Why does "su" reject my password if I can log in as root? wtf?
 

Just this morning I ssh'd into my gentoo box as my regular user. After I ran "su" to get root access, it said "Authentication failure. Sorry." After retrying my password double-checking that it was correct, I was stumped.

But, I can just go to the machine and log in locally as root, with the same password, and everything works fine? So I'm confused.

My regular user is a member of the wheel group.
My root password has not changed.
I can log in as root from a local terminal.
I can log in as root over ssh (after changing my config file for sshd to initally block root logging in) now.
But if I log in as my regular user and "su" the password fails.

Any tips as to what's going on?

Re:
 

The command looks something like this
If so try:
If that is the case then I would have to believe that your ssh is setup to deny su requests?

I'm at the machine now. It doesn't matter if it's over ssh or at the actual terminal. I can log in as root, everything's fine, exit out, log in as a regular user, su, enter the same root password.... boom, password failure. Same goes for "sudo root." sudo does the same thing too. This basically means my gentoo install is useless because I can't get root access remotely without exposing ssh to root logins.

i was about to menton to have a look at your sshd config file. there is an option to deny root login over ssh. check to see if thats enabled or not. but if its denying access of root at the actuall physical machine i'm nota at all sure what it then could be.

switching users must be disabled somehow. sorry but i have not come across this issue before.

The problem isn't ssh, it's switching users into root. The weird thing is that if I log in as root, I can "su user1" without a problem, so su itself is doing it's job, but if I ever "su root" ... password failure.

I am totally at a loss as to how this could have happened overnight, but thanks for the help anyways.

Is the user you logging in first with in the wheel group
login as root
if the user you login in with isn't part of that group add them to it.
You can either manually edit /etc/group file and add the user to the wheel group or
I believe this is what is causing you password issue.

Like I said... it's weird.

Check your /etc/securetty file.

man securetty <-for more info on what this does.

Re:
 

I was thinking maybe you didn't have read + exec permisions on su and sudo. but they run just dont work. I would check your su conf I believe it's pamd or something of that sort. maybe you have a permisions problem. If that was the case check your sudoers file make sure your in there. and also check the options on sudo, to see if it's requesting root password or your own. Also I believe that you can type:
'sudo -i' == ('su -' || 'su root') // with the execption that instead of using root password you supply the users that is in the sudoers file (by default)


I'm not sure about Gentoo but in fc default sudo where the password blank is, that is where you 'USER's password is required not root's password. Gentoo might have defaults diff from fc.

Have a look at

http://www.linux.com/guides/solrhe/S...ap5sec43.shtml

and see if it helps at all

Also check the PAM configuration, such as the files in /etc/security/

The access.conf file might contain a line like: '-:wheel:ALL EXCEPT LOCAL'. I don't know if the PAM access restrictions would apply or not to using "su" but if the authentication is handled by PAM this could be an issue.

Also, examine your logs. They should indicate what caused the rejection.