Solved

Prevent logging into Linux Ubuntu 12.04 without password

Posted on 2013-05-12
9
554 Views
Last Modified: 2013-05-24
I have just set-up a new web server using Ubuntu 12.04 and configured it to allow remote connections so that I will be able to configure the machine remotely.  One thing that I have noticed is that for some reason, I am able to connect to the console session of the machine without a password.  This is not good.  If I can connect without a password, that means someone else can.

What do I need to change to make sure that users cannot login to the Linux Ubuntu 12.04 web server without using a password?

Thanks.
0
Comment
Question by:DanielAttard
  • 5
  • 3
9 Comments
 
LVL 21

Expert Comment

by:Mazdajai
Comment Utility
How to connect to session? What account?
0
 

Author Comment

by:DanielAttard
Comment Utility
I changed the security setting to confirm each access to the machine.  Without this setting checked off, I seemed to be able to connect to the console session of the machine without specifying any account or password.
0
 
LVL 21

Expert Comment

by:Mazdajai
Comment Utility
Sorry, I am not following what you mean by remote connections - do you mean remote desktop into the server without a password? Can you post a screenshot?
0
 

Author Comment

by:DanielAttard
Comment Utility
What I was talking about were the Desktop Sharing Preferences.  I did not realize the security implications of allowing others to view the desktop, but checking the box to "Confirm each access to this machine".  Without that checkbox, I was permitting unrestricted access to the box which was obviously a bad thing.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 21

Expert Comment

by:Mazdajai
Comment Utility
Under Remote Desktop Preferences, have you set a password under the security section?

Is there a reason you want to use remote desktop instead of ssh?
0
 

Author Comment

by:DanielAttard
Comment Utility
The only reason I am using remote desktop is because I am not comfortable enough to do everything I need to do from the command line with ssh.   I want to be able to use the GUI.
0
 
LVL 27

Accepted Solution

by:
serialband earned 500 total points
Comment Utility
Just a note:

I believe that the Ubuntu Remote Desktop is plain old VNC which is not encrypted.  It shouldn't be used over the general internet because the password is sent in plain text.  You should only use the VNC tools on a local subnet you trust.  There are other ways to connect that are safer.  Use ssh with -X (capital X) to forward X11 and you can start your GUI tools remotely over an encrypted channel.  Or install nomachine, which uses ssh, & use the nxclient to connect.

It's good to have the GUI at the beginning, but don't rely it on it for everything.  It's good for the one off setting when you're a beginner.  There's a lot of things that can be more quickly done once you learn to script them on the command line, especially if you have a lot of systems to manage.
0
 
LVL 21

Expert Comment

by:Mazdajai
Comment Utility
Can you post your remote desktop setting?
0
 
LVL 21

Expert Comment

by:Mazdajai
Comment Utility
It sounds like you did not have password set on the remote control / view section. Need to check on my lab machine.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now