LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 10-19-2009, 06:04 PM   #1
nekkro-kvlt
LQ Newbie
 
Registered: May 2009
Posts: 20

Rep: Reputation: 0
Stange problem with root login on ssh


Hi there, I'm using a Synology DS101J nas with linux on it. I saw that there was open ssh 4.2, so i upgraded to the last 5.X version. I linked the right sshd_config, i have passwordAuthentication yes, permitrootlogin, and allowedUsers admin root

I can log with admin, but not with root, but that's the strange thing:
root is meant to have the same pass as admin does, but the /etc/shadow entry is different, but i can login using telnet or the webinterface using the admin password with the root user. I don't want to change the root pass because i'm afraid I'll break something, cause it's a special distribution for a NAS.

Maybe there's a tricky configuration with telnet, but there's no telnetd.conf so I assume the defaults parameters are used.

Thanks for your advices guys.
 
Old 10-19-2009, 07:07 PM   #2
foodown
Member
 
Registered: Jun 2009
Location: Texas
Distribution: Slackware
Posts: 611

Rep: Reputation: 220Reputation: 220Reputation: 220
Quote:
Originally Posted by nekkro-kvlt View Post
Hi there, I'm using a Synology DS101J nas with linux on it. I saw that there was open ssh 4.2, so i upgraded to the last 5.X version. I linked the right sshd_config, i have passwordAuthentication yes, permitrootlogin, and allowedUsers admin root
I believe that the correct format for the root login parameter is:
Code:
PermitRootLogin yes
Changing that >>should<< allow the root login.

I do not believe that you have to additionally use "AllowedUsers" for root.

Quote:
Originally Posted by nekkro-kvlt View Post
I can log with admin, but not with root, but that's the strange thing:
root is meant to have the same pass as admin does, but the /etc/shadow entry is different, but i can login using telnet or the webinterface using the admin password with the root user. I don't want to change the root pass because i'm afraid I'll break something, cause it's a special distribution for a NAS.
I can't imagine that doing a 'passwd' as root would break anything . . . the hash in shadow for each being different does not necessarily mean that the passwords aren't the same.

Quote:
Originally Posted by nekkro-kvlt View Post
Maybe there's a tricky configuration with telnet, but there's no telnetd.conf so I assume the defaults parameters are used.
As far as I know, root login is not allowed in telnet by default, so that is an odd telnetd or there is a config file somewhere.
 
Old 10-19-2009, 11:37 PM   #3
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Ubuntu 12.04, Antix19.3
Posts: 3,794

Rep: Reputation: 282Reputation: 282Reputation: 282
The salt (the first part what you see as password in /etc/shadow)) that is used for the for the password hashing is different and therefore the total password that you see is different.

If I understand you correctly, you CAN login as root but not when you use SSH? If so, keep it like that, use admin (or another user to login) and use su - root. It's a lot safer and even if that box is not connected to the big bad world it's still a good habit.
 
Old 10-20-2009, 06:30 AM   #4
nekkro-kvlt
LQ Newbie
 
Registered: May 2009
Posts: 20

Original Poster
Rep: Reputation: 0
Thanks for your help, but it still not work:

login: admin
...
partage> su root
su: This applet requires root priviledges!
partage> su - root
su: This applet requires root priviledges!

I've put the right PermitRootLogin, I've uncommented it in sshd_config.
All the config is the sshd_config by default, exept i set the permitrootlogin, allowusers, and PasswordAuthentication yes

For the telnetd, i typed find / | grep telnetd.conf and there's nothing. Also check inetd.conf, but no referecence to any configuration file

The thing is that is used to work before I upgraded the version of openssh.
 
Old 10-21-2009, 12:43 AM   #5
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 7.7 (?), Centos 8.1
Posts: 17,863

Rep: Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598
Just to point out that su and ssh have nothing to do with each other. See also sudo. They are separate cmds.
 
Old 10-21-2009, 01:08 AM   #6
foodown
Member
 
Registered: Jun 2009
Location: Texas
Distribution: Slackware
Posts: 611

Rep: Reputation: 220Reputation: 220Reputation: 220
Quote:
Originally Posted by nekkro-kvlt View Post
I've put the right PermitRootLogin, I've uncommented it in sshd_config.
All the config is the sshd_config by default, exept i set the permitrootlogin, allowusers, and PasswordAuthentication yes

For the telnetd, i typed find / | grep telnetd.conf and there's nothing. Also check inetd.conf, but no referecence to any configuration file
Just to be completely clear . . . it does say, "PermitRootLogin yes" in your sshd_config file? Just "PermitRootLogin" is not sufficient, I do not think.

The prompt, "partage>" . . . is that how your shell prompt has always looked on that machine?

If just "su" is really not working, perhaps "sudo su -" and enter the password for the admin user when prompted . . . depends on the configuration of the sudoers file and the permissions on the su executable as to what will work and for whom.

To sidestep all of that, though, if "PermitRootLogin yes" is in sshd_config, you should be able to log straight in as root with a simple "ssh root@hostname"

As pointed out earlier, it is preferable from a security point of view to log in as a less privileged user and then set UID to root.
 
Old 10-21-2009, 02:37 AM   #7
nekkro-kvlt
LQ Newbie
 
Registered: May 2009
Posts: 20

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by foodown View Post
Just to be completely clear . . . it does say, "PermitRootLogin yes" in your sshd_config file? Just "PermitRootLogin" is not sufficient, I do not think.

The prompt, "partage>" . . . is that how your shell prompt has always looked on that machine?

If just "su" is really not working, perhaps "sudo su -" and enter the password for the admin user when prompted . . . depends on the configuration of the sudoers file and the permissions on the su executable as to what will work and for whom.

To sidestep all of that, though, if "PermitRootLogin yes" is in sshd_config, you should be able to log straight in as root with a simple "ssh root@hostname"

As pointed out earlier, it is preferable from a security point of view to log in as a less privileged user and then set UID to root.
yes, I set PermitRootLogin yes, partage> is the right prompt (was using telnet as root, local personnal network, not so crazy )

when I type su - or su root it gave me the message above, and the sudo command doesn't even exists...
Maybe i have to set UID root to my admin user to be able do make a su - root ? But how to do so ? I'm quite new in unix administration

You have to know that's a very minimalist distro, acting more as a firmware with extended function as you have in linksys WRT54G for example.
 
Old 10-24-2009, 05:27 AM   #8
nekkro-kvlt
LQ Newbie
 
Registered: May 2009
Posts: 20

Original Poster
Rep: Reputation: 0
passwd root does the trick, but's if someone got an idea why did it works with telnet, but not with ssh, I'm really curious about that...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ssh Login As Root rajaniyer123 Solaris / OpenSolaris 2 12-20-2006 01:10 AM
root login on ssh Panagiotis_IOA Linux - Networking 3 07-15-2006 10:25 PM
Allow upgrade to root after login ssh bourbon_beast Linux - Security 2 10-27-2005 04:21 AM
ssh only allow root login chongluo Linux - Newbie 1 10-28-2004 08:51 AM
Only root can login via ssh cmisip Linux - Security 5 04-26-2003 05:16 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration