https://www.google.com/accounts/ServiceLogin?service=pagescontinue=http%3A%2F%2Fpages.google.com%3A80%2F
On Sat, 14 May 2005 20:29:03 -0700
Steve Langasek [EMAIL PROTECTED] wrote:
On Sat, May 14, 2005 at 10:33:28PM -0400, Glenn Maynard wrote:
On Sat, May 14, 2005 at 07:22:56PM -0700, Steve
On Thursday 12 May 2005 20:18, Marc Haber wrote:
[ ... ]
UsePam yes is generally a _big_ surprise for the local admin since
it allows passwords to be used even if UsePasswordAuthentification
no is set in sshd_config.
[ ... ]
I have exactly those set on a few hosts:
foohost:/var/log# egrep
On Monday 16 May 2005 11:12, Frederik Dannemare wrote:
On Thursday 12 May 2005 20:18, Marc Haber wrote:
[ ... ]
UsePam yes is generally a _big_ surprise for the local admin
since it allows passwords to be used even if
UsePasswordAuthentification no is set in sshd_config.
[ ... ]
I
Steve == Steve Langasek [EMAIL PROTECTED] writes:
Steve It does, if you use the authorization checks in PAM. If
Steve you only use the authentication checks, then PAM is only
Steve going to authenticate the user -- not check whether they're
Steve allowed access.
When you say
On Mon, May 16, 2005 at 08:22:26AM +1000, Brian May wrote:
Steve == Steve Langasek [EMAIL PROTECTED] writes:
Steve It does, if you use the authorization checks in PAM. If
Steve you only use the authentication checks, then PAM is only
Steve going to authenticate the user -- not
Marc == Marc Haber [EMAIL PROTECTED] writes:
Marc If that option is switched off, an account created with
Marc adduser --disabled-login is impossible to ssh into (log
Marc entry sshd[14704]: User testuser not allowed because
Marc account is locked) while an account created with
On Sun, May 15, 2005 at 11:19:12AM +1000, Brian May wrote:
Marc == Marc Haber [EMAIL PROTECTED] writes:
Marc If that option is switched off, an account created with
Marc adduser --disabled-login is impossible to ssh into (log
Marc entry sshd[14704]: User testuser not allowed
On Sat, May 14, 2005 at 07:22:56PM -0700, Steve Langasek wrote:
I also think it would be really cool(TM) if the system could display
a message password expired or account is locked if the user
successfully authenticates to the system but is unable to authorize
the user to use the system.
On Sat, May 14, 2005 at 10:33:28PM -0400, Glenn Maynard wrote:
On Sat, May 14, 2005 at 07:22:56PM -0700, Steve Langasek wrote:
I also think it would be really cool(TM) if the system could display
a message password expired or account is locked if the user
successfully authenticates to
On Wed, 11 May 2005 01:40:33 +0300, Shaul Karl [EMAIL PROTECTED] wrote:
The way I understand it, the effect of ! or * is identical.
No.
Alternatively, the difference is set by the configuration of pam, which,
I believe, is out of adduser scope. This match my experience that login
through SSH RSA
Marc Haber [EMAIL PROTECTED] writes:
UsePam yes is generally a _big_ surprise for the local admin since it
allows passwords to be used even if UsePasswordAuthentification no is
set in sshd_config.
Yes, because UsePam doesn't use password authentication; it just uses
passwords to authenticate.
On Mon, May 09, 2005 at 01:14:27PM -0400, Stephen Gran wrote:
This one time, at band camp, Marc Haber said:
On Mon, 09 May 2005 15:34:06 +0300, Shaul Karl [EMAIL PROTECTED] wrote:
adduser(8) states that
With the --disabled-login option, the account will be created but
will be
adduser(8) states that
With the --disabled-login option, the account will be created but
will be disabled until a password is set. The --disabled-password
option will not set a password, but login are still possible for
example through SSH RSA keys.
I wonder what is the
On Mon, 09 May 2005 15:34:06 +0300, Shaul Karl [EMAIL PROTECTED] wrote:
adduser(8) states that
With the --disabled-login option, the account will be created but
will be disabled until a password is set. The --disabled-password
option will not set a password, but login are still
This one time, at band camp, Marc Haber said:
On Mon, 09 May 2005 15:34:06 +0300, Shaul Karl [EMAIL PROTECTED] wrote:
adduser(8) states that
With the --disabled-login option, the account will be created but
will be disabled until a password is set. The --disabled-password
15 matches
Mail list logo
