LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-18-2001, 07:30 AM   #1
aponcel
LQ Newbie
 
Registered: Jul 2001
Location: Zaragoza (SPAIN)
Distribution: Red Hat
Posts: 3

Rep: Reputation: 0
Unhappy Please help: console root login incorrect!


I administer a Linux Server with Red Hat 6.2 and yesterday, suddenly, I cannot login in the console as root: after typing the password, the system answer "Login incorrect". I can login as any valid user and su, in the console and in the LAN terminals.
The error in the log is
"Jul 18 14:26:52 mail PAM-securetty[2701]: Error opening /etc/securetty
Jul 18 14:26:56 mail login[2701]: FAILED LOGIN SESSION FROM (null) FOR root, Error in service module".
The securetty is OK.
If I make a "ps" command, the list don't show any TTY number (only "?").
If I make a "w" command, the list is correct, saying I'm at "pts/0" tty.

Does anyone has any suggestion?
 
Old 07-18-2001, 08:09 AM   #2
cinnix
Member
 
Registered: Jun 2001
Location: Northern Ohio
Distribution: RedHat, Engarde and LFS
Posts: 237

Rep: Reputation: 30
you could try to reset the root password, by rebooting into single user mode.
 
Old 07-18-2001, 06:36 PM   #3
hazza96
Member
 
Registered: Apr 2001
Location: Brisbane, Australia
Distribution: Ubuntu
Posts: 146

Rep: Reputation: 15
You don't need the single user mode. He can su to root so he doesn't need to boot into single.

Try reseting root's password after you su.

One question, are you trying to login as root with telnet? That generally is a bad security practice and the default is to not let you do that.

If you want to do that then it is possible but not adviseable.
 
Old 07-19-2001, 01:37 AM   #4
aponcel
LQ Newbie
 
Registered: Jul 2001
Location: Zaragoza (SPAIN)
Distribution: Red Hat
Posts: 3

Original Poster
Rep: Reputation: 0
I tried to change root password from su, with linuxconf and command line, but:
1) I CAN change it from su.
2) If I do it with linuxconf, the error is the following:
Jul 19 08:22:51 mail PAM_pwdb[31405]: auth could not identify password for [root]
Jul 19 08:23:06 mail inetd[1296]: pid 31401: exit status 1
Jul 19 08:23:09 mail PAM_pwdb[31405]: authentication failure; aponcel(uid=0) -> root for passwd service
AND now only my user (aponcel) who has administration privileges can log into the system (console and telnet). Rest of users cannot login, but can access by pop3d service (the authentication runs with this).
The problem continue unless I change root password.
UFF!!
More ideas????
 
Old 07-19-2001, 01:49 AM   #5
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
My guess is that you're running a mail server. The former admin probably did not want people getting any services other than pop3 from the machine. Good idea. Seriously.

As for the root user problem, perhaps there is a sudo or sudoers file you can poke at.

Check out http://www.linuxquestions.org/questi...?threadid=4421

as it was a concern of mine (security - wise). We are selling the house and I have to be here to keep an eye on the server farm because of this issue. Paranoid? Yes. But I really don't want to risk our service on bad judgement.
 
Old 07-19-2001, 02:04 AM   #6
cinnix
Member
 
Registered: Jun 2001
Location: Northern Ohio
Distribution: RedHat, Engarde and LFS
Posts: 237

Rep: Reputation: 30
check out my post at

http://www.linuxquestions.org/questi...7069#post17069

I would also suggest changing to BIOS so that it boots from the harddrive only. Once you have done this, set a BIOS password. This way noone will be able to boot from cdrom or floppy without changing the BIOS which will require a password to do.

Good Luck
 
Old 07-19-2001, 02:32 AM   #7
aponcel
LQ Newbie
 
Registered: Jul 2001
Location: Zaragoza (SPAIN)
Distribution: Red Hat
Posts: 3

Original Poster
Rep: Reputation: 0
TTY not identify

The system is running sendmail, apache and squid.
I am the admin and I installed this server. All ran ok until two days ago. I accept telnet and ftp access to the server only throught our LAN, to mantein the intranet, admin, etc.
I think there is any wrong and the system cannot identify the TTY number (ps report ? TTY) and so I have root access only in the console (/etc/securetty), root cannot log in because the system don't know that root is in the console.
Any idea which files must I review?



---
cinnix, I don't need a BIOS password, because we have a "servers room", well protected.
 
Old 07-19-2001, 02:42 AM   #8
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
<shrug>
Ya got me there, bud. But why do users need telnet?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Secure root login on console only pyroman59 Linux - Software 1 11-01-2005 04:45 PM
Login Incorrect for everyone including Root at console morette Linux - General 2 07-30-2004 04:37 PM
Cannot login as root under console SuSE 8.2 HamishTPB Linux - General 3 07-11-2003 07:20 AM
root login incorrect ,then passwd root,but error sunnycn Linux - Security 6 05-20-2002 10:54 AM
Disable/Enable Root Login @ Console ryanstrayer Linux - Security 4 01-18-2002 04:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration