Questions tagged [password]
A password is a collection of characters that is used, usually in conjunction with a username, as a means of authentication.
932
questions
753
votes
9
answers
2.5m
views
How to automate SSH login with password?
How can I automate SSH login using a password?
I'm configuring my test VM, so heavy security is not a consideration. SSH chosen for acceptable security with minimal configuration.
ex)
echo password | ...
217
votes
8
answers
357k
views
How to setup passwordless `sudo` on Linux?
How can passwordless sudo access be setup on either RHEL (Fedora, CentOS, etc) or Ubuntu distributions? (If it's the same across distros, that's even better!)
Setting: personal and/or lab/training ...
215
votes
1
answer
227k
views
SSH use only my password, Ignore my ssh key, don't prompt me for a passphrase
This is a question regarding the OpenSSH client on Linux, MacOSX and FreeBSD.
Normally, I log into systems using my SSH key.
Occasionally, I want my SSH client to ignore my SSH key and use a ...
195
votes
6
answers
215k
views
how to disable SSH login with password for some users?
On Linux (Debian Squeeze) I would like to disable SSH login using password to some users (selected group or all users except root). But I do not want to disable login using certificate for them.
edit:...
144
votes
4
answers
6k
views
Is my password compromised because I forgot to hit Enter after ssh username?
I've just tried logging into a Fedora (release 13 Goddard) server using SSH (PuTTY, Windows). For some reason the Enter after typing my username didn't go through and I typed in my password and hit ...
64
votes
9
answers
14k
views
Is it OK to set up passwordless `sudo` on a cloud server?
I love the idea of accessing servers via keys, so that I don't have to type in my password every time I ssh into a box, I even lock my user's (not root) password (passwd -l username) so it's ...
63
votes
7
answers
110k
views
How to change my MySQL root password back to empty?
When I'm working locally, I don't really need to enter my password to access my database. I changed my root password when I first installed MySQL, but I don't know how to change my password back. What ...
62
votes
6
answers
738k
views
How to pass password to scp command used in bash script? [duplicate]
Possible Duplicate:
Connect through SSH and type in password automatically, without using a public key
I have a bash script that makes dump of DB then copies file from one server to another but ...
62
votes
9
answers
212k
views
Tool to test a user account and password (test login)
Yeah, I can fire up a VM or remote into something and try the password...I know...but is there a tool or script that will simulate a login just enough to confirm or deny that the password is correct?
...
62
votes
19
answers
11k
views
Best Practise and Solutions for Sharing Passwords [closed]
We have various passwords that need to be known to more than one person in our company. For example, the admin password to our internet routers, the password for our web-host, and also a few "non-IT" ...
61
votes
9
answers
139k
views
How do you recover you RDS master user username?
Resetting the RDS master user's password is simple enough, but how do you find your master users username?
59
votes
40
answers
6k
views
How do you manage your passwords?
Obviously seeing as how many of us here are system administrator type people, we have a lot of passwords strung out across numerous systems and accounts. Some of them are low priority, others could ...
49
votes
7
answers
307k
views
Disable password complexity rule in Active Directory
Where do I go to disable the password complexity policy for the domain?
I've logged onto the domain controller (Windows Server 2008) and found the option in local policies which is of course locked ...
43
votes
9
answers
57k
views
How to hide a password passed as command line argument?
I'm running a software daemon that requires for certain actions to enter a passphrase to unlock some features which looks for example like that:
$ darkcoind masternode start <mypassphrase>
Now ...
42
votes
4
answers
172k
views
Allow linux root user mysql root access without password
On cPanel when I am logged in as root and type "mysql" without hostname and password it gives me direct access to mysql root user.
I would like to do this for one of my non-cpanel server where the ...
38
votes
4
answers
27k
views
ssh: "Agent admitted failure to sign using the key"
I'm trying to set up password-less login with ssh on Ubuntu Server,
but I keep getting:
Agent admitted failure to sign using the key
and prompt for password.
I have generated new rsa keys. Before ...
37
votes
5
answers
409k
views
What's the default username and password for an Ubuntu Live CD?
What's the username and password for an Ubuntu Live CD image?
I ask because I've recently copied the contents of an Ubuntu based live ISO (easypeasy, the ldistro for nwtbooks) onto a hard disk drive, ...
37
votes
5
answers
41k
views
How secure is a bluetooth keyboard against password sniffing?
In a situation where an admin will enter sensitive information into a keyboard (the root password), what is the risk that a bluetooth keyboard (ship by default with Mac systems these days) would put ...
34
votes
4
answers
104k
views
Check if user password input is valid in Powershell script
I am working with a Powershell script that adds scheduled tasks to systems in our domain. When I run this script, it will prompt me for my password. I sometimes fat finger the password and the process ...
32
votes
4
answers
78k
views
Authentication Order with SSH
When I login via ssh with -v I see that ssh is authenticating the following way
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,hostbased
I would like to change the ...
31
votes
7
answers
2k
views
What would you do if you realized your email hosting provider could see your passwords?
We received an email last year from our hosting provider regarding one of our accounts- it had been compromised and used to deliver a rather generous helping of spam.
Apparently, the user had reset ...
30
votes
22
answers
3k
views
Password best practices
Given the recent events with a 'hacker' learning and retrying passwords from website administrators, what can we suggest to everyone about best practices when it comes to passwords?
use unique ...
29
votes
2
answers
6k
views
Why is the maximum length of OpenWrt’s root password 8 characters?
When I try to set root's password:
root@OpenWrt:~# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case ...
27
votes
2
answers
31k
views
How to change in postgresql password of the user using SQL
How to change in postgresql password of the user using SQL.
I have user (alex) and his password (e.g. pass)
i need to change using sql statement his password to NULL...
26
votes
9
answers
3k
views
Is packet sniffing for passwords on a fully switched network really a concern?
I administer a number of linux servers that require telnet access for users.
Currently the user's credentials are stored locally on each server and the passwords tend to be very weak and there is no ...
24
votes
3
answers
41k
views
Wget: Is there a way to pass username and password from a file?
Is there a way to pass the username and password from a file instead of the command line via --user and --password?
Background: I want to run wget via cron and don't want the username/password show ...
23
votes
16
answers
3k
views
Why is it bad to have a weak mysql user password?
I was presented with an argument to the tune of "you don't need a strong mysql user password because in order to use it, they'd already have access to your server." We're talking about a 4 digit ...
23
votes
5
answers
6k
views
Temporarily increasing sudo's timeout for the duration of an install script
I'm trying to write a script that will install a bunch of software and I'd like to not have to run everything as root, so I'd like to be able to prompt for a password and then go about the install, ...
22
votes
2
answers
3k
views
Why are md5 passwords hashed differently?
I've been wondering for a while, why does running "echo 'helloworld' | openssl passwd -1 -stdin" yield different results every time?If I put any of the hashes in my /etc/shadow I can use them as my ...
21
votes
3
answers
9k
views
useradd not encrypting passwords in /etc/shadow
I stumbled accross this problem when trying to create new FTP users for vsftpd.
Upon creating a new user with the following command and attempting login with FileZilla, I would get an "incorrect ...
20
votes
14
answers
4k
views
Should I force my users to change passwords every n days/weeks/month?
Question says it all. We are designing a system where security is very important. One of the ideas someone had was to force users to change passwords every 3 months. My take on this is that while its ...
20
votes
5
answers
38k
views
Windows Server 2008 R2 RDP login paste password
Is there any utility out there that allows me to paste the password in my clipboard to Windows Server 2008 R2 RDP login screen as if I'm typing the characters directly from the keyboard?
I login a lot ...
18
votes
9
answers
1k
views
User password age/complexity policy
Has anyone got any resources for determining a reasonable password policy for my users? My personal leaning is to ratchet up password complexity and allow them to change them less often as a kind of ...
18
votes
4
answers
19k
views
How can a standard Windows user change their password from the command line?
On Windows Server 2008 R2, I have a standard (non-administrator) local user (not an Active Directory account, though the server is in a domain) who has access to the server only via PowerShell ...
18
votes
1
answer
88k
views
Is PermitRootLogin=prohibit-password still necessary when PasswordAuthentication=no?
Our server cluster has remote root access enabled for rescue purposes, and we generally set PermitRootLogin prohibit-password in /etc/ssh/sshd_config because LDAP users can still login using password.
...
18
votes
4
answers
14k
views
How do I setup sshd on Mac OS X to only allow key-based authentication?
I have a Mac OS X machine (Mac mini running 10.5) with Remote Login enabled. I want to open the sshd port to the Internet to be able to login remotely.
For security reasons I want to disable remote ...
18
votes
10
answers
5k
views
Password Manager that allows syncing accross platforms [closed]
I use OS X, Linux, Solaris and windows for work and from home. There are good tools that allow me to manage the many logins/passwords required platform independently. But mostly they expect me to ...
18
votes
4
answers
12k
views
How to manage a web servers SSL private key protection (password vs. no password)?
We have a discussion in my company's security group about what's the worse of the following options to manage SSL private key.
The web server needs access to the private key for the encryption ...
18
votes
3
answers
121k
views
Change user password on other domain command line
I'd like to change user's password using cmd.exe on domain account.
I tried
net user user_name * /domain
but it doesn't work, because my user is on another domain. How can I specify, to which ...
17
votes
3
answers
8k
views
Is there a safe way to store passwords used for ssh by a script?
So first, I know, I should use key auth with SSH. No need to explain me that.
Issue here is that I have a (big) bunch of servers, and I need to have a script be able to connect each of these.
I use ...
16
votes
11
answers
2k
views
Is there a standard method of proving password security to non-mathematicians?
My client has a server that is being subjected to brute-force login attempts from a botnet. Due to the vagaries of the server and the client's client, we can't easily block the attempts through a ...
16
votes
5
answers
29k
views
Can I change a user password in Linux from the command line with no interactivity?
I have a specific use case where I would really like to be able to change a user's password with a single command with no interactivity. This is being done in a safe fashion (over SSH, and on a system ...
16
votes
9
answers
68k
views
Web interface to allow users to change their Active Directory password
I have a few web applications that use Active Directory to authenticate. What I would like to be able to do is provide a simple web page that would allow users to update their AD password.
This wasn'...
16
votes
7
answers
4k
views
Storing rarely used single-purpose passwords
How do you handle the storage of passwords that, by nature of their usage, you can't expect administrators to memorize? Such as:
Administrator/root password when everyone logs on using their own ...
16
votes
11
answers
16k
views
Password Management System for multiple SysAdmins?
I'm interested in best practices and potential open source projects that would allow my organization to securely store multiple passwords and allow multiple administrators to access them. I'm ...
15
votes
7
answers
85k
views
Non-Expiring password on Linux server
I'd like to set up an account on a linux server and make the account's password never expire. I'm having difficulties figuring it out with the passwd man page. Could someone please help me out?
15
votes
2
answers
60k
views
Update password for scheduled task
I have a scheduled task that needs to run as a service account. The service account's password resets every 100 days, so I need to update the password for the scheduled task.
I cannot figure out how ...
15
votes
5
answers
8k
views
Why on Windows 7 does "wrong password" take a long time to appear?
Why does it take a long time for Windows 7 to show the failed login message when the wrong password is entered when it almost instantaneously lets you login if the password is correct?
Is it only me ...
15
votes
4
answers
36k
views
How can I reduce the verbosity of certain Ansible tasks to not leak passwords into syslog?
Sometimes I would like to use Ansible's lineinfile or blockinfile modules to write a password into some configuration file. If I do so, the whole line or block, password included, ends up in my syslog....
14
votes
2
answers
37k
views
How to set postgresql user password in bash script
I want to set a password for the default Postgresql server user, postgres. I did it by using:
sudo -u postgres psql
# \password postgres
I want to do this step in many machines, so I would like to ...