Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
we have a Redhat Linux 9 box in our office. Somebody have played with that box and as a result no user is able to login to the box on any TTY console. When we put a user name to log in (root and non-root also), it doesnot ask for password, and simply login prompt appears again. Whereas I can log in as root user through ssh (pseudo terminal). I tail to /var/log/message and /var/log/secure to see what is prohibiting users from logging in to TTY console, but no log appears.
I have checked basic things like....
1) all terminals are allowed in /etc/securetty
2) permission of the /etc/securetty is 600 which should be
3) /etc/nologin file does not exist
4) root and other user account can login through ssh session
5) there is no setting in /etc/security/access.conf
What else I missed to check........ can anybody help me.......
If you mean hacked, I'm not surprised if you've got the orig RH9 (Shrike?). Support for that was discontinued yrs ago, so its wide open to exploits.
Try RH Fedora 8 (9 just came out) which is free, or Centos, which is a free version of RH Enterprise Linux.
If you want to stick with what you've got & if you've got the time & expertise, you can try to fix it/make notes, but frankly a clean re-install is the only safe way (after backing up any key data).
Thanks for your suggestions, The syslog service is running on the box and it is loggin all the login event from remote host through ssh in /var/log/secure but it is not loggin a single login attempt from TTY terminal.
And I dont mean to say that somebody has hacked the machine, but somebody working in my organization previously has done something nasty for some reason that has caused this thing.
I think I should work out on logs first which will give me direction to troubleshot the problem.
Just try single use mode and go through the /etc/passwd file.
It may have been changed. Or find out if there a file /etc/nologin.
If that file exists, delete it.
Thanks for your response, the /etc/nologin file does not exist, and I see no problem in /etc/passwd as I am able to login through ssh from remote machine.
Following are the some file's output, I think they are ok.
the line:
auth required /lib/security/pam_nologin.so
only checks for the existence of /etc/nologin and denies login if the user isn't root.
i'm still looking for workaround on this. since u said that local logins aren't being logged, u might wanna take a look at ur syslog config or paste it here.
another thing u can do is run sysreport and upload the report here, that would provide more info so we can further troubleshoot this.
ppl should know to never piss off those who administer your server
Thanks for your response, the /etc/nologin file does not exist, and I see no problem in /etc/passwd as I am able to login through ssh from remote machine.
Following are the some file's output, I think they are ok.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.