Today I've restarted my computer (running Windows Vista) and when it went up again, it showed a Windows log-in screen. This screen has never appeared before (for almost 4 years now. Windows is original, came with the laptop.
On the screen I had 2 options to enter with: PC-Name (let's call it Johnny) and "Privileged Server". Both of them are asking for password.
Now I don't think that I had ever set a password for my account, nor did it ever ask me to use one, in order to start Windows.
A few tries of my frequently used password, including some "easy" / default passwords such as 1234, admin, 1-9, and so on, were futile.
I am not able to enter my Windows at the moment.
What I suspect happened, is that Cygwin is somehow the cause for it.
Last week I tried to install Hadoop on my Windows, and I followed the Apache tutorial, which instructed to start sshd service on the computer (which is done with Cygwin). during the process of starting that service, there have been some steps that could have messed up the windows account. (setting RSA password / phraseless RSA thingie / whatever)
It also said in the middle, something about problems with the "accounts in the system".
I am sorry I can't be more informative about it, but these commands, among others, were used:
$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
I can't find the exact tutorial(s) I've been working according to, but this one has some stuff I did: oracle docs
the relevant steps are under the headline "Configuring SSH After Installing Cygwin", steps 1-4
Any help will be appreciated
Look for cyg_server in your registry and get rid of it. You will need it, however, if you're doing sshd with cygwin.
Related
I installed docker machine, and then created a new docker-machine on Windows 10.
Now I run ls to see the list of docker machines.
Now I run the following command
docker-machine start hypervdockermachine
Now I am stuck at this
Waiting for SSH to be available...
Too many retries waiting for SSH to be available. Last error: Maximum number of retries (60) exceeded
I have seen the git hub issue here, but not clear what to do.
Is there a way to solve this problem? I am not good at ssh
UPDATE
I just found a workaround.
You can run the above commands with git bash.
Most important, you must run git bash as admin. Else you will end up scratching your head.
Even the basic
docker-machine ls
will not show up anything without being an admin.
Finally if you are seeing the following error
Unable to query docker version: Get https://192.168.0.105:2376/v1.15/version: x509: certificate signed by unknown authority
Then you have to look at this issue.
docker-machine regenerate-certs yourdockermachinename
If needed user --force option
I got into the same problem after I moved .docker to partition D: and created a symlink to C:\Users\username\.docker, following this SO answer. I removed the old machines and configured new ones, and tried to regenerate the certs as suggested in the OP workaround but the problem was not solved.
After googling, I found this OpenSSH wiki page
and suspected that the cause of the problem was related to permissions.
So I could solve the problem by trying two different things:
Delete .ssh (source)
fix permissions to D:\path\to\.docker, allowing only SYSTEM, Administrators and my user to have full control access (source). These permissions were the same defined for .docker when it was under C:\Users\username\, but moving the folder to another partition made it inherit different permissions. To avoid dealing to much with it, I keep inheritance enabled changed the permissions directly in D: rather than in .docker folder.
I can't figure out why it is taking a long time to ssh into any vm I create on openstack. Once I am finally logged into the vm, things seem to be running just fine and not slow. But When I try to ssh into the vm it takes about 45 seconds to a minute to prompt me for a password to log in. After I type in my password it logs right in with no delay.
I used kolla 5.0.0 to deploy openstack on one control node and one compute node both running Centos 7. Everything seems to work well but the ssh login just takes too long.
I tried changing the option UseDNS to equal "no" in /etc/ssh/sshd_config on the VM cause I have seen this online as a possible "fix" but this did not fix it for me. It still takes a while to log in, however, it does seem to login about 8 or 10 seconds faster with UseDNS set to "no". But waiting 30 plus seconds to login is still not good enough.
Any suggestions on why this could be happening or how I can trouble shoot this?
Slow SSH in not an issue in Kolla. Adding the following in the VM and restarting the SSH service should fix it:
Add UseDNS no to /etc/ssh/sshd_config
Add GSSAPIAuthentication no to /etc/ssh/sshd_config
If SSH login is still slow, try adding GSSAPIAuthentication no in $HOME/.ssh/config on the client side too from where you are SSH'ing from.
Also, SSH response time depends on how far you are SSH'ing from into the VM.
It could still be a DNS related thing. When I'm faced with this, I normally set
GSSAPIAuthentication no
again, in /etc/ssh/sshd_config.
I have a build box, which I use to make continuous builds as well as run nightly unit tests. I'm using Jenkins to do by builds/unit test scripts, which is running on a windows box because our compiler is windows based.
One of our enterprise solutions uses Python code with rabbitmq for exchanging messages for syncing specific database tables over a faulty network. I have unit tests to help verify that updates are happening correctly.
In order to unit test the Python updates, I need to be able to stop some services running on my Linux box, then restart them after I update the python code. I setup a key exchange between my Windows box and Linux box, so that I don't have to put a password in the batch script.
When I'm remoted into the windows box, I can successfully run the batch file, which uses plink commands which rely on the key exchange and putty's pageant (which is running in the background). e.g. I use plink to execute commands on the Linux box from command line in my batch file. However, when I try to run the batch file from Jenkins, the batch file doesn't work properly because it is prompted for the SSH password when trying to run the plink commands.
I believe my current issue can be summarized by two issues, which I'm hoping can be verified and rectified:
I think Jenkins may be running as a different user or using different system credentials so it's not able to connect like the logged in user can. If this is the case, what would I need to do, to get it so that Jenkins can run the plink commands properly without being prompted for the password.
Pageant looks like it needs to get a password typed in every time the computer restarts. My research unearthed ways to put Pageant in startup, so you get prompted when you first login, but I need this to be automatic, like how I can on Linux boxes. If Windows reboots because of a Windows update, then the unit tests would fail as they won't be able to connect to the Linux server. Sure this only happens once a week, but over the course of a year it'll be very annoying.
What can I do to solve the above two issues? If there is a good alternative to putty for the automatic key exchange between Windows and Linux, I'd be interested in hearing about it (I would prefer to stay away from Cygwin with OpenSSH, but might go down this route if the above can't be rectified).
I use plink on my Windows Jenkins box to communicate with Linux on daily basis, there is no problem with it.
Like you theorized, Jenkins runs under it's own user (Windows default, I think, is SYSTEM user), which is different than your logged in session, even if you login as Administrator. Your authentication key is stored in your (Administrator or otherwise) profile directory
What you need to do is use Pageant to export your key as ppk file, then supply the path to this ppk file with plink:
plink -i "C:\path\to\id.ppk"
Looks like there is a simpler way to do what I'm trying to do, Jenkin's plugin https://wiki.jenkins-ci.org/display/JENKINS/Publish+Over+SSH+Plugin
I have Webmin installed on 5 or 6 servers but a few months back decided to install two-factor authentication for logging into Webmin using Google Authenticator app on my phone.
To my surprise, I lost all my tokens in the Google Authenticator app when I changed phones. This actually happen to me twice. I have rebuilt everything everywhere else but can no longer log into Webmin on this one server.
I tried searching Google to death but no answers. I tried uninstalling Webmin and re-installing using RPM.
After re-installing Webmin it just keeps the same settings which means I still need the Google Auth token which is no longer on my phone.
Any ideas?
Should I try to break the Oauth module I think it needs to work or will this cause me more problems?
Fond this here:
http://sourceforge.net/p/webadmin/discussion/600155/thread/512d81e9/
Go into this file /etc/webmin/miniserv.conf, delete this line:
twofactor_provider=totp
And, in /etc/webmin/miniserv.users, there is this line.
root:x:0:::::::0:0:totp:HBL7W4RTG8T6FG8W:
I just deleted the totp so the line read:
root:x:0:::::::0:0::HBL7W4RTG8T6FG8W:
Saved the file and restarted webmin: service webmin restart.
I could then log back in with un/pw and generated my QR code.
Even Simpler Fix:
0:0:totp:HBL7W4RTG8T6FG8W:
The "HBL7W4RTG8T6FG8W" between the colons is your KEY for Google Auth!
When using Google authenticator you can enter a KEY or use QR Code. Just create a new Google auth account and use THAT KEY.
DONE! No need to restart anything.
Enjoy!
C0l. P.
Run the following to remove two factor authentication:
sed -i 's/totp//g' /etc/webmin/miniserv.users
sed -i '/twofactor_provider=totp/d' /etc/webmin/miniserv.conf
/etc/init.d/webmin restart
I realise this is a little late but I thought I'd post it nonetheless for anyone who is interested.
The entry in /etc/webmin/miniserv.users should be a TOTP secret in Base32 format.
So to log in simply run :
oathtool --totp -b 'SECRET' -v
Where SECRET is the code between the quotes and it will spit out your Two-factor token enabling you to log in.
The -b says your giving it the SECRET in Base32 (Hex is the default).
Then goto "Webmin->webmin Users" to disable TFA and re-enable it in the normal way.
Or if you want, you can use "qrencode" to re-create your google-authenticator setup without having to change the secret (handy if a group are sharing the same SECRET ...bad idea!! but this will save your bacon if one of you gets locked out).
$ qrencode -o ~/.totp-key.png "otpauth://totp/?secret=BASE 32 SECRET&issuer=Your name, etc."
NB. "oathtool" using the -v option allows you to see the SECRET in both Base32 and HEX so you can use either as necessary to setup any TFA app.
Also ensure that the machine you use has it's time sync'd correctly!
QED.
I disabled 2FA, then I was unable to login, not only from webmin from ssh with password as well.
I applied #Todd 's advice, after restarting webmin I was totally unable to see the main login page.
Luckily I had some other session already open. I used the command below to change the password for root user, restarted webmin, all was ok.
/usr/share/webmin/changepass.pl /etc/webmin root myNewPassword
Note: Apply at your own risk. I had backups, so I did not need to worry. My server OS is Ubuntu 14.04
I develop using MAMP pro on my Mac. When I start MAMP it prompts me for a password if I use port 80. If I use a higher port it doesn't prompt me, but I have to append the port number in the URL ( eg dev.local:8888 ).
Does anyone know how to make it not prompt for password when using standard ports?
Thank you.
I've put together an app that allows you to start/stop MAMP's Apache and MySQL without the password request, even on port 80. It stores the password in Keychain, so you only need to enter it once. It has a nice icon too!
Download: http://www.46palermo.com/blog/run-mamp-without-password-easy-way/
According to a living-e rep they are considering adding an option to store the password in the keychain:
http://forum.webedition.de/phpBB/viewtopic.php?f=4&t=5517&p=12019
Update: I pestered Living-e support and got them to add it as a feature request to their bug tracker. The link is here: http://qa.living-e.de/tracker/view.php?id=3648 (requires registration) if you want to follow it.
Another update: Still following this issue. Looks like living-e moved their bug tracker, the new link to this issue is:
http://bugs.mamp.info/view.php?id=3652
It's in German but the Google translation is:
When will start and stop the server in
each case the admin password is
required if port is used as low-1024th
If we could get the password from the
OS X Keychain / keyring, allowed
themselves to avoid annoying popup
ads.
Or a German speaker's translation is:
When the Server starts/stops it will ask for the admin password each time.
If it could get the password from OS X Keychain / Keyring, the annoying popup could be avoided.
As found on Macworld and already mentioned by Tom in the other answer there is a way with applescript! Downside is you have to save your user credentials in plain text.
Open AppleScript Editor
Enter the following code replacing YOURPASSWORD and YOURUSERNAME with your user credentials
Save it as application. You might tick run-only to prevent other users from reading the plain text as a small security measure
do shell script "/Applications/MAMP/bin/startApache.sh &" password "YOURPASSWORD" user name "YOURUSERNAME" with administrator privileges
do shell script "/Applications/MAMP/bin/startMysql.sh > /dev/null 2>&1"
There might be an issue with the correct file path as MAMP apparently changed startmySQL.sh to startMysql.sh in some version, so double check if it's not working!
You can put the new application in the Login Items (System Preferences -> Users & Groups -> Login Items), so the Apache server and MySQL start automatically without even showing up the MAMP-App at startup (silent start).
In response to the commands that were posted:
1) Run MAMP on port > 1024
Running all of the servers on MAMP (nginx, apache, mysql) with port ranges above 1024 allows the Mac OS X account you logged in with to launch the services, so you will not be asked for a password in this instance. Any server that runs below port 1024 requires root privileges when being executed.
2) chmod -R a+w /tmp
This command would recursively go through all files and sub folders in /tmp and make them writable for the current user. When MAMP launches, servers create temporary files in this directory.
Also if you decide you want to run the servers below port 1024 and want a solution with applescript that does not store the password in plain text then see this link applescript password with keychain
I'm now using these two applescripts to start/stop MAMP, you can save startup script is a login item so it's always up when I boot. It does mean storing your password in plain text, as Im the only one using this machine I can live with it, better than typing in my password at least three times a day.
I bind apache to port 8080 and then use port forwarding from 80 to 8080
sudo ipfw add 100 fwd 127.0.0.1,8080 tcp from any to any 80 in
Works for me, but I'm working on making the above script permanent. So far, nothing I've tried sticks, so I just run the command above in terminal after restarting. But you can then freely start and stop MAMP without a password and use a URL without :8080 or :8888.
Its a security issue, and MacOS with its UNIX heritage like security (=Good Thing). That's why MacOS asks for passwords all the time. Not much you can do about it as far as I know.
1) Run MAMP on port > 1024
2) chmod -R a+w /tmp