Solved

No password prompt... Can't login...

Posted on 2000-06-01
10
647 Views
Last Modified: 2007-02-13
My server no longer prompts me for a password when I try to login, neither from the console, or by telnet.  All of the services seem to still be working (FTP, HTTP, DNS, etc.), but I cannot login.  I type in my username at the login prompt, then hit enter.  The cursor advances to the next line, but the password promt never appears for me to complete login.  I've never been locked out of a linux box before, and I've been using Linux since 1994.  I am a bit concerned, since this box is in production as the main DNS server for my company.  Any help will be greatly appreciated.  Thanks beforehand.

-JacobC
0
Comment
Question by:sigmund
10 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2879125
Well something is certainly hosed up. Have you rebooted the system and does the problem persist across a reboot? Has anything been installed or upgraded recently (like anything that would change any of the shared libraries)? Can you get into the system from a single user boot ("linux single" at the Lilo prompt). In single user mode does /etc/passwd & /etc/shadow look correct?
0
 
LVL 2

Expert Comment

by:linuxwrangler
ID: 2879190
Is the result the same if you try a different virtual terminal on the console?
0
 

Expert Comment

by:ax052300
ID: 2880603
What does your /etc/inittab say?  You should have a bunch of lines in there in the form:

1:2345:respawn:/sbin/mingetty tty1

Which means: for runlevels 2,3,4 and 5 make sure that there is always a mingetty running on tty1.

If not, add at least one (for tty1), run 'init q' to activate the changes and then see if that helped.  Sounds like you will need to do this from a 'linux single' reboot as mentioned above.

What message do you get when trying to telnet in?

Consider the fact that you may have been hacked.
0
 

Expert Comment

by:claycarpenter
ID: 2881104
Remember that all bind version below 8.2.2 p-5 have bugs/holes that allow attackers to easily gain root access.  You should seriously consider the possibility that you have been hacked.  Of course, if you are able to resolve this problem, and it does not look like you have been hacked, definitely upgrade to the latest version of bind.
0
 

Author Comment

by:sigmund
ID: 2881238
I did login in single user mode.  inittab, passwd, and shadow all "look" fine.  However, regarding the possible hacking, I found that the /var/log directory is missing... The first thing that I though of, when the whole thing started, was that I was hacked.  However, this domain had only been up for a few days, so I figured that something had just gone haywire.  To answer the other questions:  I the problem persists on all virtual consoles as well as telnet.  I can still FTP into the box, but Apache seems to be down now (probably has to do with the log directory being missing).  Any other ideas?  Thanks again,

-JacobC
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 4

Expert Comment

by:davidmwilliams
ID: 2881291
Have all your file systems been mounted?

Try using

    mount -a
    df

to check - if /var/log is missing, maybe one of your disks is damaged and this is the problem?
0
 
LVL 1

Expert Comment

by:randyhall
ID: 2881880
Sounds like getty is working, just that login is *not* working properly. Do a find on login. To wit:

find / -name 'login' -print

and make sure that the program is still there...

I'm thinking you've been hacked, but I wouldn't count out a severe HDD failure, especially if /var is on its own partition/disk...

Cheers!
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 2882415
"login" requires access to wtmp, which resides in the /var/log directory. If that whole dir is gone, then wtmp is gone and login would hang.

Personally, I think you may have been hacked and I wouldn't trust anything on the system unless I could verify each and every executable and config file. It really would be easiest to just save the "local data" and rebuild. Oh yeah, a good firewall ought to be pretty high on your list of "to do's".
0
 

Author Comment

by:sigmund
ID: 2882529
Comment accepted as answer
0
 

Author Comment

by:sigmund
ID: 2882530
Thanks!  That is what I was looking for:  why login wasn't working...  I guess that the key was discovering that /var/log wasn't there.  Anyway, thanks go out to everyone that gave input!

-JacobC
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
cannot use pip to install pandas or pandas_datareader 5 67
Sed question 2 48
Edit linux file using python 4 21
linux ssh 4 30
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now