?
Solved

Can't login console as root, works everywhere else, also difference between console / local?

Posted on 2007-09-28
9
Medium Priority
?
1,456 Views
Last Modified: 2013-12-16
In /etc/security/access.conf with CentOS (kernel 2.6.9-42.0.10.ELsmp) I have the following:
-:ALL EXCEPT root:LOCAL

Which I thought would ALLOW root to login at the console, but it's not. I tried to login as another user on the console, also didn't allow.

Then I saw on the Internet some people using "CONSOLE" instead of "LOCAL" but I don't understand the difference.

I want root and others to be able to SSH and I want root to be able to login at the console.

Then I also saw + instead of - and now I'm just confused. I need it to work. I wouldn't even mind if everybody could logon at the console, although that's less desirable.



0
Comment
Question by:ldorazio
6 Comments
 
LVL 8

Expert Comment

by:Mikkk
ID: 19980823
0
 

Author Comment

by:ldorazio
ID: 19980961
That article is pretty good, it explains the - and + pretty well, but what about the LOCAL and CONSOLE, what is the difference if you list these two lines?
-:ALL EXCEPT root:LOCAL

or

-:ALL EXCEPT root:CONSOLE

Also, I'm using the top one, which I assume means "deny all users except allow root, on the local computer (not remote)", but it doesn't allow root to login locally (on the console).

What's the diff of LOCAL and CONSOLE ?

And if I want to just get rid of ALL of it, do I just delete the line, then there is no security?

0
 
LVL 4

Expert Comment

by:avatech
ID: 19992172
My guess on the LOCAL vs CONSOLE would be that console is the physical console, ie the keyboard on the PC or one of it's alternates.  LOCAL would be using su to assume identity as root through whatever remote connection you are using.

Again, that's my guess ...

Cheers!
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 1

Expert Comment

by:ilkerduran
ID: 20021603
hi, did you check your  /etc/securetty  file?
does it include the line "console" ?
also you have to check sshd configuration (/etc/ssh/sshd_config) to let people and root login :

PermitRootLogin yes

0
 

Author Comment

by:ldorazio
ID: 20213725
Good ideas, but didn't help to resolve the issue. Appears to be problem between 32-bit and 64-bit OS, when Bastille scripts are installed.

0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 20793884
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month16 days, 23 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question