Solved

I cant su into root on my own box

Posted on 2008-10-14
15
1,208 Views
Last Modified: 2013-12-06
I know the password is correct but when i try to su into root, it wont work.
the user is in group wheel.

auth.log looks like this when i try to su

Oct 14 14:24:51 genpn unix_chkpwd[22501]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: password check failed for user (root)
Oct 14 14:24:54 genpn su[22500]: pam_unix(su:auth): authentication failure; logname=n1tsua uid=1000 euid=1000 tty=tty2 ruser=n1tsua rhost=  user=root
Oct 14 14:24:56 genpn su[22500]: pam_authenticate: Authentication failure
Oct 14 14:24:56 genpn su[22500]: FAILED su for root by n1tsua
Oct 14 14:24:56 genpn su[22500]: - tty2 n1tsua:root
0
Comment
Question by:austinemser
  • 6
  • 5
  • 2
  • +1
15 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 22718186
Is the root account locked?
Were you able to su to root previously?
Do you have a 'root' group on your system and if so, is your user in it?
0
 

Author Comment

by:austinemser
ID: 22718222
i have a root group and no my user isnt in it becuase i dont want that user to be root, i just want to su into root as the user.

i have a wheel group which the user is in

and i can log into root, just not through other users, so i dont think its locked.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718245
Is this on Debian?  I've seen a few references to a bug in lib-pam modules.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 

Author Comment

by:austinemser
ID: 22718256
gentoo using the hardened kernel
0
 
LVL 48

Accepted Solution

by:
Tintin earned 250 total points
ID: 22718258
Sorry, didn't see the Gentoo tags in your post.

Check the perms on

/sbin/unix_chkpwd
/etc/shadow
0
 
LVL 12

Expert Comment

by:ibu1
ID: 22718282
vu /etc/ssh/sshd_config

PermitRootLogin yes

May need to restart ssh.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718288
ssh has nothing to do with being able to su to root.
0
 
LVL 12

Expert Comment

by:ibu1
ID: 22718300
0
 

Author Comment

by:austinemser
ID: 22718380
ssh has permitroot login and that shouldnt stop me from su'ing while in ssh
0
 

Author Comment

by:austinemser
ID: 22718389
-rw------- /etc/shadow
-rws--x--x /etc/sbin/unix_chkpwd
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718619
I'm not 100% sure if the perms for /etc/shadow are correct for Gentoo systems (don't have one I can reference).  I think older versions had group of 'shadow' and perms of 640.
0
 
LVL 20

Assisted Solution

by:edster9999
edster9999 earned 250 total points
ID: 22759096
-rw-------
is correct for shadow - do not change that.


I had a similar problem on a machine where it had lots of failed su's and had locked out the user in the pam accounting area.

Normally this is not done for 'root' but the hardened version may do it.

try
pam_tally --user root

This will tell you if it is keeping a tally on that user.

pam_tally --reset -user root
resets it and will re enable su login if this was the problem/
0
 

Author Comment

by:austinemser
ID: 22759794
after doing the tally and reseting it, it has 0,

then i tried to su in got a message that says 'authentication failure' and it still says
it "has 0"
0
 
LVL 20

Expert Comment

by:edster9999
ID: 22760403
Is that a different message to what you had before ?
Make sure you do have the right password.
Make sure you are in the right groups to get access to 'su'
make sure the account isn't locked out.  (Normally root doesn't get locked out but maybe the hardened version does a 15 mins lock out or something)

Log in as root on the real console and check the logs
0
 

Author Comment

by:austinemser
ID: 22774011
Checked logs same thing as before, root pw is right, user is in the wheel group, account isnt locked out, same error message.

I think it is a problem with unix_chkpwd, but im not sure.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Adding more CPU cores to a Linux VM 5 101
expectj telnet failing 5 37
SonarQube on Linux vs Windows 3 28
ftp to port 21 4 43
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question