How to install Radius Manager 4 in CentOS 7

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 class="entry-title" style="background-color: white; border: 0px; clear: none; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 1.7em; line-height: 1.2em; margin: 0px 0px 10px; outline: 0px; padding: 0px; vertical-align: baseline;"> <u><span style="color: red;">Install Radius Manager 4 in CentOS 7 </span></u></h1> <div style="text-align: center;"> <span style="color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;"><b><u>DMA Radius Manager billing system</u></b></span></span></div> <div style="text-align: center;"> <span style="color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;">Overview</span></span></div> <div> <span style="color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;"><br /></span></span></div> <div> <span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;"><b>DMA Radius Manager </b>is a easy to use administration system for <b>Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS</b> devices and <b>DOCSIS CMTS</b>. It provides centralized authentication, accounting and billing functions.</span></span></div> <div> <span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;"><br /></span></span></div> <div> <span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;">Feature overview:</span></span></div> <div> <span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;"><br /></span></span></div> <div> <ul style="text-align: left;"> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>RADIUS </b>and <b>DOCSIS </b>account support</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Traffic accounting</b> (RADIUS)</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">Prepaid and postpaid <b>billing</b>, <b>invoicing</b></span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">Linux mailbox account <b>synchronization</b></span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">Supporting multiple <b>NAS</b>, <b>CMTS </b>and <b>AP </b>devices</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Payment </b>tracking</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Financial </b>reports</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Prepaid card</b> system</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Instant Access Service system</b> (IAS)</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Online payment gateway</b> support (PayPal etc.)</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Connection Tracking System (CTS)</b></span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">Wireless and DOCSIS <b>signal monitoring</b></span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">Account<b> self registration</b> option</span></li> <li><span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><b>Automatic </b>expired account <b>disconnection </b>(RADIUS, DOCSIS)</span></li> </ul> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcPt9LwV82eqENFxRlJpAxDkJfO3K_mTne2s8V2bLktDZQ_3pXw2Ul6pb4aiyse7DFO42uvnzCU2Dofdz_e6EFvaDoi7fXcK88l5z05Ytjqu4mY0vCT9iH3IHyYSJic4gIA_0VHp7OJlyy/s1600/DMA+Radius-Manager-www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcPt9LwV82eqENFxRlJpAxDkJfO3K_mTne2s8V2bLktDZQ_3pXw2Ul6pb4aiyse7DFO42uvnzCU2Dofdz_e6EFvaDoi7fXcK88l5z05Ytjqu4mY0vCT9iH3IHyYSJic4gIA_0VHp7OJlyy/s1600/DMA+Radius-Manager-www.hackthesec.co.in.jpg" /></a></div> <div> <span style="font-family: "palatino linotype" , "book antiqua" , "palatino" , serif;"><span style="font-size: 17.1px; line-height: 25.65px;"><br /></span></span></div> <div> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> <strong style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Initial Prerequisites:</strong></div> <ul style="background-color: white; border: 0px; clear: left; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin: 0px 0px 1.5em 3em; outline: 0px; padding: 0px; vertical-align: baseline;"> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><a href="http://www.hackthesec.co.in/search/label/centos7" target="_blank">CentOS 7</a> (64 bit preferred)  – Downloadable from <a href="http://www.centos.org/" style="border: 0px; color: #0059b2; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" target="_blank">CentOS Official website</a> – CentOS-7.0-1406-x86_64-DVD.iso</li> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Radius Manager 4.1.6 – Downloadable from customer portal of DMA Softlab.</li> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Radius Manager License Files – lic.txt and mod.txt – Downloadable from customer portal of DMA Softlab after purchase or trial.</li> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><div style="border: 0px; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> Note: If you need to change MAC for CentOS 7 please refer to my tutorial <a href="http://www.hackthesec.co.in/2016/02/how-to-change-mac-address-in-centos-7.html" style="border: 0px; color: #0059b2; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;" target="_blank">here</a>.</div> </li> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><h2 style="color: #111111; font-family: Arial, 'Helvetica Neue', Helvetica, sans-serif; font-size: 20px; font-stretch: normal; font-weight: normal; line-height: 32px; margin: 41px 0px 14px; padding: 0px; word-wrap: break-word;"> <a href="http://www.hackthesec.co.in/2016/01/how-to-install-epel-repo-on-centos-and.html" target="_blank">How to install RHEL EPEL repository on Centos 7.x or RHEL 7.x</a></h2> </li> </ul> <div> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> <strong style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Update: <span style="border: 0px; color: red; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Some users are facing yum repo issues after installing epel</span></strong>. To solve that:</div> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> 1. nano <b>/etc/yum.repos.d/epel.repo</b></div> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> 2. Replace https with <strong style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">http</strong>.</div> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> 3. Save and exit.</div> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> 4. yum repolist. Verify installation is successful.</div> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> 4. Issue yum update</div> <h3 style="background-color: white; border: 0px; clear: none; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; line-height: 1.2em; margin: 0px 0px 10px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="color: red; font-size: large;"><u> Steps to install Radius Manager 4 in CentOS 7</u></span></h3> <ol style="background-color: white; border: 0px; clear: left; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; line-height: 25.65px; margin: 0px 0px 1.5em 3em; outline: 0px; padding: 0px; vertical-align: baseline;"> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">After you clean install CentOS 7 with proper NIC MAC Address configured, install nano for editing the configuration files.</li> </ol> <div> <div style="background-color: white;"> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: lime;">yum install update </span><span style="color: white;">yum install nano</span></span></span></pre> <div style="color: #333333; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <ol style="border: 0px; clear: left; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin: 0px 0px 1.5em 3em; outline: 0px; padding: 0px; vertical-align: baseline;"> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><div style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter nogutter notranslate bash" id="highlighter_624557" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow: auto !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 561.703px;"> <br /></div> </div> </li> <li style="border: 0px; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Disable SELinux by editing the following and changing SELINUX=disabled</li> </ol> <span id="more-643" style="border: 0px; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span><br /> <div style="border: 0px; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin-bottom: 0.9em; outline: 0px; padding: 0px; vertical-align: baseline;"> </div> <div style="border: 0px; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter nogutter notranslate bash" id="highlighter_893992" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow: auto !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 561.703px;"> <div class="toolbar" style="background: rgb(108, 226, 108) !important; border-radius: 0px !important; border: none !important; bottom: auto !important; box-sizing: content-box !important; color: white !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 10px !important; height: 11px !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; min-height: auto !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: absolute !important; right: 1px !important; top: 1px !important; vertical-align: baseline !important; width: 11px !important; z-index: 10 !important;"> <span style="border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div> </div> </div> </div> </div> </div> </div> </div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">nano /etc/sysconfig/</span><span style="color: orange;">selinux</span></span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">3. Stop and disable CentOS 7 firewall. If you want to use firewall then you need proper configuration for allowing radius requests and reply messages.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: yellow;">systemctl status firewalld </span><span style="color: white;">systemctl stop firewalld </span><span style="color: lime;">systemctl disable firewalld</span></span></span></pre> <div style="background-color: white; border: 0px; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; font-size: 17.1px; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter nogutter notranslate bash" id="highlighter_450478" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow: auto !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 561.703px;"> <div class="toolbar" style="background: rgb(108, 226, 108) !important; border-radius: 0px !important; border: none !important; bottom: auto !important; box-sizing: content-box !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 10px !important; height: 11px !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; min-height: auto !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: absolute !important; right: 1px !important; top: 1px !important; vertical-align: baseline !important; width: 11px !important; z-index: 10 !important;"> <span style="border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div> </div> </div> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">4. Install EPEL Repo.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;">rpm -ivh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm</span></span></pre> </div> <div> <span style="color: white; font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><br /></span></span></div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">5.Install all other dependencies.</span></div> <div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;">yum install mc wget crontabs make gcc libtool-ltdl curl mysql-devel net-snmp net-snmp-utils php php-mysql php-gd php-snmp php-process ntp sendmail sendmail-cf alpine mutt mariadb-server mariadb php-mcrypt cronie wget phpmyadmin net-tools psmisc</span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">6.Install libraries</span></div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">yum install </span><span style="color: lime;">glibc.i686 libgcc_s.so.1</span></span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">7.Start and configure MariaDB (replacement from MySQL) services.</span></div> <div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">systemctl start mariadb.service systemctl enable mariadb.service </span><span style="color: lime;"> mysql_secure_installation</span></span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">8.Start httpd.</span></div> </div> <div> <br /></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">systemctl start </span><span style="color: lime;">httpd.service</span><span style="color: white;"> </span><span style="color: orange;"> systemctl enable httpd.service</span></span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">9.Allow phpmyadmin access.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: white;">nano /etc/</span><span style="color: lime;">httpd/conf.d/phpMyAdmin.conf </span><span style="color: white;"> After That ============ Comment out the <Directory “/usr/share/phpmyadmin”> stanza using ‘#’ Then add: <Directory /usr/share/phpMyAdmin/> Options none AllowOverride Limit Require all granted </Directory> Save and exit</span></span><span style="color: white;"> </span></span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">10.Change authentication of phpmyadmin.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: white;">nano /etc/phpMyAdmin/</span><span style="color: lime;">config.inc.php </span></span><span style="color: white;"> </span></span></span><pre style="background-attachment: scroll; background-clip: initial; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><span style="font-size: large;">After That</span></span></span></pre> <span style="color: white; font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"> <span style="font-size: large;">change the authentication in phpMyAdmin from cookie to http – $cfg[‘Servers’][$i][‘auth_type’] = ‘http’; </span></span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">11.Check php version.</span></div> </div> <div> <br /></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: orange; font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;">php -v </span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">12.Download ioncube loaders.</span></div> <div> <br /></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: orange;">wget </span><span style="color: white;">http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz</span></span></span></pre> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">13.Extract the ioncube package.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: lime;">tar -xvzf</span><span style="color: white;"> ioncube_loaders_lin_x86-64.tar.gz</span></span></span></pre> <div style="background-color: white; border: 0px; color: #333333; font-family: 'Palatino Linotype', 'Book Antiqua', Palatino, serif; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter nogutter notranslate bash" id="highlighter_551564" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow: auto !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 561.703px;"> <div class="toolbar" style="background: rgb(108, 226, 108) !important; border-radius: 0px !important; border: none !important; bottom: auto !important; box-sizing: content-box !important; color: white !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; height: 11px !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; min-height: auto !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: absolute !important; right: 1px !important; top: 1px !important; vertical-align: baseline !important; width: 11px !important; z-index: 10 !important;"> <span style="border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div> </div> </div> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">14.Move in to the ioncube directory and copy the loader based on your php version to the required php modules folder and assign a permission of 777 to the ioncube file.</span></div> <div> <br /></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">cd ioncube mv ioncube_loader_lin_5.4.so /usr/lib64/php/modules/ </span><span style="color: lime;">chmod 777 /usr/lib64/php/modules/ioncube_loader_lin_5.4.so</span></span></span><span style="color: lime;"> </span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">15.Find the location of your php.ini file.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">php -i | grep "</span><span style="color: lime;">Loaded Configuration File</span><span style="color: white;">" </span></span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">16.Edit and add ioncube loader location in the PHP configuration file.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: white;">nano /etc/php.ini Add after [PHP]: </span><span style="color: lime;"> zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.4.so</span></span><span style="color: lime;"> </span><span style="color: white;"> </span></span></span></pre> </div> <div> <span style="color: white; font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><br /></span></span></div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">17.Restart httpd service.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">service </span><span style="color: lime;">httpd restart</span><span style="color: white;"> </span></span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">18.Check and verify ioncube installation.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;">php -v</span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">19.Download & install Free Radius.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">wget http://www.dmasoftlab.com/cont/download/freeradius-server-2.2.0-dma-patch-2.tar.gz </span><span style="color: orange;">tar -xvzf freeradius-server-2.2.0-dma-patch-2.tar.gz </span><span style="color: white;">cd freeradius-server-2.2.0 </span><span style="color: lime;">./configure </span><span style="color: white;">make make install</span></span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">20.Verify freeradius installation by issuing:</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: lime; font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;">radiusd -X</span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">It may fail first time. Issue again, then you will get a message Ready to process.</span></div> </div> </div> </div> </div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;"><br /></span></div> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">21 .In case you need to kill the above process find the process id and then issue kill command specifying the process id.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">ps ax | </span><span style="color: lime;">grep radius</span><span style="color: white;"> --> Note the pid kill [pid]</span></span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">22. Move into MariaDB and create the required DB, users etc.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: lime;">mysql -u root -p</span></span></span></span></pre> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: lime;">CREATE DATABASE radius; </span><span style="color: white;">CREATE DATABASE conntrack; CREATE USER 'radius'@'localhost' IDENTIFIED BY 'radius123'; </span><span style="color: orange;">CREATE USER 'conntrack'@'localhost' IDENTIFIED BY 'conn123'; </span><span style="color: white;">GRANT ALL ON radius.* TO radius@localhost; GRANT ALL ON conntrack.* TO conntrack@localhost;</span></span><span style="color: white;"> </span></span></span></pre> <div> <span style="background-color: white; color: #333333; font-family: "palatino linotype" , "book antiqua" , "palatino" , serif; font-size: 17.1px; line-height: 25.65px;">23. Download and install radius manager 4.1.6 & proceed to install license files. Change the file locations.</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; text-align: left; vertical-align: baseline;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: white;">wget https://dl.dropboxusercontent.com/u/xxxxx/radiusmanager-4.1.6.tar </span><span style="color: lime;">tar -xvf radiusmanager-4.1.6.tar </span><span style="color: white;">cd radiusmanager-4.1.6 </span><span style="color: orange;">chmod 755 install.sh </span><span style="color: white;">./install.sh </span><span style="color: lime;">cd /var/www/html/radiusmanager </span><span style="color: white;">wget https://dl.dropboxusercontent.com/u/xxxxx/mod.txt wget https://dl.dropboxusercontent.com/u/xxxxx/lic.txt</span></span><span style="color: white;"> </span></span></span></pre> <div style="text-align: left;"> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">24 .Open your browser and go to:</span><strong style="background-color: white; border: 0px; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">http://192.168.0.220/radiusmanager/admin.php</strong><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">25.  Installation is successful and you can now login.</span></div> <div style="text-align: left;"> <span style="color: #333333;"><span style="font-size: 17.1px; line-height: 25.65px;"><b>Defaut Username - admin, and Password - 1111 (FOR Administrator Login)</b></span></span></div> <div style="text-align: left;"> <span style="color: #333333;"><span style="font-size: 17.1px; line-height: 25.65px;"><b>Default User - User, and Password - 1111 (FOR User Login)</b></span></span></div> <div style="text-align: left;"> <span style="color: #333333;"><span style="font-size: 17.1px; line-height: 25.65px;"><b><br /></b></span></span><span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">26. In case you get</span><span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;"> </span><strong style="background-color: white; border: 0px; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">blank page</strong><span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">, here are the possibilities:</span><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">(a) Php memory limit.</span><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">(b) Invalid license files.</span><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">(c) Permission error for ioncube loaders.</span><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">(d) Incompatible ioncube loaders.</span><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">27. Apache error log is located @</span><strong style="background-color: white; border: 0px; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> /etc/httpd/logs/error_log</strong><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">Apache access log is located @ </span><strong style="background-color: white; border: 0px; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; line-height: 25.65px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">/etc/httpd/logs/access_log</strong><br /> <span style="background-color: white; color: #333333; font-family: inherit; font-size: 17.1px; font-style: inherit; font-weight: inherit; line-height: 25.65px;">Check those files for probable errors.</span></div> </div> </div> </div> <div> <a href="http://www.hackthesec.co.in/">www.hackthesec.co.in</a></div> </div> </div> <div> <a href="http://www.hackthesec.co.in/" target="_blank">Radiusmanager</a></div> </div>

How to install Radius Manager 4 in CentOS 7

Install Radius Manager 4 in CentOS 7  DMA Radius Manager billing system Overview DMA Radius Manager is a easy to use administratio...

Read more »

Skip Google Authenticator Authentication if Logging in from the Local Network

<div dir="ltr" style="text-align: left;" trbidi="on"> <div style="background-color: white; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <h3 style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; clear: both; color: #333333; font-family: Lato, sans-serif; font-size: 22px; font-stretch: normal; font-weight: normal; line-height: 24px; margin: 36px 0px 12px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="color: red;"><u>Skip Google Authenticator Authentication if Logging in from the Local Network</u></span></h3> <div style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; color: #333333; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> You may trust systems on you local network enough not not require that SSH connections from them use <b>Google Authenticator</b>. If so, modify <code style="border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>/etc/pam.d/sshd</b></code> so that it looks like this:</div> <div style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> <a href="http://www.hackthesec.co.in/2016/02/two-step-authentication-for-ssh-login-on-centos.html" itemprop="url" style="color: #141414; display: block; font-family: 'Open Sans', serif, sans-serif; font-size: 18.6px; font-weight: 600; line-height: normal; text-decoration: none;"></a><ul style="font-size: 18.6px; line-height: 19.2px; text-align: left;"> <li><span style="color: red; font-family: Open Sans, serif, sans-serif;"><span style="font-size: 18.6px; font-weight: 600; line-height: normal;"><a href="http://www.hackthesec.co.in/2016/02/two-step-authentication-for-ssh-login-on-centos.html" target="_blank"><span id="goog_1967741824"></span>Two-step Authentication For SSH On Centos 6</a></span></span></li> <li><a href="http://www.hackthesec.co.in/2016/02/secure-ssh-with-google-authenticator.html" target="_blank"><span style="color: red;"><span style="font-family: Open Sans, serif, sans-serif;"><span style="display: block; font-size: 18.6px; font-size: 18.6px; font-weight: 600; line-height: normal;"></span></span><span id="goog_1967741825"></span></span><span style="color: red; text-decoration: none;">Secure SSH with Google Authenticator Two-Factor Authentication on CentOS 7</span></a></li> </ul> <div class="separator" style="clear: both; color: #333333; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYS0IxSN12lLLez9IvZFa1HS8zQCN9fClraK7cb9vDABhFu-5YP3LqCVEwwMrXmWL6UhTdm0TNzLGNR7j2eSwA7M8oIqS3yOdRW56OcLZHkD78d8tRAgjVuZXuReX1K_7Ik4Iy1Q42mpAH/s1600/TwoFactorAuthenticationWith-google_authenticator_www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYS0IxSN12lLLez9IvZFa1HS8zQCN9fClraK7cb9vDABhFu-5YP3LqCVEwwMrXmWL6UhTdm0TNzLGNR7j2eSwA7M8oIqS3yOdRW56OcLZHkD78d8tRAgjVuZXuReX1K_7Ik4Iy1Q42mpAH/s200/TwoFactorAuthenticationWith-google_authenticator_www.hackthesec.co.in.jpg" width="200" /></a></div> </div> </div> <div style="background-color: white; color: #333333; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: small;"><span style="line-height: 15.6px;">auth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-local.conf auth required pam_google_authenticator.so</span></span></pre> </div> <div style="background-color: white; color: #333333; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;">Then add the file </span><code style="border: 0px; font-family: monospace, serif; font-size: 15px; line-height: 24px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>/etc/security/access-local.conf</b></code><span style="font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;"> with the contents:</span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: 'Courier New', Courier, monospace; font-size: small;"><span style="line-height: 15.6px;"><span style="color: lime;"><br /></span></span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: small;"><span style="line-height: 15.6px;"># Google Authenticator can be skipped on local network + : ALL : 192.168.0.0/24 + : ALL : LOCAL - : ALL : ALL</span></span></pre> </div> <div style="background-color: white; color: #333333; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: small;"><span style="line-height: 15.6px;"><br /></span></span></div> <div style="background-color: white; font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: 'Courier New', Courier, monospace; font-size: small;"><span style="line-height: 15.6px;"><a href="http://www.hackthesec.co.in/">www.hackthesec.co.in</a></span></span></div> <div> <span style="font-family: 'Courier New', Courier, monospace; font-size: small;"><br /></span></div> </div>

Skip Google Authenticator Authentication if Logging in from the Local Network

Skip Google Authenticator Authentication if Logging in from the Local Network You may trust systems on you local network enough not not...

Read more »

Two-step Authentication For SSH On Centos 6

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 class="entry-title" style="border: 0px; clear: both; font-family: Lato, sans-serif; font-size: 33px; line-height: 1.09091; margin: 0px 0px 12px; outline: 0px; padding: 0px; text-transform: uppercase; vertical-align: baseline;"> <span style="color: red;"><u><i>TWO-STEP AUTHENTICATION FOR SSH ON CENTOS 6</i></u></span></h1> <div> <span style="color: black;"><a href="http://code.google.com/p/google-authenticator/" style="background-color: white; border: 0px; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Google Authenticator</a><span style="background-color: white; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;"> implements TOTP (timebased one-time-password) security tokens from RFC6238 via the Google mobile app Google Authenticator. The Authenticator provides a six digit one-time password users must provide in addition to their username and password to login, sometimes branded “two-step authentication”. Here, we install and configure a pluggable authentication module (PAM) which allows login using one-time passcodes.</span></span></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi40xdu7C_0p2adgn-P278IjXylG1Np3bMARVFPqBxvRtTD4kPiTGPcx0B4ciBJST52hgQl4hU11YfHNBt5PN0MrCV5bfuU98qN5cd6Hr4Yb4eUB1Y1VMajsVrA-Iu86p-kS0cn8hSAkh93/s1600/TwoFactorAuthenticationWith-google_authenticator_www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi40xdu7C_0p2adgn-P278IjXylG1Np3bMARVFPqBxvRtTD4kPiTGPcx0B4ciBJST52hgQl4hU11YfHNBt5PN0MrCV5bfuU98qN5cd6Hr4Yb4eUB1Y1VMajsVrA-Iu86p-kS0cn8hSAkh93/s1600/TwoFactorAuthenticationWith-google_authenticator_www.hackthesec.co.in.jpg" /></a></div> <div> <span style="color: black;"><span style="background-color: white; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;"><br /></span></span></div> <div> <ul style="background-color: white; display: block; font-family: 'Open Sans', serif, sans-serif; font-size: 18.6px; font-weight: 600; text-align: left; text-decoration: none;"> <li><span style="font-size: 18.6px;"><a href="http://www.hackthesec.co.in/2016/02/secure-ssh-with-google-authenticator.html" target="_blank"><span style="color: red;">Secure SSH with Google Authenticator Two-Factor Authentication on CentOS 7</span></a></span></li> </ul> </div> <div> <h3 style="border: 0px; clear: both; font-family: Lato, sans-serif; font-size: 22px; line-height: 24px; margin: 36px 0px 12px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="color: #0b5394;"><u>Download and Install</u></span></h3> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> At the time of this writing, only an old version of <b>libpam-google-authenticator</b> is available in the <b><a href="http://www.hackthesec.co.in/2016/01/centos-rhel-scientific-linux-6-enable.html" target="_blank">EPEL package repository</a></b>. Hence, we are going to compile it from source. First, install prerequisites:</div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;">[root@hackthesec]# yum install </span><span style="color: lime;">make gcc pam-devel</span></span></span></pre> </div> <div> <span style="background-color: white; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;">TOTP (timebased one-time-password) security tokens are time sensitive. Hence, make sure that your system has ntpd running, and is configured to start the service at boot:</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> service </span><span style="color: orange;">ntpd start</span><span style="color: white;"> </span><span style="color: orange;">Starting </span><span style="color: white;">ntpd: [ OK ] </span></span></span><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> </span><span style="color: lime;">chkconfig </span><span style="color: white;">ntpd on</span></span></span></pre> </div> <div> <span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><br /></span></span></div> <div> <span style="background-color: white;"><span style="font-family: Lato, sans-serif; font-size: large;"><span style="line-height: 24px;">Then download and install libpam-google-authenticator from source installation and compilation:</span></span></span></div> <div> <span style="font-family: 'Courier New', Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"><br /></span></span></span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"> cd /tmp </span></span><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> </span><span style="color: lime;">wget </span><span style="color: white;">http://google-authenticator.googlecode.com/files/libpam-google-authenticator-1.0-source.tar.bz2</span></span></span></pre> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"> </span></span><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> </span><span style="color: lime;">bunzip2</span><span style="color: white;"> libpam-google-authenticator-1.0-source.tar.bz2 </span></span></span><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> </span><span style="color: lime;">tar xf</span><span style="color: white;"> libpam-google-authenticator-1.0-source.tar</span></span></span></pre> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"> </span></span><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> cd </span><span style="color: lime;">libpam-google-authenticator-1.0</span><span style="color: white;"> </span></span></span><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> </span><span style="color: orange;">make</span><span style="color: white;"> gcc --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o google-authenticator.o google-authenticator.c gcc --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o base32.o base32.c gcc --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o hmac.o hmac.c gcc --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o sha1.o sha1.c gcc -g -o google-authenticator google-authenticator.o base32.o hmac.o sha1.o -ldl gcc --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o pam_google_authenticator.o pam_google_authenticator.c gcc -shared -g -o pam_google_authenticator.so pam_google_authenticator.o base32.o hmac.o sha1.o -lpam gcc --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o demo.o demo.c gcc -DDEMO --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o pam_google_authenticator_demo.o pam_google_authenticator.c gcc -g -rdynamic -o demo demo.o pam_google_authenticator_demo.o base32.o hmac.o sha1.o -ldl gcc -DTESTING --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden \ -o pam_google_authenticator_testing.o pam_google_authenticator.c gcc -shared -g -o pam_google_authenticator_testing.so pam_google_authenticator_testing.o base32.o hmac.o sha1.o -lpam gcc --std=gnu99 -Wall -O2 -g -fPIC -c -fvisibility=hidden -o pam_google_authenticator_unittest.o pam_google_authenticator_unittest.c gcc -g -rdynamic -o pam_google_authenticator_unittest pam_google_authenticator_unittest.o base32.o hmac.o sha1.o -lc -ldl</span></span></span></pre> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: 'Courier New', Courier, monospace; font-size: medium; line-height: 15.6px;">[root@hackthesec]#</span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> </span><span style="color: lime;">make install</span><span style="color: white;"> cp pam_google_authenticator.so /lib64/security cp google-authenticator /usr/local/bin</span></span></span></pre> </div> <div> <h3 style="border: 0px; clear: both; font-family: Lato, sans-serif; font-size: 22px; line-height: 24px; margin: 36px 0px 12px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="color: #0b5394;"><u>Set Up Google Authenticator</u></span></h3> <div style="border: 0px; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> Before configuring SSH, first set up Google Authenticator. Run “google-authenticator” <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: inherit; font-style: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">as the user you wish to log in with via SSH</span>. You will be prompted with a few questions.</div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;">[root@hackthesec]# </span><span style="color: orange;">google-authenticator</span><span style="color: white;"> Do you want me to update your "~/.google_authenticator" file (y/n) y https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/user@server%3Fsecret%3DABCD12E3FGHIJKLMN Your new secret key is: ABCD12E3FGHIJKLMN Your verification code is 98765432 Your emergency scratch codes are: 01234567 89012345 67890123 45678901 23456789 Do you want to disallow multiple uses of the same authentication token? This restricts you to one login about every 30s, but it increases your chances to notice or even prevent man-in-the-middle attacks (y/n) y By default, tokens are good for 30 seconds and in order to compensate for possible time-skew between the client and the server, we allow an extra token before and after the current time. If you experience problems with poor time synchronization, you can increase the window from its default size of 1:30min to about 4min. Do you want to do so (y/n) y If the computer that you are logging into isn't hardened against brute-force login attempts, you can enable rate-limiting for the authentication module. By default, this limits attackers to no more than 3 login attempts every 30s. Do you want to enable rate-limiting (y/n) y</span></span></span></pre> </div> <div> <span style="font-family: 'Courier New', Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"><br /></span></span></span></div> <div> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> These settings are stored in the user’s <code style="border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>~/.google_authenticator</b></code> file.</div> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> Copy and paste the URL into your browser and scan the QR code that is displayed with the app Google Authenticator on your mobile device. If you can’t scan the QR code, then you can enter the information manually with the given secret key and verification code. A new verification code should be displayed every 30 seconds.</div> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> Emergency one-time use verification codes are also given for you to write down in a secure place in case you were to not have your mobile device with you.</div> <h3 style="border: 0px; clear: both; font-family: Lato, sans-serif; font-size: 22px; line-height: 24px; margin: 36px 0px 12px; outline: 0px; padding: 0px; vertical-align: baseline;"> <u><span style="color: #0b5394;">Configure PAM</span></u></h3> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> Have PAM require Google Authenticator for SSH authentication. Modify<b> <code style="border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">/etc/pam.d/sshd</code></b> and add the line “<code style="border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>auth required pam_google_authenticator.so</b></code>” at the top.</div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;">[root@hackthesec]# vi </span><span style="color: lime;">/etc/pam.d/sshd</span><span style="color: white;"> #%PAM-1.0 </span><span style="color: orange;">auth required pam_google_authenticator.so </span><span style="color: white;">auth required pam_sepermit.so auth include password-auth account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth</span></span></span></pre> </div> <div> <div style="border: 0px; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> This will require all users to use Google Authenticator for SSH authentication. To only require those users with Google Authenticator configured for their account (the <code style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>~/.google_authenticator</b></code> file exists), then instead enter “<code style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>auth required pam_google_authenticator.so</b></code><code style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; font-weight: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> </code><code style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>nullok</b></code>“.</div> <div style="border: 0px; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> The order in which you place items in this file matters. Given this configuration, you will first be prompted for your Google Authenticator verification code, then for your system account password when you SSH into the system.</div> </div> <div> <h3 style="border: 0px; clear: both; font-family: Lato, sans-serif; font-size: 22px; line-height: 24px; margin: 36px 0px 12px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="color: #0b5394;"><u>Configure the SSH Service</u></span></h3> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> Modify <b><code style="border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">/etc/ssh/sshd_config</code>.</b> Verify these settings:</div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="color: lime;"><span style="line-height: 15.6px;">[root@hackthesec]# vi /etc/ssh/sshd_config PasswordAuthentication yes </span></span><span style="color: white; line-height: 15.6px;">ChallengeResponseAuthentication yes </span><span style="color: lime; line-height: 15.6px;">UsePAM yes</span></span></pre> </div> <div> <span style="background-color: white; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;">Restart the SSH service:</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="background-color: transparent; line-height: 15.6px;"><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;">[root@hackthesec]# </span></span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;">service </span><span style="color: lime;">sshd restart</span></span></span></pre> </div> <div> <span style="background-color: white; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;">When you SSH into the system as a user configured for Google Authenticator, you will have to enter the verification code that is displayed in you Google Authenticator app, and then by your system password at the next prompt:</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;">login as: root </span><span style="color: orange;">Verification code: 002536 </span><span style="color: white;">Password: ******* [root@hackthesec]#</span></span></span></pre> </div> <div> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> If you have any problems, look in the <code style="border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>/var/log/secure</b></code> system log file.</div> <div style="border: 0px; color: #2b2b2b; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> If you have <b>SELinux </b>enabled, you may not be able to login, and get this error in <code style="border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>/var/log/secure</b></code>:</div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;">Feb 26 23:42:50 hostname sshd(pam_google_authenticator)[1654]: Failed to update secret file "/home/hackthesec/.google_authenticator" Feb 26 23:42:50 hostname sshd[1652]: error: PAM: Cannot make/remove an entry for the specified session for username from 192.168.0.5</span></span></pre> </div> <div> <span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><br /></span></span></div> <div> <div style="border: 0px; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> This is probably due /home/username/.google_authenticator not having an appropriate <a href="http://wiki.centos.org/HowTos/SELinux" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Type Enforcement</a> (TE):</div> <div style="-webkit-text-stroke-width: 0px; color: black; font-family: 'Times New Roman'; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: left; text-indent: 0px; text-transform: none; white-space: normal; widows: 1; word-spacing: 0px;"> </div> <br /> <div style="orphans: auto; text-align: left; text-indent: 0px; widows: 1;"> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin: 0px 0px 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="background-color: transparent; line-height: 15.6px;"><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;">[root@hackthesec]#</span></span><span style="font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"> </span><span style="color: lime;">ls -Z /home/hackthesec/.google_authenticator</span><span style="color: white;"> -r--------. hackthesec hackthesec unconfined_u:object_r:user_home_t:s0 /home/hackthesec/.google_authenticator</span></span></span></pre> </div> </div> <div> <h3 style="border: 0px; clear: both; font-family: Lato, sans-serif; font-size: 22px; line-height: 24px; margin: 36px 0px 12px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="color: red;"><u>Skip Google Authenticator Authentication if Logging in from the Local Network</u></span></h3> <div style="border: 0px; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px; margin-bottom: 24px; outline: 0px; padding: 0px; vertical-align: baseline;"> You may trust systems on you local network enough not not require that SSH connections from them use <b>Google Authenticator</b>. If so, modify <code style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-family: monospace, serif; font-size: 15px; font-style: inherit; line-height: 1.6; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>/etc/pam.d/sshd</b></code> so that it looks like this:</div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;">auth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-local.conf auth required pam_google_authenticator.so</span></span></pre> </div> <div> <span style="background-color: white; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;">Then add the file </span><code style="background-color: white; border: 0px; font-family: monospace, serif; font-size: 15px; line-height: 24px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><b>/etc/security/access-local.conf</b></code><span style="background-color: white; font-family: Lato, sans-serif; font-size: 16px; line-height: 24px;"> with the contents:</span></div> <div> <span style="font-family: 'Courier New', Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"><br /></span></span></span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"># Google Authenticator can be skipped on local network + : ALL : 192.168.0.0/24 + : ALL : LOCAL - : ALL : ALL</span></span></pre> </div> <div> <span style="color: white; font-family: Courier New, Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><br /></span></span></div> <div> <span style="font-family: 'Courier New', Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><a href="http://www.hackthesec.co.in/">www.hackthesec.co.in</a></span></span></div> <div> <span style="font-family: 'Courier New', Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"><br /></span></span></span></div> <div> <span style="font-family: 'Courier New', Courier, monospace; font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"><br /></span></span></span></div> </div>

Two-step Authentication For SSH On Centos 6

TWO-STEP AUTHENTICATION FOR SSH ON CENTOS 6 Google Authenticator  implements TOTP (timebased one-time-password) security tokens from RFC...

Read more »

Secure SSH with Google Authenticator Two-Factor Authentication on CentOS 7

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 style="border-bottom-color: rgb(195, 202, 213); border-bottom-style: solid; border-bottom-width: 1px; color: #314d7c; font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 26px; margin: 0px 0px 15px; padding: 20px 0px;"> Google Authenticator Two-Factor Authentication on CentOS 7</h1> <span style="background-color: white; font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">SSH access is always critical and you might want to find ways to improve the security of your SSH access. In this article we will see how we can secure SSH with simple two factor authentication by using Google Authenticator. Before using it you have to integrate the SSH daemon on your server with Google Authenticator one time password protocol TOTP and another restriction is that you must have your android phone with you all the time or at least the time you want <b>SSH access</b></span><br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEituG_vrQj2qbbwgkfPTj-hr01-z_SbSoir2VjHmPUmfztQDCX-xzh9UoCT-i_CI0PuUB6UeR69vAnWiVDbVFIo39trNQWXj3s743gRcnt_8tiuJyUV9pcfaOrbiM7g1_Z6vkAz7FYmH-jO/s1600/google-authenticator-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEituG_vrQj2qbbwgkfPTj-hr01-z_SbSoir2VjHmPUmfztQDCX-xzh9UoCT-i_CI0PuUB6UeR69vAnWiVDbVFIo39trNQWXj3s743gRcnt_8tiuJyUV9pcfaOrbiM7g1_Z6vkAz7FYmH-jO/s320/google-authenticator-www.hackthesec.co.in.png" width="179" /></a></div> <span style="background-color: white; font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;"><br /></span> <span style="background-color: white; font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;"><br /></span> <span style="background-color: white; font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">First of all we will install the open source <b>Google Authenticator PAM module</b> by executing the following command on the shell.</span><br /> <div style="background-color: white;"> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">yum install </span><span style="color: lime;">google-authenticator</span></span></span></pre> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">This command will install Google authenticator on you <a href="http://www.hackthesec.co.in/search/label/centos7" target="_blank">Centos 7</a> Server. The next step is to get the verification code. It's a very simple command to get the verification code and scratch codes by just answering simple questions of server which he will ask you. You can do that step by running the following command:</span></div> <div style="font-family: Verdana, Geneva, sans-serif; line-height: 19.2px;"> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: normal; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: cyan; font-family: Courier New, Courier, monospace; font-size: large;"><span style="line-height: 15.6px;">google-authenticator</span></span></pre> <div style="font-size: 12px;"> <span style="color: white; font-family: Courier New, Courier, monospace;"><span style="line-height: 15.6px;"><br /></span></span></div> </div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">You will get an output like the following screenshot which is being displayed to help you step by step as this step is very important and crucial. Write down the emergency scratch codes somewhere safe, they can only be used one time each, and they're intended for use if you lose your phone.</span></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;"><br /></span></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRa0sksNiUe3yuPtSYG_BLap7nPIgsV6_P0q-6kVhQCFK3dChx6VkIRhdC-C-WIE1RQCHRQVm5H8NVrwtwGfpfH1htsLoIRq58e8IS9GhJE9NCXnFJJoPj6AWfRKTKfa9IMZSthekDMbzE/s1600/ssh_two_factor_authentication-www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRa0sksNiUe3yuPtSYG_BLap7nPIgsV6_P0q-6kVhQCFK3dChx6VkIRhdC-C-WIE1RQCHRQVm5H8NVrwtwGfpfH1htsLoIRq58e8IS9GhJE9NCXnFJJoPj6AWfRKTKfa9IMZSthekDMbzE/s1600/ssh_two_factor_authentication-www.hackthesec.co.in.jpg" /></a></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <div style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px; padding: 1em;"> Now download Google authenticator application on your Mobile phone, the app exists for Android and Iphone. Well I have Android so I will download it from Google Play Store where I searched it out just by typing "<b>google authenticator</b>".</div> <div style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px; padding: 1em;"> The next step is to change some files which we will start by first changing<b> /etc/pam.d/sshd</b>. Add the following line to the bottom of line:</div> </div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">auth required pam_</span><span style="color: lime;">google_authenticator.so</span></span></span></pre> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="color: white; font-family: Courier New, Courier, monospace;"><span style="line-height: 15.6px;"><br /></span></span></div> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFXc2rN8O_YBWlLUgUrTPMcjlPm0Pa6x27jFRvQH1STaXipAVhisNBIQzJwSDiNJPkM5ALSbNj4y2JnOgHxe3zsimBEAVGyT0mpZ8YoN6pYGryQy6lCTtmylqK_dAnFLYkuX95JSIop3sm/s1600/ssh_two_factor_authentication2-www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFXc2rN8O_YBWlLUgUrTPMcjlPm0Pa6x27jFRvQH1STaXipAVhisNBIQzJwSDiNJPkM5ALSbNj4y2JnOgHxe3zsimBEAVGyT0mpZ8YoN6pYGryQy6lCTtmylqK_dAnFLYkuX95JSIop3sm/s1600/ssh_two_factor_authentication2-www.hackthesec.co.in.jpg" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">Change the next file which is <b>/etc/ssh/sshd_config</b>. Add the following line in the file and if its already placed then change the parameter to "yes":</span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: orange;">ChallengeResponseAuthentication </span><span style="color: white;">yes</span></span></span></pre> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikQFBGqygMhqOpxkF1AXZFqfPYK6kcwT7Y5xtZTdk5ulwiYnmpAKpDBkMDvAGUX2-YGvZEAJzWxqtgRd8A9ypImFboal5LMOVzXgFy_sl-4UY5ZJrVFyuSCTnr7bggeQRKen21a0hARb9d/s1600/ssh_two_factor_authentication3-www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikQFBGqygMhqOpxkF1AXZFqfPYK6kcwT7Y5xtZTdk5ulwiYnmpAKpDBkMDvAGUX2-YGvZEAJzWxqtgRd8A9ypImFboal5LMOVzXgFy_sl-4UY5ZJrVFyuSCTnr7bggeQRKen21a0hARb9d/s1600/ssh_two_factor_authentication3-www.hackthesec.co.in.jpg" /></a></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;"><br /></span></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">Now restart the service of ssh by the following command:<br /></span></div> <div> <pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-family: Courier New, Courier, monospace; font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">service </span><span style="color: lime;">sshd </span><span style="color: white;">restart</span></span></span></pre> </div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">Last step is to test the service by connecting with SSH to the server to see if it will require verification code. You can see the following screenshot which shows the verification code(FROM MY ANDROID MOBILE GOOGLE Authenticator App) that keeps on changing time after time and you have to login with it:<br /></span></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0tnpXl0xAoWwlvo_-z-iAjWKzq_e7glfjo3Ceoi21oQEVkJg9UlsPgbjpkV8wO0-cc72gKjfsQelCwyN3PrbeMXws80lVqEwHmQ3Dkb7TqdHfN9kI4QxtG1Dl5wY8e5cuj2xzm3lvEHW2/s1600/ssh_two_factor_authentication4-www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0tnpXl0xAoWwlvo_-z-iAjWKzq_e7glfjo3Ceoi21oQEVkJg9UlsPgbjpkV8wO0-cc72gKjfsQelCwyN3PrbeMXws80lVqEwHmQ3Dkb7TqdHfN9kI4QxtG1Dl5wY8e5cuj2xzm3lvEHW2/s1600/ssh_two_factor_authentication4-www.hackthesec.co.in.jpg" /></a></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;"><br /></span></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <span style="font-family: Tahoma, Helvetica, Arial, sans-serif; font-size: 14px; line-height: 17.92px;">So we have successfully configured SSH authentication based on <b>Google Authenticator</b>. Now your <b>SSH </b>is secure and no brute attack can invade your server unless someone has your verification code which will require access to your phone as well.</span></div> <div style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;"> <br /><a href="http://www.hackthesec.co.in/">www.hackthesec.co.in</a></div> </div> </div>

Secure SSH with Google Authenticator Two-Factor Authentication on CentOS 7

Google Authenticator Two-Factor Authentication on CentOS 7 SSH access is always critical and you might want to find ways to improve the s...

Read more »

Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 style="background-color: white; box-sizing: border-box; font-family: 'Noto Sans', sans-serif; font-size: 38px; font-stretch: normal; font-weight: 300; line-height: 1.4; margin: 0px; text-align: center;"> <span style="color: #073763;">Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow</span></h1> <div> <span style="color: #073763;"><br /></span></div> <div> <span style="color: #073763; font-family: Georgia, Times New Roman, serif; font-size: large;"><b>Wireshark </b>is a Free and Open packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues</span></div> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_MAG4F1Kon2P9SxmYif94a3gt6GvVRH5vtUv22pgkSxn-t6Nz_9ruaqeTAPS9WcWT-MDboXJ26Fu_IAgpUHrjDV1ZSdPw-2222mIL4pyLSTJT3tF-62eUjafIS-iBK76aeJ49WoIhE84N/s1600/wireshark-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_MAG4F1Kon2P9SxmYif94a3gt6GvVRH5vtUv22pgkSxn-t6Nz_9ruaqeTAPS9WcWT-MDboXJ26Fu_IAgpUHrjDV1ZSdPw-2222mIL4pyLSTJT3tF-62eUjafIS-iBK76aeJ49WoIhE84N/s1600/wireshark-www.hackthesec.co.in.png" /></a></div> <div> <br /></div> <div> <table class="exploit_list" style="background-color: rgb(239, 239, 239) !important; border-radius: 3px !important; border-spacing: 1px; border: 1px solid rgb(221, 221, 221) !important; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; margin-bottom: 10px; margin-top: 10px; padding: 1px !important; width: 679px;"><tbody style="box-sizing: border-box;"> <tr style="background-color: rgb(248, 248, 248) !important; box-sizing: border-box;"><td style="box-sizing: border-box; padding: 5px 10px; text-align: center;"><span style="color: black;"><strong style="box-sizing: border-box;">Author:</strong> Google Security Research</span></td><td style="box-sizing: border-box; padding: 5px 10px; text-align: center;"><br /></td><td style="box-sizing: border-box; padding: 5px 10px; text-align: center;"><br /></td></tr> <tr style="background-color: rgb(248, 248, 248) !important; box-sizing: border-box;"><td style="box-sizing: border-box; padding: 5px 10px;"><div style="text-align: center;"> <strong style="box-sizing: border-box; color: black;">Download Exploit:</strong><span style="color: black;"> </span><a href="https://www.exploit-db.com/download/39490" style="background-color: transparent; box-sizing: border-box; outline: 0px; text-decoration: none; transition-duration: 0.3s; transition-property: background-color, box-shadow, border, color, opacity;"><span class="fa fa-file-code-o" style="box-sizing: border-box; display: inline-block; font-family: "fontawesome"; font-size: inherit; font-stretch: normal; line-height: 1;"></span> Source</a><span style="color: black;"> </span><span class="fa fa-file-o" style="box-sizing: border-box; color: black; display: inline-block; font-family: "fontawesome"; font-size: inherit; font-stretch: normal; line-height: 1;"></span><span style="color: black;"> </span></div> <br /> <br /> <a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a><br /> <span style="color: black;">hackthesec</span><br /> <a href="http://www.hackthesec.co.in/search/label/LATEST%20EXPLOIT" target="_blank">hackthesec exploit</a></td><td colspan="2" style="box-sizing: border-box; padding: 5px 10px;"><br /></td></tr> </tbody></table> </div> </div>

Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow

Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow Wireshark is a Free and Open packet analyzer. It is used for network troub...

Read more »