LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-01-2007, 10:28 PM   #1
trebek
Member
 
Registered: Feb 2005
Location: Costa Rica
Distribution: Ubuntu, gOS, Debian & Slack 12
Posts: 426

Rep: Reputation: 30
su - failure


Hello there guys. I've got the following message when trying su -:

Password:
su: Authentication failure
Sorry.

This is very very strange. Last time i had the computer on, i was configuring my wireless connection with wpa2, and i had no problem using sudo or using su -. Now, i boot up my computer, and i can't do this; i tried doing sudo apt-get update, and it did it fine. What happens is it just thinks for a while and then displays the last 2 lines before bringing me back to a prompt.

I haven't changed my password or nothing, it just stopped working. I have a kubuntu 7.04 system.

Any ideas.

Last edited by trebek; 09-01-2007 at 11:03 PM.
 
Old 09-02-2007, 03:20 AM   #2
Okie
Senior Member
 
Registered: Mar 2002
Location: Oklahoma
Posts: 1,154

Rep: Reputation: 187Reputation: 187
try sudo su
 
Old 09-02-2007, 07:39 AM   #3
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Mint
Posts: 17,809

Rep: Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743
can you change the root password using "sudo passwd root"?
 
Old 09-02-2007, 01:08 PM   #4
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by trebek View Post
Password:
su: Authentication failure
Sorry.
Perfectly normal behavior on a system with no root password set, such as is the case with *Ubuntu systems, which use sudo by default.
 
Old 09-02-2007, 01:50 PM   #5
trebek
Member
 
Registered: Feb 2005
Location: Costa Rica
Distribution: Ubuntu, gOS, Debian & Slack 12
Posts: 426

Original Poster
Rep: Reputation: 30
If this is so, then i don't ever need to use 'su -', to become root, since i just add sudo to whatever command that needs root privileges. This in fact is very cool then, cause i think i read somewhere that it's not secure to perform things being root. So yeah, sounds good. Either way, i'll change the sudo root password to check, and also because it's been a while since i changed it, so it's about time now.

BTW, sudo su did change me to root, so that worked.

Thanks guys, if something gets messed up, i'll be sure to post it up here.

Last edited by trebek; 09-02-2007 at 01:52 PM.
 
Old 09-02-2007, 02:52 PM   #6
Okie
Senior Member
 
Registered: Mar 2002
Location: Oklahoma
Posts: 1,154

Rep: Reputation: 187Reputation: 187
after years of doing su the old fashioned way and when i tried ubuntu for the first time that threw me a curve ball too (swing & a miss - strike one!)

i still prefer the old fashioned way...
 
Old 09-02-2007, 05:03 PM   #7
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by trebek View Post
If this is so, then i don't ever need to use 'su -', to become root, since i just add sudo to whatever command that needs root privileges. This in fact is very cool then, cause i think i read somewhere that it's not secure to perform things being root. So yeah, sounds good.
Yeah, no reason at all to use "su -". Like I said, "su -" shouldn't even work at all. If for some reason you want to become root for more than a few commands then use somehting like "sudo -i" or "sudo -s". Check "man sudo" for info about those.

Quote:
Either way, i'll change the sudo root password to check, and also because it's been a while since i changed it, so it's about time now.
There is no sudo root password. There is only the password of your non-root user account with sudo privilages (by default it's the user you created during the install). More specifically, it's any user with membership to the "admin" group. I know this is likely what you meant but I'm stating it here just to make sure.

Last edited by win32sux; 09-02-2007 at 05:05 PM.
 
Old 09-03-2007, 10:38 AM   #8
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 234Reputation: 234Reputation: 234
I like the old fashioned way too.

When you use sudo you are still operating w/ root privilege, so be careful -- it's just as dangerous.

sudo su & sudo su - will also work.

It is arguable (I wouldn't call it debatable because of the heat involved) whether allowing root privilege based on a regular user password is more or less secure than having a separate root password.
(Homework Assignment: Guess which side I'm on. )
 
Old 09-03-2007, 01:48 PM   #9
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
I think that a "sudo vs. su" discussion would be okay in this thread (it is not off-topic). So if anyone has any fact-based info/opinions/links about the issue, please do post them. Heat only manifests itself when we limit ourselves to "this is the way I prefer" without providing any factual basis which can help others make their own decision. Nothing wrong with an opinion, of course - it's just that we are all much better-off if we try to go a little further into technical aspects.

Last edited by win32sux; 09-03-2007 at 02:02 PM.
 
Old 09-04-2007, 11:28 PM   #10
trebek
Member
 
Registered: Feb 2005
Location: Costa Rica
Distribution: Ubuntu, gOS, Debian & Slack 12
Posts: 426

Original Poster
Rep: Reputation: 30
Thanks for clearing that out for me, cause i didn't mean that at all. I thought that sudo took you to a root state for the command being executed at the moment, but now it all seems just right\. I agree that the change is kinda strange, and it is indeed a curve ball. Either way, on Ubuntu and Kubuntu works just fine to use sudo, basically don't need to ever become root. In fact, when using Slackware, just recently, i found out that you can use sudo -c and you are not required to become root anymore, which i kinda like that better, just in case you forget to exit the root mode.

I hope i didn't create any kind of problem by posting all these inquiries, i just had the doubt and a lot of things started brain-storming into my head. I guess that's why i use linux. Frees up your mind.

Thanks for all the help. LQ RULES.
 
Old 09-05-2007, 09:16 PM   #11
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,397

Rep: Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777Reputation: 2777
Well, historically we had
su
to switch user,
su -
to switch user AND gain their env settings.
By default it switches to root if you don't specify a different user.
suod was invented to allow non-root users to do the odd elevated priveleges cmd to save wear & tear on the sysadmin.
The original idea was you would always specify exactly which cmds could be used via sudo ie
sudo su -
would not normally be allowed.
However, architecturally it works just as well.
Personally I would go with sudo for specific cmds only.
You might just as well give a user the root passwd and use
su -
if you give them the ability to do the same via sudo.
However, iirc, sudo does have a logging option, which is an advantage over su.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Telnet : Temporary failure in name resolution : Host name lookup failure koodoo Linux - Newbie 10 02-11-2008 07:59 PM
X failure Creeps Linux - Newbie 1 10-03-2004 12:27 PM
PostScript failure result in printing failure cawwt Linux - General 2 10-01-2004 01:06 PM
Failure on First Try downinthemine Slackware - Installation 3 12-18-2003 12:12 PM
HD Failure jt1020 Linux - General 11 05-12-2003 01:38 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration