3e94b3edb2599 -------------e- /var/tmp/sess_5a67d0ef8f826a2f103b429c8464bdd5f75d6218 -------------e- /var/tmp/sess_1fce98bb32e5b34c79fd5a313de32980 -------------e- /var/tmp/sess_f7ea772ff3fbb1eb2ad8712dd2c49ed8 -------------e- /var/tmp/sess_a9dc16bc5c1eb2768bb2600f0d102fde -------------e- /var/tmp/mm.sem.3zwRTu -------------e- /var/tmp/sess_e2cad140703338a4b8c9254ec6b0a1a2 -------------e- /var/tmp/sess_e7c8e85daf9c5424aecb83e066decf31 -------------e- /var/tmp/sess_800f878fa944370f42e76057e7c033e19520bd41 -------------e- /var/tmp/sess_4fdae64eb18599521ace18679795568b -------------e- /var/tmp/sess_958fb886b97de2e767b059376c4724b5 -------------e- /var/tmp/sess_3c832a31f17744a8bb3c59dde02e561aefbc2e48 -------------e- /var/tmp/sess_6d9d7bf04f34e0d82b101f882196a905 -------------e- /var/tmp/sess_7231c75ae4fad2ca5fbcb6de430a7b13 -------------e- /var/tmp/sess_2eadffa2285def9673ce784395d272d8 -------------e- /var/tmp/cache_2ff353b664d8028df967f807ac18593a -------------e- /var/tmp/sess_4138a267f1f5e3ad93c1d64547c63134ae7c0db3 -------------e- /var/tmp/sess_64cd9fa0d6af8e8041aafffbe3db986a -------------e- /var/tmp/tmpg3ycIG -------------e- /var/tmp/cache_b633ac8283d6de8e39d81160d63fc8cd -------------e- /var/tmp/sess_2cee03cf5eafd3ef55d8efa1b0390436 -------------e- /var/tmp/sess_608066c609e28621f2a29ac04a3a6441 -------------e- /var/tmp/sess_46dfb35cf8266699ba9304e5d8c6869d -------------e- /var/tmp/sess_fb202a0ed54cee8832c5f6e0ca7fc1b3 -------------e- /var/tmp/sess_8fe3c5fd8cdda02855e5f9b5a1ea85a4 -------------e- /var/tmp/sess_941376d5cb51e0ba73f9a27ee259c159 -------------e- /var/tmp/sess_4fa17b1eac1d18341d20d0d8d4991ceb -------------e- /var/tmp/cache_de647c956ca6a1b75744ad194aceaa82 -------------e- /var/tmp/mm.sem.Ugu7Be -------------e- /var/tmp/sess_656e8a50759d5b36b963e7eb85e0bb0d -------------e- /var/tmp/sess_983f77b607bbffa1748d6c49557381e9 -------------e- /var/tmp/sess_632860d092e5e374da522ed2f88e83ce -------------e- /var/tmp/sess_030f900b81cc2a4ad095d53ef3ee0791 -------------e- /var/tmp/yum.log -------------e- /var/tmp/cache_810174993c6a2c0efe2edbe4c39a4a81 -------------e- /var/tmp/sess_29e2c781643434e81d189fc41f47fd34 -------------e- /var/tmp/tmpE12ahd -------------e- /var/tmp/sess_935da512fb077e04610266748b3b77f3 - cat /etc/fstab /tmp as: loop,rw,noexec,nosuid,nodev

    Read the article

  • run script as another user from a root script with no tty stdin

    - by viktor tron
    Using CentOs, I want to run a script as user 'training' as a system service. I use daemontools to monitor the process, which needs a launcher script that is run as root and has no tty standard in. Below I give my four different attempts which all fail. : #!/bin/bash exec >> /var/log/training_service.log 2>&1 setuidgid training training_command This last line is not good enough since for training_command, we need environment for trqaining user to be set. : su - training -c 'training_command' This looks like it (http://serverfault.com/questions/44400/run-a-shell-script-as-a-different-user) but gives 'standard in must be tty' as su making sure tty is present to potentially accept password. I know I could make this disappear by modifying /etc/sudoers (a la http://superuser.com/questions/119376/bash-su-script-giving-an-error-standard-in-must-be-a-tty) but i am reluctant and unsure of consequences. : runuser - training -c 'training_command' This one gives runuser: cannot set groups: Connection refused. I found no sense or resolution to this error. : ssh -p100 training@localhost 'source $HOME/.bashrc; training_command' This one is more of a joke to show desparation. Even this one fails with Host key verification failed. (the host key IS in known_hosts, etc). Note: all of 2,3,4 work as they should if I run the wrapper script from a root shell. problems only occur if the system service monitor (daemontools) launches it (no tty terminal I guess). I am stuck. Is this something so hard to achieve? I appreciate all insight and guidance to best practice. (this has also been posted on superuser: http://superuser.com/questions/434235/script-calling-script-as-other-user)

    Read the article

  • Setting Ubuntu Global PATH for Ruby Enterprise Edition

    - by Wally Glutton
    Context: I recently installed Ruby Enterprise Edition (REE) on an Ubuntu 8.04 server. I would like for this new version of Ruby to globally supersede (for all users, crontabs, etc) the older version in /usr/local/bin. Attempted Solution #1: The REE documentation recommends placing the REE bin folder at the beginning of the global PATH in /etc/environment. I altered the PATH line in this file to read: PATH="/opt/ruby_ee/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" This did affect my PATH at all. Attempted Solution #2: Next I followed these instructions and updated the PATH setting in the /etc/login.defs and /etc/crontab files. (I did not change /etc/sudoers.) This didn't affect my PATH either, even after logging out and rebooting the server. Other information: I seem to be having the same problem described here. I'm testing using the command: echo $PATH My shell is bash. My .bashrc doesn't not alter my PATH. I'm ssh'ed into the system for all testing. /opt/ruby_ee/ is a sym-link to /opt/ruby-enterprise-1.8.7-2011.03/

    Read the article

  • apache-user & root access

    - by ahmedshaikhm
    I want to develop few scripts in php that will invoke following commands; using exec() function service network restart crontab -u root /xyz/abc/fjs/crontab etc. The issue is that Apache executes script as apache user (I am on CentOS 5), regardless of adding apache into wheel or doing good, the bad and the ugly group assignment does not run commands (as mentioned above). Following are my configurations; My /etc/sudoers root ALL=(ALL) ALL apache ALL=(ALL) NOPASSWD: ALL %wheel ALL=(ALL) ALL %wheel ALL=(ALL) NOPASSWD: ALL As I've tried couple of combination with sudoer & httpd.conf, the recent httpd.conf look something as follows; my httpd.conf User apache Group wheel my PHP script exec("service network start", $a); print_r($a); exec("sudo -u root service network start", $a); print_r($a); Output Array ( [0] => Bringing up loopback interface: [FAILED] [1] => Bringing up interface eth0: [FAILED] [2] => Bringing up interface eth0_1: [FAILED] [3] => Bringing up interface eth1: [FAILED] ) Array ( [0] => Bringing up loopback interface: [FAILED] [1] => Bringing up interface eth0: [FAILED] [2] => Bringing up interface eth0_1: [FAILED] [3] => Bringing up interface eth1: [FAILED] ) Without any surprise, when I invoke restart network services via ssh, using similar user like apache, the command successfully executes. Its all about accessing such commands via HTTP Protocol. I am sure cPanel/Plesk kind of software do use something like sudoer or something and what I am trying to do is basically possible. But I need your help to understand which piece I am missing? Thanks a lot!

    Read the article

  • Chmod 644 on /etc/ any way to fix?

    - by DazSlayer
    I tried to tab complete something and I guess it wasnt there. I know you are not supposed to set the permissions to /etc/ like that, but my permissions seem to be all messed up. whoami prints out cannot find name for user ID 1002 and I cannot cd into /etc/ anymore. passwd and shadow use 640 and 644 so I am not sure why this is a problem. Regardless, is there any way to fix this? The command run was sudo chmod 644 /etc/ I have no name!@vpn-server:/$ whoami whoami: cannot find name for user ID 1002 I have no name!@vpn-server:/$ cd etc bash: cd: etc: Permission denied I have no name!@vpn-server:/$ ls -al etc d????????? ? ? ? ? ? . d????????? ? ? ? ? ? .. d????????? ? ? ? ? ? acpi -????????? ? ? ? ? ? adduser.conf I have no name!@vpn-server:/$ sudo su sudo: can't open /etc/sudoers: Permission denied

    Read the article

  • cups log kills ubuntu 12.04 and sudoer permissions changed

    - by peterretief
    I am using Ubuntu 12.04 as a desktop and recently had a weird crash with the log file for cups filling up the entire drive and not letting me back in, also what changed was /var/lib/sudo had changed from root to peter (me) I didn't make this change - I checked the history! I set the sudoers back to root and capped the max size for cups log Anyone had a similar experience? It feels like someone is messing around with my settings Is there any way to trace how the error occurred? Logs auth.log Jan 1 02:04:13 peter-desktop lightdm: pam_unix(lightdm:session): session opened for user lightdm by (uid=0) Jan 1 02:04:13 peter-desktop lightdm: pam_ck_connector(lightdm:session): nox11 mode, ignoring PAM_TTY :0 Jan 1 02:06:53 peter-desktop lightdm: pam_unix(lightdm:session): session opened for user lightdm by (uid=0) Jan 1 02:06:53 peter-desktop lightdm: pam_ck_connector(lightdm:session): nox11 mode, ignoring PAM_TTY :0 syslog Jan 1 02:04:13 peter-desktop rsyslogd: [origin software="rsyslogd" swVersion="5.8.6" x-pid="903" x-info="http://www.rsyslog.com"] start Jan 1 02:04:13 peter-desktop rsyslogd: rsyslogd's groupid changed to 103 Jan 1 02:04:13 peter-desktop rsyslogd: rsyslogd's userid changed to 101 Jan 1 02:04:13 peter-desktop rsyslogd-2039: Could not open output pipe '/dev/xconsole' [try http://www.rsyslog.com/e/2039 ] Jan 1 02:04:13 peter-desktop bluetoothd[898]: Failed to init gatt_example plugin Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Initializing cgroup subsys cpuset Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Initializing cgroup subsys cpu Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Linux version 3.2.0-25-generic-pae (buildd@palmer) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #40-Ubuntu SMP Wed May 23 22:11:24 UTC 2012 (Ubuntu 3.2.0-25.40-generic-pae 3.2.18) Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] KERNEL supported cpus: Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] Intel GenuineIntel Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] AMD AuthenticAMD Jan 1 02:04:13 peter-desktop kernel: [ 0.000000] NSC Geode by NSC

    Read the article

  • script calling script as other user

    - by viktor tron
    Using CentOs, I want to run a script as user 'training' as a system service. I use daemontools to monitor the process, which needs a launcher script that is run as root: : #!/bin/bash exec >> /var/log/training_service.log 2>&1 setuidgid training training_command This last line is not good enough since for training_command, we need environment for training user to be set. : su - training -c 'training_command' gives 'standard in must be tty' as su making sure tty is present to potentially accept password. I know I could make this disappear by modifying /etc/sudoers a la Bash & 'su' script giving an error "standard in must be a tty" but i am reluctant and unsure of consequences. : runuser - training -c 'training_command' gives runuser: cannot set groups: Connection refused. I found no sense or resolution to this message. I am stuck. Is this something so hard to achieve? I appreciate all insight and guidance to best practice.

    Read the article

  • Securing SSH/SFTP and best practices on security

    - by MultiformeIngegno
    I'm on a fresh VPS with Ubuntu Server 12.04. I wanted to ask you the good practices to apply to enhance security over a stock Ubuntu-server. This is what I did up to now: I added Google Authenticator to SSH, then I created a new user (whom I'll use instead of 'root' for SSH & SFTP access) which I added to my /etc/sudoers list below 'root', so now it's: # User privilege specification root ALL=(ALL:ALL) ALL new_user ALL=(ALL:ALL) ALL Then I edited sshd_config and set PermitRootLogin to 'no'. Then restarted the ssh service. Is this ok? There are a few things I'd like to ask you though: 1) What's the sense of adding a new (sudoer) user whilst the root user still exist (ok it can't access with root privilege but it's still there..)? 2) System files are owned by 'root'.. I want to use my new_user to access via SFTP but with it I can't edit those files!! Should I mass-CHMOD 'em so that new_user has write perms too? What's the good practice on this? Thanks in advance, I hope you'll tell me if I did something wrong and/or other ways to secure the system. :)

    Read the article

  • On AWS EC2, Unable to run sudo command after modifying permissions to /usr folder

    - by Kayote
    All, We have searched quite a bit and a few of 'Eliah Kagan's' posts are great about getting access back to sudo. However, our server is on AWS EC2 & I am a complete newbie to this. We are trying to setup Cronjobs for backing up our server data. What we did: Using Putty, we created a script file: usr/share/site-db-backup/backupToS3.php, however, Ubuntu was not saving the changes we made as it reported we did not have permission as user 'Ubuntu'. Error details are: "Upload of file backupToS3.php was successful but error occurred while setting the permission &/ or timestamp. If the problem persists, turn on 'ignore permission errors' option. Permission denied. Error code: 3 Request code 9" So, we ran the command "sudo chmod -R a+rwx /usr" for granting permission to the folder 'usr'. However, now whatever sudo command is run, we get the error: "/usr/lib/sudo/sudoers.so must be only be writable by owner. fatal error, unable to load plugins." We are complete newbies to Ubuntu & EC2 so do need step by step guidance of how to get sudo back & successfully write to the Crontab script sitting in 'usr/' folder.

    Read the article

  • Want to install GDB on Fedora 7 machine..

    - by RBA
    Hi, I want to install GDB GNU debugger for debugging C Programs, onto my fedora machine.. I installed the gzip file from gnu website, but it gives error during MAKE command.. I am doing all the steps correctly which reading from the readme file, and tutorial on internet. Please guide. Also i am trying to do from yum install gdb command and sudo apt-get install gdb, yum is not found in my system, i installed it, but now it is giving some unusual error, some file missing.. So no success with this.. sudo apt-get is working, but it is also giving some following errorss... [oracle@localhost Programs]$ sudo apt-get install gdb Password: Sorry, try again. Password: Sorry, try again. Password: oracle is not in the sudoers file. This incident will be reported. [oracle@localhost Programs]$ sudo apt-get install gdb I am in real nead of this gdb tool.. how to go about it.. Please share your experiences over this.. Thankx..

    Read the article

  • Changing PATH Environment Variable for all Users. (Ubuntu)

    - by Wally Glutton
    I recently compiled Ruby Enterprise Edition (REE) on an Ubuntu 8.04 server. I would like to update my PATH to ensure this new version of Ruby (found in /opt/ruby_ee/bin) supersedes the older version in /usr/local/bin. (I still want the old version around, though.) I would like these PATH changes to affect all users and crontabs. Attempted Solution #1: The REE documentation recommends placing the REE bin folder at the beginning of the global PATH in /etc/environment. I altered the PATH in this file to read: PATH="/opt/ruby_ee/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" This did not affect my PATH at all. Attempted Solution #2: Next I followed these instructions and updated the PATH setting in /etc/login.defs and /etc/crontab. (I did not change /etc/sudoers.) This didn't affect my PATH either, even after logging out and rebooting the server. Other information: I seem to be having the same problem described here. I'm testing using the commands "echo $PATH" and "ruby -v". My shell is bash. My .bashrc doesn't override my PATH. Yes, I have heard of the Ruby Version Manager project. ;)

    Read the article

  • How can I implement ansible with per-host passwords, securely?

    - by supervacuo
    I would like to use ansible to manage a group of existing servers. I have created an ansible_hosts file, and tested successfully (with the -K option) with commands that only target a single host ansible -i ansible_hosts host1 --sudo -K # + commands ... My problem now is that the user passwords on each host are different, but I can't find a way of handling this in Ansible. Using -K, I am only prompted for a single sudo password up-front, which then seems to be tried for all subsequent hosts without prompting: host1 | ... host2 | FAILED => Incorrect sudo password host3 | FAILED => Incorrect sudo password host4 | FAILED => Incorrect sudo password host5 | FAILED => Incorrect sudo password Research so far: a StackOverflow question with one incorrect answer ("use -K") and one response by the author saying "Found out I needed passwordless sudo" the Ansible docs, which say "Use of passwordless sudo makes things easier to automate, but it’s not required." (emphasis mine) this security StackExchange question which takes it as read that NOPASSWD is required article "Scalable and Understandable Provisioning..." which says: "running sudo may require typing a password, which is a sure way of blocking Ansible forever. A simple fix is to run visudo on the target host, and make sure that the user Ansible will use to login does not have to type a password" article "Basic Ansible Playbooks", which says "Ansible could log into the target server as root and avoid the need for sudo, or let the ansible user have sudo without a password, but the thought of doing either makes my spleen threaten to leap up my gullet and block my windpipe, so I don’t" My thoughts exactly, but then how to extend beyond a single server? ansible issue #1227, "Ansible should ask for sudo password for all users in a playbook", which was closed a year ago by mpdehaan with the comment "Haven't seen much demand for this, I think most people are sudoing from only one user account or using keys most of the time." So... how are people using Ansible in situations like these? Setting NOPASSWD in /etc/sudoers, reusing password across hosts or enabling root SSH login all seem rather drastic reductions in security.

    Read the article

  • AWS Amazon EC2 - password-less SSH login for non-root users using PEM keypairs

    - by Mark White
    We've got a couple of clusters running on AWS (HAProxy/Solr, PGPool/PostgreSQL) and we've setup scripts to allow new slave instances to be auto-included into the clusters by updating their IPs to config files held on S3, then SSHing to the master instance to kick them to download the revised config and restart the service. It's all working nicely, but in testing we're using our master pem for SSH which means it needs to be stored on an instance. Not good. I want a non-root user that can use an AWS keypair who will have sudo access to run the download-config-and-restart scripts, but nothing else. rbash seems to be the way to go, but I understand this can be insecure unless setup correctly. So what security holes are there in this approach: New AWS keypair created for user.pem (not really called 'user') New user on instances: user Public key for user is in ~user/.ssh/authorized_keys (taken by creating new instance with user.pem, and copying it from /root/.ssh/authorized_keys) Private key for user is in ~user/.ssh/user.pem 'user' has login shell of /home/user/bin/rbash ~user/bin/ contains symbolic links to /bin/rbash and /usr/bin/sudo /etc/sudoers has entry "user ALL=(root) NOPASSWD: ~user/.bashrc sets PATH to /home/user/bin/ only ~user/.inputrc has 'set disable-completion on' to prevent double tabbing from 'sudo /' to find paths. ~user/ -R is owned by root with read-only access to user, except for ~user/.ssh which has write access for user (for writing known_hosts), and ~user/bin/* which are +x Inter-instance communication uses 'ssh -o StrictHostKeyChecking=no -i ~user/.ssh/user.pem user@ sudo ' Any thoughts would be welcome. Mark...

    Read the article

  • Using the public ssh key from local machine to access two remote users [closed]

    - by Nick
    I have an new Ubuntu (Hardy 8.04) server; it has two users, Alice and Bob. Alice is listed in sudoers. I appended my public ssh key (my local machine's public key local/Users/nick/.ssh/id_rsa.pub) to authorized_keys in remote_server/home/Alice/.ssh/authorized_keys, changed the permissions on Alice/.ssh/ to 700 and Alice/.ssh/authorized_keys to 600, and both the file and folder are owned my Alice. Then added I Alice to sshd_config (AllowUsers Alice). This works and I can login into Alice: ssh -v [email protected] ... debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 15 09:51:01 2010 from 123.456.789.00 I then copied the authorized_keys file remote_server/home/Alice/.ssh/authorized_keys to remote_server/home/Bob/.shh/authorized_keys and changed the permissions and ownership and added Bob to AllowUsers in sshd_config (AllowUsers Alice Bob). Now when I try to login to Bob it will not authenticate the same public key. ssh -v [email protected] ... debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/nick/.ssh/identity debug1: Trying private key: /Users/nick/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). Am I missing something fundamental about the way ssh works?

    Read the article

  • Can the public ssh key from my local machine be used to access two different users on a remote serve

    - by Nick
    I have an new ubuntu (hardy 8.04) server, it has two users, User1 and User2. User1 is listed in sudoers. I appended my public ssh key (my local machine's public key local/Users/nick/.ssh/id_rsa.pub) to authorized_keys in remote_server/home/user1/.ssh/authorized_keys, changed the permissions on user1/.ssh/ to 700 and user1/.ssh/authorized_keys to 600 and both file and folder are owned my User1. Then added I User1 to sshd_config (AllowUsers User1). This works and I can login into User1 debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 15 09:51:01 2010 from ..*.* I then copied the authorized_keys file remote_server/home/user1/.ssh/authorized_keys to remote_server/home/user2/.shh/authorized_keys and changed the permissions and ownership and added User2 to AllowUsers in sshd_config (AllowUsers User1 User2). Now when I try to login to User2 it will not authenticate the same public key. debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/nick/.ssh/identity debug1: Trying private key: /Users/nick/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). Am I missing something fundamental about the way ssh works? Thanks in advance, Nick

    Read the article

  • Can the same ssh key be used to access two different users on the same server?

    - by Nick
    I have an new ubuntu (hardy 8.04) server, it has two users, User1 and User2. User1 is listed in sudoers. I appended my public ssh key to authorized_keys in /home/user1/.ssh/authorized_keys, changed the permissions on user1/.ssh/ to 700 and user1/.ssh/authorized_keys to 600 and both file and folder are owned my User1. Then added I User1 to sshd_config (AllowUsers User1). This works and I can login into User1 debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 15 09:51:01 2010 from 86.141.61.197 I then copied the authorized_keys file to /home/user2/.shh/ and changed the permissions and ownership and added User2 to AllowUsers in sshd_config (AllowUsers User1 User2). Now when I try to login to User2 it will not authenticate the same public key. debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/nick/.ssh/identity debug1: Trying private key: /Users/nick/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). Am I missing something fundamental about the way ssh works? Thanks in advance, Nick

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 2 3 4 5 6 7  | Next Page >