recentpopularlog in

kme : authentication   146

« earlier  
OneLogin: Identity & Access Management (IAM) Made Simple
Centralize access and meet the changing needs of your business securely, reliably, and simply with OneLogin’s unified access management platform.
enterprise  identity  security  sso  saml  authentication  directoryserver  identitymanagement 
june 2019 by kme
Two Factor Auth List |
List of sites with Two Factor Auth support which includes SMS, email, phone calls, hardware, and software.
mfa  2fa  twofactor  website  searchengine  auth  authentication  list  reference 
april 2019 by kme
Mailing List Archive: Re: MediaWiki 1.28.0 Extension LDAPAuthentication does not work |
There is a new permission available that governs the right to create accounts when logging in with an external user account. It's called "autocreateaccount" [0]. You have to add to your config something like:
<code class="language-php">$wgGroupPermissions['*']['autocreateaccount'] = true;</code>

Or maybe this is enough:
<code class="language-php">$wgGroupPermissions['user']['autocreateaccount'] = true;</code>

See also
mediawiki  ldap  authentication  config  configfile  solution 
june 2018 by kme
authentication - PBIS auth.log requirement "user ingroup nopasswdlogin" not met by user "Administrator@domain.local" - Unix & Linux Stack Exchange |
I solved the same issue. I had
pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "xxxxxxx"
in an environment with AD authentification, Windows 2016, ubuntu 16.04.
The solution

Edit /etc/pam.d/lightdm and remove nopasswdlogin from this line:
auth sufficient user ingroup nopasswdlogin
pam  pam_mount  authentication  errormessage  solution 
april 2018 by kme
How to debug Gitlab LDAP authentication? - Stack Overflow
Run GitLab's LDAP rake check to localize the problem. There's also a more comprehensive one that's listed in the GitLab install document you're using.
gitlab  troubleshooting  ldap  authentication  sysadmin  webmaster  maybesolution 
december 2017 by kme
p13Rabkin.pdf |
Personal knowledge questions for fallback authentication:
Security questions in the era of Facebook
security  password  authentication  forgotpassword  securityquestions  webdevel  paper 
november 2017 by kme
openssh - SHA256 ssh fingerprint given by the client but only md5 fingerprint known for server - Super User
<code class="lang-bash">
# md5 on current OpenSSH
ssh-keygen -l -f -E md5

# sha256 on old OpenSSH
awk '{print $2}' /etc/ssh/ |
base64 -d | # -d = decode
sha256sum -b | # -b = binary
awk '{print $1}' |
xxd -r -p | # -r = hex to binary; -p = "plain hexdump"
base64 # re-encode

Also, when the 'ssh-keygen' on the server is too old (<v5.8) to have the '-E' option:
FingerprintHash md5</code>
ssh  fingerprint  publickeyauthentication  authentication  fuckina  solution 
march 2017 by kme
linux - What command do I use to see what the ECDSA key fingerprint of my server is? - Stack Overflow
This still doesn't allow me to verify keys that are presented in SHA256 format upon first connecting to the host. I have to run 'ssh-keyscan localhost' and compare the ECDSA key that I get with what's already in my ~/.ssh/known_hosts. Too late, if you've already been MITM'd.
ssh  security  sysadmin  publickey  authentication  keyfingerprint  almost  solution 
february 2017 by kme
The authenticity of host ' (' can't be established - Troubleshooting - GitLab Community Forum

This should be googleable, and it's not. I shouldn't have to dig for the support web site, then the community support, and then be linked back to some other support article that the site search didn't find in the first place.
After I added ssh key and try to push my files i seen this message

The authenticity of host ' (' can't be established.
ECDSA key fingerprint is SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw.
Are you sure you want to continue connecting (yes/no)?

Any Suggestions?
gitlab  errormessage  solution  ssh  publickeyauthentication  authentication  keyfingerprint  needshelp 
january 2017 by kme
python - Passing apache2 digest authentication information to a wsgi script run by mod_wsgi - Stack Overflow []
<VirtualHost *>
<Location />
AuthType Digest
AuthName "global"
AuthDigestDomain /
AuthUserFile /root/apache_users
<Limit GET>
Require valid-user
WSGIPassAuthorization On
WSGIScriptAlias / /some/script.wsgi
WSGIDaemonProcess mywsgi user=someuser group=somegroup processes=2 threads=25
WSGIProcessGroup mywsgi
apache  mod_wsgi  wsgi  python  webmaster  authentication  maybesolution 
november 2016 by kme
How to auto-update SSH agent environment variables when attaching to existing tmux sessions - Stack Overflow
There's an excellent gist by Martijn Vermaat, which addresses your problem in great depth, although it is intended for screen users, so I'm adjusting it for tmux here.

To summarize:

create ~/.ssh/rc if it doesn't exist yet, and add the following content:


# Fix SSH auth socket location so agent forwarding works with tmux
if test "$SSH_AUTH_SOCK" ; then
ln -sf $SSH_AUTH_SOCK ~/.ssh/ssh_auth_sock

Make it work in tmux, add this to your ~/.tmux.conf:

# fix ssh agent when tmux is detached
setenv -g SSH_AUTH_SOCK $HOME/.ssh/ssh_auth_sock

solution  tmux  screen  ssh-agent  dotfile  authentication 
june 2016 by kme
SSH keys - ArchWiki
Start ssh-agent with systemd user

It is possible to use the systemd/User facilities to start the agent.


Description=SSH key agent

ExecStart=/usr/bin/ssh-agent -a $SSH_AUTH_SOCK


Add export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/ssh-agent.socket" to your shell's startup file, for example .bash_profile for Bash. Then enable or start the service.

Another helpful tip:

All the user services will be placed in ~/.config/systemd/user/. If you want to run services on first login, execute systemctl --user enable service for any service you want to be autostarted. </blockquote
linux  authentication  ssh-agent  ssh  publickeyauthentication  maybesolution 
june 2016 by kme
SSH: Agent Admitted Failure To Sign Using The Key Error And Solution
I‘ve recently regenrated and uploaded a new public ssh-key using the ssh-copy-id command. Now I’m getting the following error:

ssh root@server3
Agent admitted failure to sign using the key.
root@server3’s password:

How do I fix this problem?

To fix this problem you need logout of your Unix / Linux / OS X / BSD desktop session and log back in again to force the agent to forget identity. Another recommend option is to run the ssh-add command to add RSA or DSA identities to the authentication agent. This will fix your problem without login out from the current session. The syntax is as follows:

$ ssh-add
ssh  errormessage  solution  publickkeyauthentication  pubkey  authentication 
may 2016 by kme
How do I increase sudo password remember timeout? - Ask Different
Run sudo visudo and add this line:

Defaults timestamp_timeout=-1

See man 5 sudoers. -1 causes the password to never timeout. You may change the number to whatever you like in minutes.

The man page for sudo says that sudo -v "extends the sudo timeout for another 5 minutes".

Running 'sudo visudo' instead of editing the file directly causes the system to validate the sudoers file before it commits the changes. For instance, if you leave a stray character somwhere, when you save and exit, it will say "there is an error in the sudoers file, what would you like to do?" ... hence giving you a chance to go back in and edit. This actually just happened to me 10 minutes ago.
mac  osx  sudo  authentication  sysadmin  configfile  security 
march 2016 by kme
Mount WebDAV as drive in Windows 8 - Server Fault -
This is a concise summary of the steps required to allow Windows to connect to a WebDAV share using HTTP "basic" authentication.
Found the Solution: Basic auth.

Change BasicAuthLevel to 2 under HKLM\SYSTEM\CurrentControlSet\Services\WebClient\Parameters

Then restart WebClient service:

net stop WebClient
net start WebClient
My Apache2 config for those interested:

NameVirtualHost *
<VirtualHost *>
ServerAdmin webmaster@localhost

DocumentRoot /var/www/webdav/mounts
<Directory /var/www/webdav/mounts>
Options Indexes MultiViews
AllowOverride None
Order allow,deny
allow from all

Alias /webdav /var/www/webdav/mounts

<Location /webdav>
AuthType Basic
AuthName "webdav"
AuthUserFile /var/www/webdav/passwd.dav
Require valid-user

windows  sysadmin  apache  webdav  basicauth  security  authentication  solution  registryhack 
february 2016 by kme
php - Can cURL use stored auth details with DIGEST auth? - Stack Overflow
EDIT: Short version: add a -K <config file path> parameter to the cURL request and move the -u "user:password" to the first line of this file.
curl  webdevel  authentication  solution 
february 2016 by kme
Using Subversion with the GNOME Keyring
All that CollabNet stuff (like the keyring tool) isn't required with Ubuntu 14.04 (SVN v1.8.8). When

password-stores = gnome-keyring

is enabled in ~/.subversion/config and

store-passwords = yes
store-plaintext-passwords = no

is enabled in ~/.subversion/servers, then everything else just seems to work, as long as the terminal has a connection to the gnome-keyring-daemon through the pipe or environment variable or however that black magic works. Look for a key called "network password" (possibly multiples with the same name) in the "Login" keyring. That's the one for your SVN server.
svn  subversion  gnome-keyring  authentication  reference 
february 2016 by kme
« earlier      
per page:    204080120160

Copy this bookmark:

to read