Keychains - security of non-login keychain

Similar Messages

• I have problem with Ultra Secure Memory Key Login Software (as non admin) hdlSrv.exe

  I have problem with a memory key lenovo 1g. Here is a Company and the Users can't be Admin. So We have a big problem. I download "KeySafe II and MyKey in Non-Admin Mode" but its not run. I found in Lenovo pag, i installed as said in the instructions but i repeat I return to be normal user and  couldn't use it in mode User! I trying and i saw that the service hdlsrv be on and run! but i can't. So  ¿are there  an archive that i can use and can use it this pendrive in Non-Admin mode?
  We have SO Wxp
  KeyLock : Ultra Secure Memory Key Login Software 1.0.3.6
  Fru 45j5923
  Lenovo 1g
  Please!!! help Mee!!
  thank u!

  Jan 2, 2008 11:49:35 AM org.apache.coyote.http11.Http11Protocol init
  INFO: Initializing Coyote HTTP/1.1 on http-8080
  Jan 2, 2008 11:49:35 AM org.apache.catalina.startup.Catalina load
  INFO: Initialization processed in 734 ms
  Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardService start
  INFO: Starting service Catalina
  Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardEngine start
  INFO: Starting Servlet Engine: Apache Tomcat/5.5.9
  Jan 2, 2008 11:49:35 AM org.apache.catalina.realm.JDBCRealm start
  SEVERE: Exception opening database connection
  java.sql.SQLException: oracle.jdbc.driver.OracleDriver
       at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:684)
       at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:758)
       at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1004)
       at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
       at org.apache.catalina.core.StandardService.start(StandardService.java:450)
       at org.apache.catalina.core.StandardServer.start(StandardServer.java:683)
       at org.apache.catalina.startup.Catalina.start(Catalina.java:537)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)
       at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)
  Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardHost start
  INFO: XML validation disabled
  Jan 2, 2008 11:49:36 AM org.apache.catalina.core.StandardContext resourcesStart

• [SOLVED] ((none)) login/tty and no keyboard after last upgrade?

  Hi,
  I dual boot and it's been a while since I last upgraded. I booted into Arch, updated everything, and used the system for a few days before rebooting (perhaps a bad call). I just rebooted today and my login prompt is like this:
  ((none)) tty1
  (none) login:
  But my keyboard does nothing. No alt+f* to get to a different terminal, no nothing. I have to hard kill the machine. I've tried twice but would prefer not to do that more than I have to. The second time, fsck didn't work so I booted into the Arch install disk and ran it manually. I tried to chroot into my Arch install and re-run pacman -Syu but got transient server failures. Not sure what all needs to be in place to try and do that, though.
  Has anyone encountered anything like this before? I get the same behavior with arch and arch fallback. I boot to login prompt, not directly to X so it's not anything to do with that, at least not that I would figure.
  So far, the only thing I've been able to find is from 2007 (LINK) but it seemed related to X. I'm going to check rc.conf next time I boot up but wanted to see if there's any other suggestions from someone more experience before I boot up again and potentially have to hard kill.
  Thanks for any thoughts/suggestions.
  Last edited by jwhendy (2010-10-26 02:53:26)

  @Knute: indeed.
  Somewhat embarrassingly, I just found out about manually maintaining *.pacnew files today when researching an unrelated issue. It made me wonder if that was my problem. Perhaps something is goofed in /etc which would explain a ton.
  I'm in OS X right now but will reboot shortly and try to fix this issue.
  The keyboard issue is troubling as well, though. Some have reported no logins, but often it's a PAM or login manager issue trying to go into X directly. I'm doing no such thing and literally can't get *anything* to work on my keyboard. That makes me wonder...
  If I were to boot into the Arch CD and try to run pacman manually... what do I have to do other than
  # mount /dev/sda3 /mnt
  # chroot /mnt
  I tried that yesterday but failed. I'm wondering if I have to mount some other items for that to work. /proc?

• Path in non-login shells

  I just installed using the 0.7-beta cd.  When running X i noticed that my path for non-login shells only includes :/bin:/usr/bin:/usr/X11R6/bin:/usr/ucb
  This really confuses me :?
  EDIT: nevermind, it seems to be fixed now.  Logging out hadnt fixed anything, but killing xdm seemed to
  EDIT #2: well the problem came back   It seems to be related to starting in runlevel 5.  If i boot in runlevel 3,login and startx, I have a proper PATH.  If i boot in runlevel 5, login through xdm, i dont have a correct PATH. Does anyone have an idea?  (I would start xdm through rc.conf but there doesnt seem to be a xdm daemon in /etc/rc.d)

  The obvious solution is to set PATH in the run configuration.
  I had done it but it didn't work for me because I had several run configurations, but I set PATH only in one of them. oops.
  I wonder if it is possible to set PATH globally in Eclipse instead of setting it in every single run configuration.

• [SOLVED]Why does .bash_profile seem tobe read in non-login shells too?

  ~/.bash_profile:
  . $HOME/.bashrc
  ~/.bashrc:
  export PATH=$PATH:$HOME/code/shell
  (irrelevant lines left out)
  (I have no ~/.profile, ~/.bash_login or * ~/.bash_logout. I have also never edited /etc/profile or /etc/bash.bashrc.)
  I've read that in a login shell (e.g. TTY1) only the former is read, which in my case sources the latter. Running "export -p" in TTY1 gives a result consistent with this:
  declare -x PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/bin/core_perl:/home/lazar/code/shell" (/home/lazar/code/shell is only listed once)
  I've also read that in a non-login shell (e.g. xterm) only the latter is read. However, when I run "export -p" in xterm or urxvt I get an unexpected result:
  declare -x PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/bin/core_perl:/home/lazar/code/shell:/home/lazar/code/shell" (/home/lazar/code/shell is listed twice!)
  This implies that ~.bashrc is read twice, perhaps because .bash_profile is read in non-login shells too, even though it shouldn't be, should it? It doesn't seem to matter really, but I can't help but wonder why...
  [EDIT]
  I've found the answer. Exports from .bash_profile are done at boot time and *remain* active while X is active. Opening a non-login shell will cause .bashrc to export as well. Hence the duplication. My solution:
  ~/.bash_profile:
  export PATH=$PATH:$HOME/code/shell
  . $HOME/.bashrc
  ~/.bashrc:
  (lines other than export commands)
  Last edited by Lazar (2011-02-14 07:57:56)

  As I wondered, I think it's a problem with passwd. I don't have a dbus entry and must have missed it when I was copying things around between my version and the .pacnew. Downloading an install disc now since I can't seem to change it from the recovery console due to mounting root read-only.
  I'd love to know of a way to boot that avoids starting dbus and other things that might break while still having read/write access to root. Will mark solved once I update /etc/passwd and reboot.

• Turning off security to none when mounting nfs server

  My server has an option that allows me to set security to none when authenticating it's clients to mount its export filesystem. However OSX doesn't like this and requires some use of uid and gid to access a mounted drive. When I go to mount I receive an 'authentication error' from the terminal. I looked into the man pages for mount_nfs and it states:
  sec=<mechanism>
  +Force a specific security mechanism to be used for the mount, where mechanism is one of: krb5p, krb5i, krb5, or sys.+
  Authentication has to be one of these. Is there any way I can hack around this and set it up so this isn't a requirement on my machine. I want the equivalent of sec=none. My linux clients mount my NAS fine. This is the only thing stopping us from setting up our environment the way we desire. Does anyone have any suggestions? Thanks.
  Message was edited by: digitalapple

  rpc-svcgssd.service - RPC GSS-API Server Daemon
  Loaded: loaded (/usr/lib/systemd/system/rpc-svcgssd.service; disabled)
  Active: inactive (dead)
  Docs: man:rpc.svcgssd(8)
  rpc-gssd.service - RPC GSS-API Client Daemon
  Loaded: loaded (/usr/lib/systemd/system/rpc-gssd.service; disabled)
  Active: active (running) since Thu 2014-08-14 16:55:15 EDT; 17min ago
  Docs: man:rpc.gssd(8)
  Process: 253 ExecStart=/usr/bin/rpc.gssd $GSSD_OPTS (code=exited, status=0/SUCCESS)
  Main PID: 257 (rpc.gssd)
  CGroup: /system.slice/rpc-gssd.service
  └─257 /usr/bin/rpc.gssd
  Aug 14 16:55:14 home systemd[1]: Starting RPC GSS-API Client Daemon...
  Aug 14 16:55:15 home systemd[1]: Started RPC GSS-API Client Daemon.
  Aug 14 17:07:54 home rpc.gssd[637]: ERROR: Key table file '/etc/krb5.keytab' not found while beginning keytab scan for keytab 'FILE:/etc/krb5.keytab'
  Aug 14 17:07:54 home rpc.gssd[638]: ERROR: Key table file '/etc/krb5.keytab' not found while beginning keytab scan for keytab 'FILE:/etc/krb5.keytab'
  Aug 14 17:07:54 home rpc.gssd[638]: ERROR: Key table file '/etc/krb5.keytab' not found while beginning keytab scan for keytab 'FILE:/etc/krb5.keytab'

• Flash causes "page contains secure and non-secure..."

  Hi All,
  I have a flash menu on my web store .php pages and am getting
  a "this page contains secure and non-secure items..." in IE7 in
  Vista. I think this is because of the Flash menus, but thought I
  had taken care of this by making the codebase embedding to
  "https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0"
  Any suggestions on how to deal with this?
  Thanks, Scott

  Thanks so much ShadowKnyte for the reply. Turns out it wasn't
  the Flash menu, after all, as it did have the embedding links set
  to https. In fact, it was my Google analytics call at the end of
  the page. It needed to be changed to:
  <script src="https://ssl.google-analytics.com/urchin.js"
  type="text/javascript"></script>
  In case that helps anyone else out.
  Cheers, Scott

• Disable Security  Alert while redirecting for secure to non secure mode.

  Hi Experts,
  I am new to the portal and came accross a very different kind of requirement for which i need you advice.
  On pressing the Logout button on the portal, the navigation/control is redirecting to the non secure Http website. My portal is on Https site. Now the issue is upon logging out I am getting the security Alert " You are about to direct to a connection that is non secure. Do you want to continue? "
  Now I have a requirement to suppress or remove this pop up. I do understand that this is the IE functionality to show the pop message and I have already uncheck the check box under Internet Options -> Advanced -> miscellaneous -> Warn if changiung between Secure to non secure.
  Please suggest !
  Thanks
  Shobhit Taggar

  Shobhit,
  Which version of IE?
  Regards,
  Sandeep Tudumu

• Disable security Alert while redirecting from secure to non secure mode

  Hi Experts,
  I am new to the portal and came accross a very different kind of requirement for which i need you advice.
  On pressing the Logout button on the portal, the navigation/control is redirecting to the non secure Http website. My portal is on Https site. Now the issue is upon logging out I am getting the security Alert " You are about to direct to a connection that is non secure. Do you want to continue? "
  Now I have a requirement to suppress or remove this pop up. I do understand that this is the IE functionality to show the pop message and I have already uncheck the check box under Internet Options -> Advanced -> miscellaneous -> Warn if changiung between Secure to non secure.
  Please suggest !
  Thanks
  Shobhit Taggar

  Shobhit,
  Which version of IE?
  Regards,
  Sandeep Tudumu

• Problem using Implementing Remote Panel Security with a Login Example Guide

  I'm having issues implementing a Remote Panel protected by username and password using this NI guide:
  Implementing Remote Panel Security with a Login Example
  Remotepanellogin.zip
  After login process using Login.vi, if the user has the right password, his IP will be included in the Webserver allowed access list and the user can open the web site which hosts the Main.vi. Ok.
  But if the user doesn't have the password, his IP will be denied!
  Here is the problem: Will his IP be denied at all including Login.vi? 
  I can't block access to Login.vi because even if the user entered a wrong password, he can still try login again....
  How can I configure a type of Allowed and Denied table using Webserver properties? For example:
  IP: 10.0.0.2 - Login.vi (allowed) - Main.vi (allowed) -> User entered a right password
  IP: 10.0.0.3 - Login.vi (allowed) - Main.vi (denied) -> User entered a wrong password
  Note: Login.vi must be visible and accessible always.
  These are the Implementing Remote Panel Security with a Login Example instructions:
  After you configure the VIs with the Web Publishing Tool, browse to the Remote Panel Login VI and run it. When this VI runs, LabVIEW gives remote panel access to all users, but they can view and control only this VI.
  If a user successfully logs in by supplying the Username of NI and password of labview (both are case sensitive) then LabVIEW gives remote panel access to the IP address specified in the Remote Panel Login VI only. That user can then browse to and run the Main VI.
  Thanks in advance!
  APrado
  Message Edited by APrado on 04-01-2009 08:21 AM

  I'm thinking about using the option Reentrant Execution (VI property > Category > Execution).
  Could anyone help me?
  Thanks.

• Autounlock non-Login keychains on login

  The Login keychain gets unlocked automatically on login, if it has the same password as my login password.
  Is there a way to have another keychain behave the same, aka. getting unlocked automatically when I login?
  Setting the password of this other keychain to my login password doesn't work. Also unchecking the lock after xxx minutes or lock on sleep checkboxes doesn't make the keychain unlocked automatically after a reboot or logout/login, it only helps in that I have to unlock this keychain on once.
  Any tip is appreciated.
  Peter

  Hello Sergo,
  Thank you for your reply.
  my computer name is localhost.
  It's a standalone XP pro laptop and I connect with internet via wireless connection. It's not connected with  any Local Network.
  Here's how my host file looks like
  Copyright (c) 1993-1999 Microsoft Corp.*
  This is a sample HOSTS file used by Microsoft TCP/IP for Windows.*
  This file contains the mappings of IP addresses to host names. Each*
  entry should be kept on an individual line. The IP address should*
  be placed in the first column followed by the corresponding host name.*
  The IP address and the host name should be separated by at least one*
  space.*
  Additionally, comments (such as these) may be inserted on individual*
  lines or following the machine name denoted by a '#' symbol.*
  For example:*
       102.54.94.97     rhino.acme.com          # source server*
        38.25.63.10     x.acme.com              # x client host*
  127.0.0.1       localhost*
  192.168.1.101    localhost
  By default IP was 127.0.0.1       localhost
  but I changed it to 192.168.1.101    localhost  as this IP was in my TCP/IP properties, did I do it correct?
  I've Kaspersky Antivirus running and Windows Firewall on. I'm going to try disable both and restart.
  Can you please tell me how to check event log in my XP machine.
  Thanks for your time
  Asif

• Ajax Login both secure and non secure url

  Does anyone know if there is a way to use ajax to log a user in for both the non secure and secure url. Normally if you're submitting a log in form over the secure url with the non secure url in the referrer parameter it will log you in on both domains but not via ajax. Anyone have a good work around?

  Here’s the code I’ve used…
  {% if Settings.Site_Live -%}
  {% assign redirectHTTP = "" -%}
  {% assign redirectDOMAIN = Settings.Site_URL -%}
  {% assign redirectEXTEND = "" -%}
  {% else -%}
  {% assign redirectHTTP = "http%3a%2f%2f" -%}
  {% assign redirectDOMAIN = Settings.System_Name -%}
  {% assign redirectEXTEND = ".fueldesign.co.nz" -%}
  {% endif -%}
  {% capture redirectURL -%}{{redirectHTTP}}{{redirectDOMAIN}}{{redirectEXTEND}}{% endcapture -%}
  <form class="form--box escapeWorldSecureSystems" method="post" action="https://{{Settings.System_Name}}.worldsecuresystems.com/ZoneProcess.aspx?ZoneID=51&amp;Referrer={{ redirectURL}}&amp;OID=&amp;OTYPE=" data-parsley-validate>
  Note: I have a Settings collection that has a lot of data from a Settings web app that controls a lot of settings for the website, such as “Site_Live” checkbox etc. this allows my sign-ins to be generic and editable site to site.
  And here’s the development URL where I’m working on this. (don’t just my site during development stage lol)
  http://astrolift.fueldesign.co.nz/ <http://astrolift.fueldesign.co.nz/>
  username: dev
  password: dev123
  Hopt this gives you some inspiration.
  Let us know if you get the ajax working.
  Cheers guys

• HUGE SECURITY HOLE IN LOGIN FROM SCREEN SAVER

  One of the options in the security panel permits a user to require that a username and password be entered to login once the screen saver locks your account.
  The option is "Require password to wake this computer from sleep or screen saver"
  Although one would assume that the credentials required to wake the computer is the username/password of the account that was being used when the computer went into sleep mode or the screen saver. WRONG!!! Anyone with an account on the machine can enter their username/password and wake the computer and voila that user now has control of the machine as the former user. That's right you guessed it HUGE security hole.
  Anyone thinking that they can wake away from their machine and have the screen saver or sleep mode protect their account after a specified period of time is sadly mistaken. Anyone with an account on the machine can enter their own username and password and drop right into your account right where you left off.
  Can you believe this stuff? No warning, no release note to tell you of such a poorly designed "security" option.
  Apple please fix what must have been an oversight or at least tell people about this intentional design BEFORE they find anyone can wake the computer and become you as a user.
  Thanks,
  JH

  jonathan_2005 wrote:
  One of the options in the security panel permits a user to require that a username and password be entered to login once the screen saver locks your account.
  The option is "Require password to wake this computer from sleep or screen saver"
  Although one would assume that the credentials required to wake the computer is the username/password of the account that was being used when the computer went into sleep mode or the screen saver.
  Never assume
  WRONG!!! Anyone with an account on the machine can enter their username/password and wake the computer and voila that user now has control of the machine as the former user. That's right you guessed it HUGE security hole.
  Anyone with a standard user account? Are you quite sure?
  Anyone thinking that they can wake away from their machine and have the screen saver or sleep mode protect their account after a specified period of time is sadly mistaken. Anyone with an account on the machine can enter their own username and password and drop right into your account right where you left off.
  I never think that way. A more secure lock is ensured by using the screen lock feature of the keychain.
  Can you believe this stuff?
  Not sure what stuff you refer to.
  No warning, no release note to tell you of such a poorly designed "security" option.
  Would you believe that anyone can access your computer? Stolen computers are regularly started up without much problem.
  Apple please fix what must have been an oversight or at least tell people about this intentional design BEFORE they find anyone can wake the computer and become you as a user.
  You are writing to other users like yourself here, not Apple.
  I also presume you are new to the Mac world.

• Problem with automatic logout between secure and non-secure urls

  On my business catalyst page the user login page is located on a non secure url (our site's domain and not worldsecuresystems). When a user is logged in and then views a page on a secure url (i.e. a page to purchase a subscription to a secure zone) it does not retain their login cookie and it appears they have been logged out. This also creates a problem where I cannot pre populate the secure zone purchase form with a user's information based on their account details. Is there a way to retain have both domains recognize the user is logged in to allow the user to freely pass between these domains without having to login twice? I was considering putting the login page on the secure domain and using relative urls for all my links but for some reason some of my pages appear corrupt when viewed on the worldsecuresystems domain so I'd like to avoid this method. Any help would be appreciated.

  Make sure the referrer paramter is correctly set on the form.
  This is the default BC action. But remember the {module_siteurl} will return the host they are currently on. So if this is used on a secure page you'll need to use {module_sitehost} instead
  action="{module_secureurl}/ZoneProcess.aspx?ZoneID=-1&amp;Referrer={module_siteUrl,true,true}&amp;OID={module_oid}&amp;OTYPE={module_otype}">

• Webservice get/send securely in non-secure shell?

  Hey all,
  Perhaps I'm btiing off things a bit too complicated for someone who has never used FLEX before, but I've got to do some research and then build a mock sample for the company I work for.
  What we're trying to do is allow users to login via flex to their account w/o ever leaving the current page they're viewing. Currently they are taken to another area and system altogether so as to jump from the non-secure to secure server.
  So the plan is to just click the login button and stay right there the whole time for a seamless experience. I had asked if this was possible at all previously and heard about the SecureHTTPChannel method as well as the SecureAMFChannel one.
  I have gotten Flex to see our wsdl and pull a string of data via the WebService function, throw it in a DataGrid, but honestly have no clue whatsoever where to even start moving towards now in order to get to the intended goal mentioned above.
  Can someone please help point me in a general direction as to what needs to happen and what general methods need to be employed to get there? Thanks for any help!

  This is related to the URL bar autofill feature. Please see these threads:
  * [https://support.mozilla.org/en-US/questions/933563 typing in url for my company website sends it to https index page in Firefox, but not IE or Chrome, and the behavoir is not wanted]
  * [https://support.mozilla.org/en-US/questions/933470 After updating to 14.0.1 Firefox will force https on websites. How do I fix?]