• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1260
  • Last Modified:

I cant su into root on my own box

I know the password is correct but when i try to su into root, it wont work.
the user is in group wheel.

auth.log looks like this when i try to su

Oct 14 14:24:51 genpn unix_chkpwd[22501]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: password check failed for user (root)
Oct 14 14:24:54 genpn su[22500]: pam_unix(su:auth): authentication failure; logname=n1tsua uid=1000 euid=1000 tty=tty2 ruser=n1tsua rhost=  user=root
Oct 14 14:24:56 genpn su[22500]: pam_authenticate: Authentication failure
Oct 14 14:24:56 genpn su[22500]: FAILED su for root by n1tsua
Oct 14 14:24:56 genpn su[22500]: - tty2 n1tsua:root
0
austinemser
Asked:
austinemser
  • 6
  • 5
  • 2
  • +1
2 Solutions
 
TintinCommented:
Is the root account locked?
Were you able to su to root previously?
Do you have a 'root' group on your system and if so, is your user in it?
0
 
austinemserAuthor Commented:
i have a root group and no my user isnt in it becuase i dont want that user to be root, i just want to su into root as the user.

i have a wheel group which the user is in

and i can log into root, just not through other users, so i dont think its locked.
0
 
TintinCommented:
Is this on Debian?  I've seen a few references to a bug in lib-pam modules.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
austinemserAuthor Commented:
gentoo using the hardened kernel
0
 
TintinCommented:
Sorry, didn't see the Gentoo tags in your post.

Check the perms on

/sbin/unix_chkpwd
/etc/shadow
0
 
ibu1System AdministratorCommented:
vu /etc/ssh/sshd_config

PermitRootLogin yes

May need to restart ssh.
0
 
TintinCommented:
ssh has nothing to do with being able to su to root.
0
 
ibu1System AdministratorCommented:
0
 
austinemserAuthor Commented:
ssh has permitroot login and that shouldnt stop me from su'ing while in ssh
0
 
austinemserAuthor Commented:
-rw------- /etc/shadow
-rws--x--x /etc/sbin/unix_chkpwd
0
 
TintinCommented:
I'm not 100% sure if the perms for /etc/shadow are correct for Gentoo systems (don't have one I can reference).  I think older versions had group of 'shadow' and perms of 640.
0
 
edster9999Commented:
-rw-------
is correct for shadow - do not change that.


I had a similar problem on a machine where it had lots of failed su's and had locked out the user in the pam accounting area.

Normally this is not done for 'root' but the hardened version may do it.

try
pam_tally --user root

This will tell you if it is keeping a tally on that user.

pam_tally --reset -user root
resets it and will re enable su login if this was the problem/
0
 
austinemserAuthor Commented:
after doing the tally and reseting it, it has 0,

then i tried to su in got a message that says 'authentication failure' and it still says
it "has 0"
0
 
edster9999Commented:
Is that a different message to what you had before ?
Make sure you do have the right password.
Make sure you are in the right groups to get access to 'su'
make sure the account isn't locked out.  (Normally root doesn't get locked out but maybe the hardened version does a 15 mins lock out or something)

Log in as root on the real console and check the logs
0
 
austinemserAuthor Commented:
Checked logs same thing as before, root pw is right, user is in the wheel group, account isnt locked out, same error message.

I think it is a problem with unix_chkpwd, but im not sure.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 5
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now