General
cancel
Showing results for 
Search instead for 
Did you mean: 

su root fails whilst telnet and rlogin is OK

Gary Cooper_1
Esteemed Contributor

su root fails whilst telnet and rlogin is OK

I have a new rx266o running HP-UX 11.31 (March 2011). I can telnet and rlogin to the machine as root OK, but when I rlogin as myself, it won't let me su to root; it just says "su: Sorry" - it was doing this out of the box.

The puzzling thing is that I took delivery of a bunch of rx2660s running HP-UX 11.31 (September 2010) last year and they are all fine I can do a su root like I've always been able to.

BTW, I don't know why, but a suspect the following may be relevent - my password is 21 characters long and contains an "@" character

Thanks,

Gary
6 REPLIES
Matti_Kurkela
Honored Contributor

Re: su root fails whilst telnet and rlogin is OK

The @ character is the default "kill the line I'm typing and start over" character in the HP-UX tty driver. Because it's implemented in the tty driver level, it works in the login prompt. It also works in most shells unless overridden in your login scripts.

Run "stty -a". If you see "kill = @", this is your problem. To fix it, assign some other character as the kill character in your login scripts: for example, "stty kill ^U" assigns Control-U as the kill character.

If your password was set when the system was in traditional mode (as opposed to shadow passwords or Trusted System Mode), the system has stored only the first 8 characters of your password. In traditional mode, the password is truncated to 8 characters when checking, so longer passwords will "just work".

When the system is converted to Trusted System Mode or to shadow passwords, it becomes capable of storing longer passwords, so passwords will no longer be truncated to 8 characters - but the existing passwords have still only 8 characters stored.

Try typing only the first 8 characters of the root password to the su prompt: if that works, use "passwd" to reset the root password, so the system can replace the truncated version of the stored password with a full-length version.

MK
MK
Gary Cooper_1
Esteemed Contributor

Re: su root fails whilst telnet and rlogin is OK

Thanks for the response Matti.

I don't think the kill charcter is the problem as they are all set to ^U.

Also, I hadn't realised, but whilst 'rlogin -l root' works on this new machine, it doesn't seem to work on any of my older machines (see attached table) (although 'su root' does).

Please note in the attached table, all of the rlogins start from a fourth HP-UX (11.11) box.

Any more ideas as to why this problem is occuring?

Many thanks,

Gary
Gary Cooper_1
Esteemed Contributor

Re: su root fails whilst telnet and rlogin is OK

Well, the plot thickens...

I didn't want to change the root password on this machine as I use the same root password on several different machines.

Anyhow, just to test if the "@" character has anything to do with the problem, I changed the root password so that it didn't have the "@" character in it. Lo-and-behold 'su root' worked.

Not wanting different passwords on the various machines, I changed the password back to the original one with the "@" in, i.e. the one that seemed to be causing the problem.

Surprisingly, I can still do a 'su root' without any problems, but the 'rlogin -l root' now fails like on the other machines.

My guess is that the stty kill=@ may have caused a problem when I was first setting up the machine and this carried forward.

My original gripe now seems to be resolved, but I'd still be quite interested to know why 'rlogin -l root' doesn't work?

Thanks,

Gary
Steven Schweda
Honored Contributor

Re: su root fails whilst telnet and rlogin is OK

> Please note in the attached table, [...]

Attaching a Microsoft Word document instead
of plain text may not be the best way to
maximize your audience.
Bob_Vance
Esteemed Contributor

Re: su root fails whilst telnet and rlogin is OK

I've seen similar, before, although not exact scerario that you describe.

What happens when you log in at the console?

It's possible that the password setup was in some kind of default stty mode, where @ would be the kill.

Then when you enter the password to set it up as
abc@123
then it really sets it to the 123 only.

'su' will be run, as you noted, with ^U as kill, so when you enter abc@123 it sees abc@123 and does not match 123.

Try using 'su' using only the chars after the @ in your password.

bv
"The lyf so short, the craft so long to lerne." - Chaucer
Dennis Handly
Acclaimed Contributor

Re: su root fails whilst telnet and rlogin is OK

>I'd still be quite interested to know why 'rlogin -l root' doesn't work?

Have you configured extra security to disallow root login except for the console?

Or to allow su to root for certain groups?

You could use "\" to escape the "@".