Please help: console root login incorrect!
I administer a Linux Server with Red Hat 6.2 and yesterday, suddenly, I cannot login in the console as root: after typing the password, the system answer "Login incorrect". I can login as any valid user and su, in the console and in the LAN terminals.
The error in the log is "Jul 18 14:26:52 mail PAM-securetty[2701]: Error opening /etc/securetty Jul 18 14:26:56 mail login[2701]: FAILED LOGIN SESSION FROM (null) FOR root, Error in service module". The securetty is OK. If I make a "ps" command, the list don't show any TTY number (only "?"). If I make a "w" command, the list is correct, saying I'm at "pts/0" tty. Does anyone has any suggestion? |
you could try to reset the root password, by rebooting into single user mode.
|
You don't need the single user mode. He can su to root so he doesn't need to boot into single.
Try reseting root's password after you su. One question, are you trying to login as root with telnet? That generally is a bad security practice and the default is to not let you do that. If you want to do that then it is possible but not adviseable. |
I tried to change root password from su, with linuxconf and command line, but:
1) I CAN change it from su. 2) If I do it with linuxconf, the error is the following: Jul 19 08:22:51 mail PAM_pwdb[31405]: auth could not identify password for [root] Jul 19 08:23:06 mail inetd[1296]: pid 31401: exit status 1 Jul 19 08:23:09 mail PAM_pwdb[31405]: authentication failure; aponcel(uid=0) -> root for passwd service AND now only my user (aponcel) who has administration privileges can log into the system (console and telnet). Rest of users cannot login, but can access by pop3d service (the authentication runs with this). The problem continue unless I change root password. UFF!! More ideas???? |
My guess is that you're running a mail server. The former admin probably did not want people getting any services other than pop3 from the machine. Good idea. Seriously.
As for the root user problem, perhaps there is a sudo or sudoers file you can poke at. Check out http://www.linuxquestions.org/questi...?threadid=4421 as it was a concern of mine (security - wise). We are selling the house and I have to be here to keep an eye on the server farm because of this issue. Paranoid? Yes. But I really don't want to risk our service on bad judgement. |
check out my post at
http://www.linuxquestions.org/questi...7069#post17069 I would also suggest changing to BIOS so that it boots from the harddrive only. Once you have done this, set a BIOS password. This way noone will be able to boot from cdrom or floppy without changing the BIOS which will require a password to do. Good Luck |
TTY not identify
The system is running sendmail, apache and squid.
I am the admin and I installed this server. All ran ok until two days ago. I accept telnet and ftp access to the server only throught our LAN, to mantein the intranet, admin, etc. I think there is any wrong and the system cannot identify the TTY number (ps report ? TTY) and so I have root access only in the console (/etc/securetty), root cannot log in because the system don't know that root is in the console. Any idea which files must I review? --- cinnix, I don't need a BIOS password, because we have a "servers room", well protected. |
<shrug>
Ya got me there, bud. But why do users need telnet? |
All times are GMT -5. The time now is 04:56 PM. |