[SOLVED] ssh authentication asks for a second password
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have set up faillog for a SLES 10 SP3 server. I log in through a putty session and i authenticate successfully and the "last failed login" information is displayed and directly beneath that at the prompt this is displayed:
If i attempt to type my password again it doesn't work and says, "Sorry, try again."
If i press enter without typing a password it lets me in and i am at the command prompt ready to go.
I have this same faillog set up on my test server and i do not get this second password prompt. The configs on both servers look identical. Permissions on both are the same. I must be missing something? I am very new at this and would really appreciate any help. Thanks.
Are both “ChallengeResponseAuthentication yes” and “PasswordAuthentication yes” set this way in /etc/ssh/sshd_config on the server? I saw a similar behavior with the another ssh client for Windows. You can set the former to no (reload sshd) and test again.
This looks like everyone can manipulate the counter of any other user too. faillog is normally also limited to be used by root (at least on my system). There is no default output for failed logins by sshd?
Yes thats true about the counter, although you have to su to root in order to change the counter. I couldn't figure out another way to do it as this is new to me. In the sshd_config there is a line "PrintLastLog yes" but it doesn't do what i need.
I believe i fixed this one also. I found a issue similar while searching the webs for the problem. I added this to the sshrc script:
# Set up the local file in which to store the .Xauthority information:
# Now create and write the magic cookie information:
if read proto cookie && [ -n "$DISPLAY" ]; then
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
echo add unix:`echo $DISPLAY |
cut -c11-` $proto $cookie
echo add $DISPLAY $proto $cookie
fi | /usr/X11R6/bin/xauth -q -
Then I added this to /home/"USERID"/.bashrc :
# ~/.bashrc X11 configuration
if [[ -z $DISPLAY ]]; then
# DISPLAY is not set, so check to see what X display is owned
# by the current user and set DISPLAY to this value:
bb=`ls -ln $X11_FOLDER | grep $currentUser`
# DISPLAY is set, so we assume remote user login via
# ssh and set the XAUTHORITY variable to point to
# proper file.
Now I am able to open Nautilus and any other X windows.