My os is OS X 10.8.5. I want to ssh to localhost, but I always get prompted for a password.I don't know the password.
How do I reset the ssh config in mac osx? I removed .ssh folder.
ssh does not work without a password, it would compromise your system too much.
You may setup an easy password for youself and use the command "sudo ssh username#127.0.0.1" then you will be prompted for the password you usualy are using.
You also may enable the root account and use this account. But be carefull, you can mess up you system pretty much when you are logged in as a root user.
Enable root user via path "Your hard disk"/System/Library/CoreServices. There you find al lot of handy programs for system management. You be looking for the "Directory utility" App.
After starting this App unlock the lock (left below) and fill in your system password.
Then via the menu at the top you can unlock the root user, via (Edit/Enable root user). Choose then a password. If you fill in no password then the root user will not be enabled, i think.
Hope this will help you.
Related
I want to make a script that asks the user for username and password and uses these for a few things at once, including connecting to OpenVPN without needing to either
store the password on the disk
ask the user for the data many times over
for example you can run net use with user and password to mount shares, however openVPN seemingly only has an option to pass a file with username and password.
On Linux there seemingly are solutions like this, however I don't seem to find anything similar for windows yet.
Is there a solution?
I update the company mac to the new OS big sur. It was doing fine before the login but once the update was done, the AD user is not able to login once its not connected to the corporate network or if it is on outside network. It just keeps on asking to reset the password. But if it is connected to the corporate network, it works fine. Already check with the settings, all is check, like create a mobile login and all those stuff.
I had the same issue, to fix it I had to go into our Device Management site (AirWatch, though I've heard the same things from InTune and other management tools), and disable the "Password" profile. Once AirWatch synced again it allowed me to log in without the "Reset Password" prompt.
Other things I learned:
For the first couple of days I had this issue I was able to reset the SMC and it would allow me to log in until I disconnected from the VPN again (at night).
I was able to reset the password on local accounts (I have a local test account that would accept a new password but it had weird restrictions I had never set like not being dictionary words, being over 12 characters, etc. I had to use something like 1qaz#WSX3edc$RFV for it to work.
If I logged in as a local admin account I was still locked out from using my domain joined account to perform admin functions on the computer and make server connections, it didn't give me the change password prompt, just failed like I had the wrong password.
Just putting this here for people who have to defend their choices to the higher-ups:
On a corporate domain the Password profile being set manually for Mac is redundant as long as you have the profiles in your management suite set to not allow local account logins and the password requirements are set in AD. This forces you to login with an AD account and AD will enforce the password requirements.
I use console2 in combination with git bash in order to interact with my local git repositories and by extension several github and bitbucket repositories also.
I use an ssh key pair to authenticate myself to these services, howevermy ssh key pair has an associated password.
This morning I found that I was no longer required to enter this password n my laptop in order to complete the authentication process.
I did some testing and it seems that the same key present on my desktop machine still requires me to enter my password.
So my question is.... why am I no longer required to enter my password on my laptop in order to authenticate with these servers?
Sounds like you have ssh-agent (sshagent.exe) running.
It is a small utility which allows you to enter your key's passphrase once and it then holds it "unlocked" for further use without you needing to re-enter the passphrase each time. Killing it will cause the original behaviour.
ssh-agent comes along with ssh in a standard msysgit installation. I'm not sure if something's changed that now means it's used by default or not though. Another explanation as to why it's running might be if you've installed posh-git and ran a Powershell session. By default (I believe - it's been a while), it'll run at the start of the session and ask for your key's passphrase. I use it every single day with this configuration as my passphrase is quite long... :-)
Something to do with having git-credential-winstore installed on your laptop?
I have set up a website with the help of a System Admin on Amazon EC2. After the work, he installed a Webmin for me to handle the things like Control Panel. Now I need to reset the password for everything to keep things secure. For this:
(a) I have changed all users password including root user from Webmin interface
(b) Change the password associated with EC2 account.
But do it need to change the password of the EC 2 instance? Or it is already changed when I edited the password of the root user from Webmin ?
No, the password of the instances are unrelated to those of the amazon passwords. You'd be better of using key pairs than passwords for this reason.
The answer given by #HirenSagar is correct.
You cannot access your webmin instance without a password.
EC2 instances dont have passwords by default.
But you can side-step that by manually setting a password and user for your webmin.
First update your apt:
sudo apt-get update
Then:
sudo /usr/share/webmin/changepass.pl /etc/webmin root yourpassword
Root is the webmin user and password is its password.
I think you should change the password of your instance it will protect your data from the hacker. Please set a strong password for your instance. A password should be a combination of uppercase letter (A,B,C,D), lowercase letter (a,b,c,d), numbers (1,2,3,4) and special character (#,#,&). A weak password is easily hacked by the hacker.
You can change the password of your instance by login into your AWS control panel:
Step 1: Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
Step 2: In the navigation pane, choose Instances and then choose the instance that needs a password reset. ...
Step 3: Choose Actions, Instance Settings, Get System Log.
Step 4: Locate the EC2 Agent entry, for example, EC2 Agent: Ec2Config service v3.18.1118.
hi u could not change password of EC2, It has a Keypair, (.pem file to convert .ppk file through putty key generator) when u created EC2 instance From Aws,
make sure you have to give SSH Assess to your ip Address From Security Group (AWS-EC2-Inbound rules) then you can SSH from putty and manage Ubuntu terminal
User name Ubuntu, pass if created that or upload ppk for open terminal,
after login,
if u wann reset or change pass of webmin
you should try this
1 sudo apt-get update
2 sudo /usr/share/webmin/changepass.pl /etc/webmin root yourpass;
3 sudo /etc/init.d/webmin restart
i want to use "plink.exe -u username -pw securepassword" on my windows visual c++ program.
will username and password remain safe while calling this command? I mean can a hacker steal or sniff the username and password? (consider hacker can't get to the password directly from the exe file)
Use SSH Keys so your program does not have to use a password directly. Even if the hacker can sniff the username, a strong password should prevent an attack.
If I had access to plink.exe (presumably running on the local box) then I could replace it with a Trojan version that logged your user/pass - but still otherwise worked as normal. Its potentially a bad idea, but then again, if I have access to the box then all bets are off.
Does the hacker somehow have access to memory but not the executable? He could certainly pull it from memory, but it's hard to know what security problems you're facing without knowing the actual situation