LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 12-20-2006, 09:47 PM   #1
neeyo
LQ Newbie
 
Registered: Oct 2001
Location: Some hole I dug.
Distribution: Gentoo
Posts: 22

Rep: Reputation: 15
Why does "su" reject my password if I can log in as root? wtf?


Just this morning I ssh'd into my gentoo box as my regular user. After I ran "su" to get root access, it said "Authentication failure. Sorry." After retrying my password double-checking that it was correct, I was stumped.

But, I can just go to the machine and log in locally as root, with the same password, and everything works fine? So I'm confused.

My regular user is a member of the wheel group.
My root password has not changed.
I can log in as root from a local terminal.
I can log in as root over ssh (after changing my config file for sshd to initally block root logging in) now.
But if I log in as my regular user and "su" the password fails.

Any tips as to what's going on?
 
Old 12-20-2006, 10:32 PM   #2
echat
Member
 
Registered: Nov 2006
Distribution: Kubuntu 9
Posts: 34

Rep: Reputation: 16
Re:

The command looks something like this
Code:
USER@HERE$ su -
Password:

root@HERE$
root@HERE$
If so try:
Code:
USER@HERE$ su root
Password:

root@HERE$
If that is the case then I would have to believe that your ssh is setup to deny su requests?
 
Old 12-20-2006, 10:50 PM   #3
neeyo
LQ Newbie
 
Registered: Oct 2001
Location: Some hole I dug.
Distribution: Gentoo
Posts: 22

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by echat
The command looks something like this
Code:
USER@HERE$ su -
Password:

root@HERE$
root@HERE$
If so try:
Code:
USER@HERE$ su root
Password:

root@HERE$
If that is the case then I would have to believe that your ssh is setup to deny su requests?
I'm at the machine now. It doesn't matter if it's over ssh or at the actual terminal. I can log in as root, everything's fine, exit out, log in as a regular user, su, enter the same root password.... boom, password failure. Same goes for "sudo root." sudo does the same thing too. This basically means my gentoo install is useless because I can't get root access remotely without exposing ssh to root logins.
 
Old 12-20-2006, 11:21 PM   #4
Schrambo
Member
 
Registered: Mar 2004
Location: Western Australia
Distribution: Debian Slackware CentOS
Posts: 102

Rep: Reputation: 15
Quote:
Originally Posted by neeyo
I'm at the machine now. It doesn't matter if it's over ssh or at the actual terminal. I can log in as root, everything's fine, exit out, log in as a regular user, su, enter the same root password.... boom, password failure. Same goes for "sudo root." sudo does the same thing too. This basically means my gentoo install is useless because I can't get root access remotely without exposing ssh to root logins.
i was about to menton to have a look at your sshd config file. there is an option to deny root login over ssh. check to see if thats enabled or not. but if its denying access of root at the actuall physical machine i'm nota at all sure what it then could be.

switching users must be disabled somehow. sorry but i have not come across this issue before.
 
Old 12-21-2006, 02:21 AM   #5
neeyo
LQ Newbie
 
Registered: Oct 2001
Location: Some hole I dug.
Distribution: Gentoo
Posts: 22

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Schrambo
i was about to menton to have a look at your sshd config file. there is an option to deny root login over ssh. check to see if thats enabled or not. but if its denying access of root at the actuall physical machine i'm not at all sure what it then could be.

switching users must be disabled somehow. sorry but i have not come across this issue before.
The problem isn't ssh, it's switching users into root. The weird thing is that if I log in as root, I can "su user1" without a problem, so su itself is doing it's job, but if I ever "su root" ... password failure.

I am totally at a loss as to how this could have happened overnight, but thanks for the help anyways.
 
Old 12-21-2006, 06:22 AM   #6
sheryco
Member
 
Registered: Feb 2003
Location: FTWorth, TX
Distribution: Gentoo, Debian, CentOS, FreeBSD, NetBSD & OpenBSD
Posts: 55

Rep: Reputation: 15
Is the user you logging in first with in the wheel group
login as root
Quote:
#grep 'wheel' /etc/group
if the user you login in with isn't part of that group add them to it.
You can either manually edit /etc/group file and add the user to the wheel group or
Quote:
#usermod -g wheel username
I believe this is what is causing you password issue.
 
Old 12-21-2006, 12:33 PM   #7
neeyo
LQ Newbie
 
Registered: Oct 2001
Location: Some hole I dug.
Distribution: Gentoo
Posts: 22

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by sheryco
Is the user you logging in first with in the wheel group
login as root

if the user you login in with isn't part of that group add them to it.
You can either manually edit /etc/group file and add the user to the wheel group or

I believe this is what is causing you password issue.
Quote:
Originally Posted by neeyo
My regular user is a member of the wheel group.
My root password has not changed.
I can log in as root from a local terminal.
I can log in as root over ssh (after changing my config file for sshd to initally block root logging in) now.
But if I log in as my regular user and "su" the password fails.
Like I said... it's weird.
 
Old 12-21-2006, 01:41 PM   #8
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 197Reputation: 197
Check your /etc/securetty file.

man securetty <-for more info on what this does.
 
Old 12-21-2006, 06:39 PM   #9
echat
Member
 
Registered: Nov 2006
Distribution: Kubuntu 9
Posts: 34

Rep: Reputation: 16
Re:

I was thinking maybe you didn't have read + exec permisions on su and sudo. but they run just dont work. I would check your su conf I believe it's pamd or something of that sort. maybe you have a permisions problem. If that was the case check your sudoers file make sure your in there. and also check the options on sudo, to see if it's requesting root password or your own. Also I believe that you can type:
Code:
USER@HERE$ sudo -i
Password:

root@HERE$ 
root@HERE$
'sudo -i' == ('su -' || 'su root') // with the execption that instead of using root password you supply the users that is in the sudoers file (by default)


I'm not sure about Gentoo but in fc default sudo where the password blank is, that is where you 'USER's password is required not root's password. Gentoo might have defaults diff from fc.

Last edited by echat; 12-21-2006 at 07:20 PM.
 
Old 12-21-2006, 07:06 PM   #10
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Have a look at

http://www.linux.com/guides/solrhe/S...ap5sec43.shtml

and see if it helps at all
 
Old 12-21-2006, 07:46 PM   #11
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Also check the PAM configuration, such as the files in /etc/security/

The access.conf file might contain a line like: '-:wheel:ALL EXCEPT LOCAL'. I don't know if the PAM access restrictions would apply or not to using "su" but if the authentication is handled by PAM this could be an issue.

Also, examine your logs. They should indicate what caused the rejection.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
No longer able to log into ssh. Password right but "permission denied" Baix Linux - Software 11 11-21-2008 12:44 PM
New SQUID user: How to clear the "access.log" and "store.log" automatically? yuzuohong Linux - Networking 2 12-02-2006 05:37 AM
Root can log on, user account can't. "Error in service module" Charlie Spencer Linux - Newbie 3 09-13-2006 01:35 PM
Root password no good for "software security device?" Rusted Linux - Security 3 04-26-2006 05:00 AM
where is the "enter root password or Contrl-D to continue" after FS repair at boot jg167 Red Hat 0 11-17-2004 01:20 AM


All times are GMT -5. The time now is 07:29 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration