Solved

No password prompt... Can't login...

Posted on 2000-06-01
10
654 Views
Last Modified: 2007-02-13
My server no longer prompts me for a password when I try to login, neither from the console, or by telnet.  All of the services seem to still be working (FTP, HTTP, DNS, etc.), but I cannot login.  I type in my username at the login prompt, then hit enter.  The cursor advances to the next line, but the password promt never appears for me to complete login.  I've never been locked out of a linux box before, and I've been using Linux since 1994.  I am a bit concerned, since this box is in production as the main DNS server for my company.  Any help will be greatly appreciated.  Thanks beforehand.

-JacobC
0
Comment
Question by:sigmund
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2879125
Well something is certainly hosed up. Have you rebooted the system and does the problem persist across a reboot? Has anything been installed or upgraded recently (like anything that would change any of the shared libraries)? Can you get into the system from a single user boot ("linux single" at the Lilo prompt). In single user mode does /etc/passwd & /etc/shadow look correct?
0
 
LVL 2

Expert Comment

by:linuxwrangler
ID: 2879190
Is the result the same if you try a different virtual terminal on the console?
0
 

Expert Comment

by:ax052300
ID: 2880603
What does your /etc/inittab say?  You should have a bunch of lines in there in the form:

1:2345:respawn:/sbin/mingetty tty1

Which means: for runlevels 2,3,4 and 5 make sure that there is always a mingetty running on tty1.

If not, add at least one (for tty1), run 'init q' to activate the changes and then see if that helped.  Sounds like you will need to do this from a 'linux single' reboot as mentioned above.

What message do you get when trying to telnet in?

Consider the fact that you may have been hacked.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:claycarpenter
ID: 2881104
Remember that all bind version below 8.2.2 p-5 have bugs/holes that allow attackers to easily gain root access.  You should seriously consider the possibility that you have been hacked.  Of course, if you are able to resolve this problem, and it does not look like you have been hacked, definitely upgrade to the latest version of bind.
0
 

Author Comment

by:sigmund
ID: 2881238
I did login in single user mode.  inittab, passwd, and shadow all "look" fine.  However, regarding the possible hacking, I found that the /var/log directory is missing... The first thing that I though of, when the whole thing started, was that I was hacked.  However, this domain had only been up for a few days, so I figured that something had just gone haywire.  To answer the other questions:  I the problem persists on all virtual consoles as well as telnet.  I can still FTP into the box, but Apache seems to be down now (probably has to do with the log directory being missing).  Any other ideas?  Thanks again,

-JacobC
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 2881291
Have all your file systems been mounted?

Try using

    mount -a
    df

to check - if /var/log is missing, maybe one of your disks is damaged and this is the problem?
0
 
LVL 1

Expert Comment

by:randyhall
ID: 2881880
Sounds like getty is working, just that login is *not* working properly. Do a find on login. To wit:

find / -name 'login' -print

and make sure that the program is still there...

I'm thinking you've been hacked, but I wouldn't count out a severe HDD failure, especially if /var is on its own partition/disk...

Cheers!
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 2882415
"login" requires access to wtmp, which resides in the /var/log directory. If that whole dir is gone, then wtmp is gone and login would hang.

Personally, I think you may have been hacked and I wouldn't trust anything on the system unless I could verify each and every executable and config file. It really would be easiest to just save the "local data" and rebuild. Oh yeah, a good firewall ought to be pretty high on your list of "to do's".
0
 

Author Comment

by:sigmund
ID: 2882529
Comment accepted as answer
0
 

Author Comment

by:sigmund
ID: 2882530
Thanks!  That is what I was looking for:  why login wasn't working...  I guess that the key was discovering that /var/log wasn't there.  Anyway, thanks go out to everyone that gave input!

-JacobC
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question