How to solve: Keyring problems in Ubuntu

September 15, 2011 By Abhishek Prakash 4 Comments

What is Keyring?

A Keyring (in Ubuntu) as its name suggests is collection of keys (passwords) and is locked by a master password (be default your first admin password). It saves several passwords (for e.g. login password for a website or some application) inside the keyring and protects with the master password and thus obviates the need of entering the passwords again and again. Since you are logged in with the same password, it does not prompt you to enter the master password and automatically takes the login password as the keyring master password.

What could be the problem with the Keyring?

As I said before the default master password for the keyring is the first admin password i.e. the first user-password you used on the computer. The problem arises when you change the password. The master password of the keyring doesn’t change automatically and hence a conflict starts as the master password doesn’t matches with the new user-login password. Therefore you will start seeing these annoying prompts from the keyring:

Ubuntu Keyring — Pic courtsey: Lifehacker

And if the password doesn’t matches then:

Ubuntu Keyring problem — Pic Courtsey: markjaustin.co.uk

Solution 1: You remember the old password

If you remember the old password then you can try changing the master password to the current login password. This will stop the prompting of the keyring. Follow these steps in Ubuntu 10.10 and previous versions:

Navigate to Applications > Accessories > Passwords and Encryption Keys
Select the tab “Passwords”
Select your keyring
Right-click and select “Change Password”

In Ubuntu 11.04, run the application Passwords and Encryption Keys by using the super key (windows logo key) and then searching for it. And follow the step 2-4.

Solution 2: You forgot the old password

Damn! I forgot the old password and it is not accepting any of my login passwords. What should I do? Don’t bang your head in the wall. There is an alternate solution and that is delete the keyring. For that follow the same steps 1-3 as described previously and instead of Change Password select Delete. i.e.The following steps:

Navigate to Applications > Accessories > Passwords and Encryption Keys
Select the tab “Passwords”
Select your keyring
Right-click and select “Delete“

This pic might come as handy:

Keyring change password ubuntu — Pic Courtsey: code-muse.com

Questions, suggestions and a world of thank is always motivating. Enjoy

Sources: http://www.code-muse.com/

http://ubuntu-tutorials.com/

http://www.markjaustin.co.uk/?p=21

Breaking: New Hybrid Keyring from Scott Amron (core77.com)
Ubuntu update error with Firefox (computerandu.wordpress.com)
Fixing wubi ubuntu Grub problem. (shakthydoss.wordpress.com)
Ubuntu quickies (icehot.wordpress.com)
How do you change your password on a yahoo email account (wiki.answers.com)

Troubleshooting FreeRADIUS

April 21, 2011 By Abhishek Prakash 9 Comments

Recently I was working with FreeRADIUS to do PEAP authentication. I went under a lot of trouble from installing to configuring the FreeRADIUS. Thankfully, I noted down the problems I encountered and the solution I followed. This is not a complete guide for FreeRADIUS installation but provides you with possible solution to a few errors.

1.

While executing radiusd -X, it may throw the following error:

radiusd: error while loading shared libraries:

libfreeradius-radius-2.1.10.so:

cannot open shared object file: No such file or directory

The reason for this error is that the libraries have been installed in a place where dynamic linker cannot find it. To solve this problem use this command:

sudo /sbin/ldconfig -v

2.

While running in debug mode the RADIUS server may give the following error:

Ignoring EAP-Type/tls because we do not have OpenSSL support.

[eap] Request found, released from the list

[eap] EAP NAK

[eap] NAK asked for unsupported type PEAP

[eap] No common EAP types found.

[eap] Failed in EAP select

++[eap] returns invalid

Failed to authenticate the user.

The reason for this error is that open ssl dev library “libssl-dev” is not installed. Install the library (sudo apt-get install libssl-dev) and re-configure (by running configure, make and make install) FreeRADIUS server.

3.

Running the RADIUS server may also result in the following error:

Error: Failed binding to authentication address * port 1812: Address already in use /usr/local/etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812

The reason for this error is that another instance of radius is running and has occupied the port.

See which radius process is running:

ps aux | grep radius

And then kill that process:

sudo kill -9 process_id

4.

While running the RADIUS sever it may also throw an error: “no soh-server”. To solve it, copy “soh” file in /usr/local/etc/raddb/sites-available to /usr/local/etc/raddb/sites-enabled.

I hope it helped you. Questions and suggestions are welcomed. Enjoy

Troubleshoot: NAP capable clients are evaluated as Non NAP capable

April 14, 2011 By Abhishek Prakash 1 Comment

I had real hard time in troubleshooting the problem where NAP capable clients were evaluated as Non NAP capable by the NPS server. 802.1x authentication was perfectly successful but there were no information about the client’s health. It seemed NPS server was working as a plain RADIUS server.

There are few points which must be checked for a successful implementation of Microsoft NAP. Check all of these:

NAP agent must be running: To check use “netsh nap client show state” in command prompt. If not running, go to services and start the service and put it to automatic.
Enforcement client 79623 is enabled and initialized on the client: This can also be checked with the previous command.
Quarantine checks are enabled in PEAP properties on the client: See the authentication tab in network properties.
802.1X with PEAP is configured (rather than 802.1X with EAP) on the client: See the authentication tab in network properties.
NAP agent is running before 802.1x authentication. Put the dependency on NAP agent with wired auto config.
Override network policy authentication settings is enabled in connection request policy on the server.

Hope it will help you in troubleshooting your NAP setup. Questions and suggestions are welcomed. Enjoy

Sources: Microsoft, Greg Lindsay

Computer And You

Making Your Computer Experience Better