You login as `ROOT`? Does `root` work?
Can you post information from your /var/log/messages file.
Can you also press return and space out the information a few times, it makes reading the information a bit easier.
Main Topics
Browse All TopicsWe are running an sftp/ftp server on a Mandrake 8 linux box. I messed around with the /etc/passwd file and changed the user ID and group ID to 0:0 for just one user, thats all I did. After that we weren't able to login to machine at all. I can boot into failsafe mode and run graphic option and it asks for the root password and I enter it in and it works.. and I can get on to the system but I still can't login to ftp or sftp using any of the users. Also something weird in the GUI mode I can run terminal.. it just opens and closes. I also noticed something else odd when I boot it up normally it goes to our login prompt which usually then opens to a command line, well when I login as ROOT and use the right password it blinks and goes back to the user prompt, but if I use ROOT and just random passwords it always says incorrect login as with using the right password it doesn't just blinks and goes back to the user login. I didn't touch anything else in the passwd file at all. I also copied over the backup of the passwd, shadow, and group files.. any help as soon as possible would be appreciated as it is a company machine. Thanks!
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
It seems you have some garbage in your passwd file;
Dec 1 13:14:52 ftp sshd[12419]: User root not allowed because shell /bin/bash^M does not exist
Dec 1 13:14:52 ftp sshd[12419]: input_userauth_request: illegal user root
Dec 1 13:14:52 ftp sshd[12419]: Could not reverse map address 192.168.6.231.
Dec 1 13:14:52 ftp sshd[12419]: Failed none for illegal user root from 192.168.6.231 port 11430 ssh2
Do this;
vi /etc/passwd
:1,$s/CTRL+VM//g
NOTE: CTRL+VM means you press the Control Key + `V` then SHIFT + `m`.
Then have another go.
Neither am I! I'm a ubuntu guy... and I can open a vi editor and I typed in : 1 , $ s / then pressed ctrl + v and shift + m and got an error i couldn't enter in / / g after, if I am doing it correctly? (I didn't use the space I put in here, just used them here to make it look more clear. The /var/log/messages is attached above.
if you vi -b the passwd file, is the ^M still there? It may be an old error if you moved the files over.
Is there anything being logged in /var/log?
We need to find the errors being produced, look for secure or perhaps audit.log files.
I could have a guess at a permissions problems or SELinux (if this is in Mandrake!) but it's all guess work unless we can find an actual error.
Try booting into single user mode, then init 2, init 3 and see if there is anything happening. but look for the errors in the files.
I'm about to call it a night, I'm sure someone else will pick the Q up if omar is not about.
Business Accounts
Answer for Membership
by: omarfaridPosted on 2008-12-01 at 12:47:42ID: 23072246
can you post the content of the /etc/passwd file? you may remove sensitive data while posting