963 shaares
5 results
tagged
login
rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. It now also includes support for rdist, rsync, and cvs. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that.
Kill user processes on logout
Arch Linux builds the systemd package with --without-kill-user-processes, setting KillUserProcesses to no by default. This setting causes user processes not to be killed when the user completely logs out. To change this behavior in order to have all user processes killed on the user's logout, set KillUserProcesses=yes in /etc/systemd/logind.conf.
Note that changing this setting breaks terminal multiplexers such as tmux and screen. If you change this setting, you can still use a terminal multiplexer by using systemd-run as follows:
Arch Linux builds the systemd package with --without-kill-user-processes, setting KillUserProcesses to no by default. This setting causes user processes not to be killed when the user completely logs out. To change this behavior in order to have all user processes killed on the user's logout, set KillUserProcesses=yes in /etc/systemd/logind.conf.
Note that changing this setting breaks terminal multiplexers such as tmux and screen. If you change this setting, you can still use a terminal multiplexer by using systemd-run as follows:
Yubikey : Configure your yubikey with pam
Local Authentication Using Challenge Response
The PAM module can utilize the HMAC-SHA1 Challenge-Response mode found in YubiKeys starting with version 2.2 for offline authentication. This mode is useful if you don’t have a stable network connection to the YubiCloud.
The PAM module can utilize the HMAC-SHA1 Challenge-Response mode found in YubiKeys starting with version 2.2 for offline authentication. This mode is useful if you don’t have a stable network connection to the YubiCloud.
The yubikey is a small device that act as a token generator for authentication system. Yubico build them and, as they're seen as a Universal Keyboard, they can be easily interfaced with any kind of system.
From generating OATH token, to One Time Password systems, going by Radius and OpenVPN server authentication, they can be used for a lot of funny things and, among other thing, it's free software (not free hardware, alas). The token is at $25 and you can order them by huge quantities.
Simply put, it's a good token for it's price and, given my threat model (my computer being stolen) it is enough.
From generating OATH token, to One Time Password systems, going by Radius and OpenVPN server authentication, they can be used for a lot of funny things and, among other thing, it's free software (not free hardware, alas). The token is at $25 and you can order them by huge quantities.
Simply put, it's a good token for it's price and, given my threat model (my computer being stolen) it is enough.