Hello,
I am a newbie. I have two problems one with the root user and one with vnc.
I am using mandrake 10.1

root problem.
I want to login as root. So I logout as me, get a GUI login prompt and type root (all lower case) and the password. It returns with make sure you are typing the user name and password correctly etc...
So I logged back in as me and then tried to run something which required root permissions. It asked me for the password of root and I typed it in exactly the same as before and it worked. I also checked in the user administration to see if "root" was "Root" or "ROOT" but it is not. It's just plain old "root". I changed the password of root to "password" (all lower case) I logged off and tried again but I still get the same problem saying I typed the username or password incorrect.
I was running in secure mode and thought that was the problem but after a reboot and running linux in "linux" mode instead of "linux secure" I still get the same problem. I have checked and double checked that capslock is not on etc..
Any Ideas


VNC problem
I can vnc to my windows machine from my linux machine no problem. but when I try from the windows to linux it get the message "Server closed connection unexpectedly". I have run the vncserver on the linux machine. In windows I am using the ip address (which is correct and I have checked it) with the process number so it looks like this 10.10.10.35:1 what am I doing wrong. I am running the vncserver as myself. should it be as root.
Any Ideas

Cheers Yesterdays

First try su command and see if you can login that way to root from a normal user. Then check the /etc/passwd file to see if root line has anything strange with it.

then try to login as root from the console: press ALT+CTRL+F1 and login.

Post here which of these work for you.

Hi
I tried the su command and that works fine I can access the root folder etc.. I checked the passwd file and it looked fine here is the line "root:x:0:0:root:/root:/bin/bash"
any ideas?

If you can su but not log in, perhaps root login is disabled. Very often root login is disabled on the GUI, and sometimes (rarely) consoles as well. I believe /etc/securetty is the configuration file for this.

That file has nothing in it?
is it the right file?

cheers yesterdays

Welcome to Linux! You'll find that once you get all of your hardware working (can't in my case, ATI AiW 8500DV and ATI Radeon 7500PCI in Xinerama mode - no TV tuner possible in this configuration) you won't be going back to Windows.

This goes without saying, but I'll say it anyhow: If your computer is connected to the Internet (or any public network) in ANY way, be it dialup, broadband, or T-1, never, never, never, NEVER give root a simple password. I'm a fan of taking multiple words from multiple languages, concatenating them together, and putting punctuation or numerals into the mix - not between the words, but IN the chosen words. I also recommend disabling the 8-character limit on passwords if that "feature" is enabled on your system - security is more important than backwards compatibility in this case.

I believe Matir posted what you're looking for, BTW - you may need to dig a little because some distributions rename or even move otherwise-standard configuration files - I am unfamiliar with Mandrake so I can't tell you where they actually put the real file, but that setting is very likely the cause of your problem.

KimVette what is the point of your post. It doesn't help at all. I know what to do with passwords etc..
My machine isn't directly on the internet it is running through a PAT configuration. so even if the password is password it would be OK(to a point).
I know you think you were helping but it sounded like you were lecturing about the rights and wrongs about passwords to make yourself sound more important. A little ego trip.:P
What would have been great is if that paragraph you wrote on passwords was instead on helping me solve my problem.:P

Being a rude jackass removes any incentive for people to help you.

Good luck.

Well, despite the flamewar with KimVette, I'm still willing to help newbies. I believe KimVette's point was that you DID mention you were new to linux. Not all "newbies" are well versed in security. I do not believe it was meant as an insult, but rather it was just an attempt to help you. With that, I do believe I have a solution for you.

If /etc/securetty is emtpy, then root cannot log in ANYWHERE. It must contain a line for each console on which you want root to log in on. A default one often contains:
Sorry for the long post, but that's what it is. If your distro has moved the securetty location, you'll need to find it first. man 5 securetty may help.

Hey thats great thanks Matir,
I haven't done anything yet but I will look at that tomorrow.

and KimVette If I hurt your feelings I'm sorry OK. I deal with a lot of people that say quotes like you said, making out like they wrote the book on linux but instead they have only read up to chapter 3 on "Linux for Dummies". I suppose I get pead off with it.
No offence meant lets be friends
You know what is funny is when people call other people "Jackass" It's about insulting as you poking me in my arm!!
what do all the lines stand for in the /etc/securetty?
thanks for the help
yesterdays

its been a while since ive installed mandrake but.. (BTW this might be SuSe im talking about :s)

i had the exact same problem then noticed that when you install it asks for a security user
root will not work, you should use the name you gave as the security user

hope this helps


peace

Each line stands for one virtual console. Have you ever hit alt-1, alt-2, alt-3 to switch between the different "virtual screens" (really called "Virtual Consoles) in Linux? By enabling each tty to allow the root user, you are allowing root to log in on that virtual console.

You may consider this feature to be a little complicated since the days of dumb serial terminals (like the VT120, etc.) are in the past, but it's still very much alive in a virtual sense, and in kiosk environments with thin clients. By keeping root restricted such that it must first be explicitly allowed to log in from a terminal (whether real or virtual), it is keeping the box secured.

BTW if you have a modem on your box, and it is connected to the telephone line, and it's configured to automatically answer the line, you want to disable these:

tts/0
ttyS0

BTW If I were trying to insult you I wouldn't have said you were being a jackass, but that you're acting like a dateless pimple-faced 17-year-old - but I didn't say that now, did I? ( I couldn't resist, please don't take offense. I'm only kidding around.)

Hey,
Thanks for all the help. I'm hearing bells ringing I remember something about a security user in the installation. I will try that. I am going to add the lines to /etc/securetty as well and I'll let you know.
I think I will be posting more questions on this site I like the banter!

I like this quote! Now thats an insult!
Ltr Dudes

If you are using gdm to login you can enable root logins in gdm.conf. I believe you would change AllowRoot=false to true. It's been awhile since I wanted root to login through the gui so this could be wrong.

The file tell which terminals that the root are allowed to login from. In your case none.
You can add entries in that file to be able to log in directly as root.
Not allowing root to login directly is advisable, you can still change user, using the su - command.
By doing so an attacker would first have to find a valid username on the system, crack the password for that user and then try to crack the root password.