Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-18-2001, 08:30 AM
|
#1
|
LQ Newbie
Registered: Jul 2001
Location: Zaragoza (SPAIN)
Distribution: Red Hat
Posts: 3
Rep:
|
Please help: console root login incorrect!
I administer a Linux Server with Red Hat 6.2 and yesterday, suddenly, I cannot login in the console as root: after typing the password, the system answer "Login incorrect". I can login as any valid user and su, in the console and in the LAN terminals.
The error in the log is
"Jul 18 14:26:52 mail PAM-securetty[2701]: Error opening /etc/securetty
Jul 18 14:26:56 mail login[2701]: FAILED LOGIN SESSION FROM (null) FOR root, Error in service module".
The securetty is OK.
If I make a "ps" command, the list don't show any TTY number (only "?").
If I make a "w" command, the list is correct, saying I'm at "pts/0" tty.
Does anyone has any suggestion?
|
|
|
07-18-2001, 09:09 AM
|
#2
|
Member
Registered: Jun 2001
Location: Northern Ohio
Distribution: RedHat, Engarde and LFS
Posts: 237
Rep:
|
you could try to reset the root password, by rebooting into single user mode.
|
|
|
07-18-2001, 07:36 PM
|
#3
|
Member
Registered: Apr 2001
Location: Brisbane, Australia
Distribution: Ubuntu
Posts: 146
Rep:
|
You don't need the single user mode. He can su to root so he doesn't need to boot into single.
Try reseting root's password after you su.
One question, are you trying to login as root with telnet? That generally is a bad security practice and the default is to not let you do that.
If you want to do that then it is possible but not adviseable.
|
|
|
07-19-2001, 02:37 AM
|
#4
|
LQ Newbie
Registered: Jul 2001
Location: Zaragoza (SPAIN)
Distribution: Red Hat
Posts: 3
Original Poster
Rep:
|
I tried to change root password from su, with linuxconf and command line, but:
1) I CAN change it from su.
2) If I do it with linuxconf, the error is the following:
Jul 19 08:22:51 mail PAM_pwdb[31405]: auth could not identify password for [root]
Jul 19 08:23:06 mail inetd[1296]: pid 31401: exit status 1
Jul 19 08:23:09 mail PAM_pwdb[31405]: authentication failure; aponcel(uid=0) -> root for passwd service
AND now only my user (aponcel) who has administration privileges can log into the system (console and telnet). Rest of users cannot login, but can access by pop3d service (the authentication runs with this).
The problem continue unless I change root password.
UFF!!
More ideas????
|
|
|
07-19-2001, 02:49 AM
|
#5
|
Senior Member
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731
Rep:
|
My guess is that you're running a mail server. The former admin probably did not want people getting any services other than pop3 from the machine. Good idea. Seriously.
As for the root user problem, perhaps there is a sudo or sudoers file you can poke at.
Check out http://www.linuxquestions.org/questi...?threadid=4421
as it was a concern of mine (security - wise). We are selling the house and I have to be here to keep an eye on the server farm because of this issue. Paranoid? Yes. But I really don't want to risk our service on bad judgement.
|
|
|
07-19-2001, 03:04 AM
|
#6
|
Member
Registered: Jun 2001
Location: Northern Ohio
Distribution: RedHat, Engarde and LFS
Posts: 237
Rep:
|
check out my post at
http://www.linuxquestions.org/questi...7069#post17069
I would also suggest changing to BIOS so that it boots from the harddrive only. Once you have done this, set a BIOS password. This way noone will be able to boot from cdrom or floppy without changing the BIOS which will require a password to do.
Good Luck
|
|
|
07-19-2001, 03:32 AM
|
#7
|
LQ Newbie
Registered: Jul 2001
Location: Zaragoza (SPAIN)
Distribution: Red Hat
Posts: 3
Original Poster
Rep:
|
TTY not identify
The system is running sendmail, apache and squid.
I am the admin and I installed this server. All ran ok until two days ago. I accept telnet and ftp access to the server only throught our LAN, to mantein the intranet, admin, etc.
I think there is any wrong and the system cannot identify the TTY number (ps report ? TTY) and so I have root access only in the console (/etc/securetty), root cannot log in because the system don't know that root is in the console.
Any idea which files must I review?
---
cinnix, I don't need a BIOS password, because we have a "servers room", well protected.
|
|
|
07-19-2001, 03:42 AM
|
#8
|
Senior Member
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731
Rep:
|
<shrug>
Ya got me there, bud. But why do users need telnet?
|
|
|
All times are GMT -5. The time now is 04:36 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|