LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-25-2008, 09:04 AM   #1
arjuns8471
LQ Newbie
 
Registered: Feb 2008
Posts: 17

Rep: Reputation: 0
Cannot login through local console


HI,

I have got a problem with my login. I am not able to login through local console or ssh to my machine. In sshd_config file, i have changed the port no. Used DenyUsers, DenyGroups, AllowUsers and blocked the root login. I also used the /etc/hosts.allow to deny some domains,

sshd: .hinet.net deny

I tried to take backup using this command

tar -zcvpf /archive/full-backup-`date '+%d-%B-%Y'`.tar.gz \
--directory / --exclude=mnt --exclude=proc --exclude=var/spool/squid

but it never worked. Now i am not able to login to my machine through ssh or local console. In local console when logging in, it falls back to the login screen saying "Authentication Failure" in a flash.

Please help me get out of this soup. Thanking you all in advance.
 
Old 04-25-2008, 09:12 AM   #2
Agrouf
Senior Member
 
Registered: Sep 2005
Location: France
Distribution: LFS
Posts: 1,591

Rep: Reputation: 79
It's not a good idea to create a tar file of / under /archive, because /archive is located under /
It your disk full now?
 
Old 04-25-2008, 02:54 PM   #3
Barun
LQ Newbie
 
Registered: Apr 2008
Posts: 7

Rep: Reputation: 0
regarding problem tcp wrappers

try to use /etc/hosts.deny

and block domains by putting value in it

sshd: abc 192.168.1. def

// it will block abc and ip 192.168.1. ans def

// its easy to understand
 
Old 04-26-2008, 12:31 AM   #4
arjuns8471
LQ Newbie
 
Registered: Feb 2008
Posts: 17

Original Poster
Rep: Reputation: 0
i am not able to login to my machine through ssh or local console. In local console when logging in, it falls back to the login screen saying "Authentication Failure" in a flash.
 
Old 04-26-2008, 12:52 AM   #5
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
Is /archive a mounted network directory or on your filesystem. I think the notion that your filesystem might be full may be correct. You may need to boot up with a live distro, and examine the filesystem that way. You an also double check your /etc/hosts.allow & /etc/hosts.deny files and maybe temporarily undo some of your changes. In the very least, you can read the log file to see why authentication failed.

However, in the future, if you make authentication changes as you have, it is a good idea to be logged in to a local vt and try logging in on a different one. Then if your test fails, you can undo the changes to login again. For changes made remotely, having an active ssh connection and testing making a new connection would be a good idea as well. Don't feel too bad however. I read that locking out all logins is something every system admin has done once. It is very easy to do if you modify the pam configurations.

The AllowUsers entry in /etc/sshd_config takes precedence over DenyUsers, so you just need AllowUsers (and disable root logins) to deny all other regular users & system users.

Last edited by jschiwal; 04-26-2008 at 12:56 AM.
 
Old 04-29-2008, 01:51 AM   #6
arjuns8471
LQ Newbie
 
Registered: Feb 2008
Posts: 17

Original Poster
Rep: Reputation: 0
Question RE

Thanks for ur comment. I am afraid that if the file system is corrupted then the system will not boot up. How can i check the integrity of my file system and if corrupted how can i restore it, without losing all my other configurations. Can i access the configuration files from rescue mode or single user mode ? Please give me a suggestion.
 
Old 04-29-2008, 09:25 AM   #7
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,085

Rep: Reputation: 398Reputation: 398Reputation: 398Reputation: 398
Quote:
Can i access the configuration files from rescue mode or single user mode ?
Yes, you can
Quote:
How can i check the integrity of my file system and if corrupted how can i restore it, without losing all my other configurations.
You can run fsck from single user mode with the following command
/sbin/shutdown -rF now
The system will reboot, and run fsck as it comes up.

But I do not think your filesystem is "corrupted". I think it is "full". See Agrouf's post at #2 in this thread.
 
Old 04-30-2008, 01:09 AM   #8
arjuns8471
LQ Newbie
 
Registered: Feb 2008
Posts: 17

Original Poster
Rep: Reputation: 0
Exclamation Re

Thanks for ur comment. Do i need a bootup disk to get into Single User Mode? How can i get in to Single user mode? How can i edit the hosts.allow file from the single User mode? Please give me a suggestion.. Thanking you in advance.
 
Old 04-30-2008, 04:15 AM   #9
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,085

Rep: Reputation: 398Reputation: 398Reputation: 398Reputation: 398
Quote:
How can i get in to Single user mode?
When grub boots, you'll be offered a menu of kernels to boot. Your default will be highlighted. If you do nothing, it'll boot.

To boot to Rescue ("Single user") mode press the down arrow to select "Rescue Mode" (before grub times out and boots the default, you might have to be quick!), then press return.

Quote:
How can i edit the hosts.allow file from the single User mode
By using your favourite editor: vi, nano, emacs, whatever. Note: You have no GUI in single user mode, so you need to learn to use an editor that'll work in a plain text terminal.

And anticipating the next Q:

How do you exit single user mode?

Code:
shutdown  -r  now
will reboot for you.
 
Old 05-02-2008, 01:24 AM   #10
arjuns8471
LQ Newbie
 
Registered: Feb 2008
Posts: 17

Original Poster
Rep: Reputation: 0
Question Re

Thanks alot for that comment. Do i need to check my filesystem before editing any conf files? If so how to do it? Also there are only a handful of commands we can use at Single User Mode, is vi available?

vi /etc/hosts.allow, vi /etc/sshd_config

Will these commands run at Single user mode? Can we edit and save the changes using ESC:wq as usual? I only saw pico command at single user mode. If thatz the only way then how to work with that command?

Thanking you in advance ....
 
Old 05-02-2008, 02:31 AM   #11
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,241

Rep: Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325
vi is the default editor for Unix/Linux... it'll be there ... and that's why I always recommend people have a basic knowledge of vi, even if they hate it and prefer gedit or something.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH to local console (tty) mastrboy Linux - General 6 01-15-2010 06:54 AM
users cant able to login in any console,but root can login. skumar.v Linux - Security 1 04-19-2008 07:57 AM
remote login screen but need local login lastkey Ubuntu 0 12-13-2006 02:41 AM
Computer only wants XDMCP login - How can I get back to local login? fldavem Linux - Software 0 06-07-2006 10:08 AM
Allow ProFTP login but prevent local login? sorrodos Linux - Networking 2 06-23-2004 02:56 PM


All times are GMT -5. The time now is 07:28 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration