HPE Community
Operating System - HP-UX
1837257 Members
2401 Online
110115 Solutions
New Discussion

root login at console

 
Suresh M S R_1
Occasional Advisor

‎12-18-2003 06:11 PM

‎12-18-2003 06:11 PM

root login at console

hi

i have a hp box running hpux 10.20 in trusted mode, as part of security we blocked root login frim terminals , but now i am not able to lgin as root from console also, can anybody help me in this

regards
Rajeev
0 Kudos
Reply
19 REPLIES 19
Elmar P. Kolkman
Honored Contributor

‎12-18-2003 06:12 PM

‎12-18-2003 06:12 PM

Re: root login at console

Have you tried to su to root from a normal user?
/etc/securetty is probably your problem. But first test the su, then solve your problem.
Every problem has at least one solution. Only some solutions are harder to find.
0 Kudos
Reply
Suresh M S R_1
Occasional Advisor

‎12-18-2003 06:16 PM

‎12-18-2003 06:16 PM

Re: root login at console

hi

thanx for your replay, i am able to login using su . but a want to login directly as root from consol

thanx
rajeev
0 Kudos
Reply
Michael Tully
Honored Contributor

‎12-18-2003 06:21 PM

‎12-18-2003 06:21 PM

Re: root login at console

What message(s) if any are you getting when you attempt to login from the console ?
Anyone for a Mutiny ?
0 Kudos
Reply
Suresh M S R_1
Occasional Advisor

‎12-18-2003 06:24 PM

‎12-18-2003 06:24 PM

Re: root login at console

hi

i am getting "login incorrect" mesg from consol as well as from other terminals.

thanx
rajeev
0 Kudos
Reply
Elmar P. Kolkman
Honored Contributor

‎12-18-2003 06:45 PM

‎12-18-2003 06:45 PM

Re: root login at console

Check out /etc/securetty
It should contain console.

echo console >/etc/securetty
chmod 400 /etc/securetty
Every problem has at least one solution. Only some solutions are harder to find.
0 Kudos
Reply
Hoefnix
Honored Contributor

‎12-18-2003 06:51 PM

‎12-18-2003 06:51 PM

Re: root login at console

Check also the contents from the file:
/tcb/files/devassign

Also check manpage of devassign.

Regards,

Peter
0 Kudos
Reply
Suresh M S R_1
Occasional Advisor

‎12-18-2003 07:27 PM

‎12-18-2003 07:27 PM

Re: root login at console

hi

thanx for the suggestions ,i will check this and get back to u

thanx
rajeev
0 Kudos
Reply
Umapathy S
Honored Contributor

‎12-18-2003 09:04 PM

‎12-18-2003 09:04 PM

Re: root login at console

Suresh,
As said previously, /etc/securetty is the problem. For the entries in that file, direct root login is allowed. Make sure that it is not null.

HTH,
Umapathy
Arise Awake and Stop NOT till the goal is Reached!
0 Kudos
Reply
Keith Bevan_1
Trusted Contributor

‎12-19-2003 12:08 AM

‎12-19-2003 12:08 AM

Re: root login at console

Rajeev,

The special file to restrict the location & use of the root account is :-

/etc/securetty

This file should have the permissions
-rwx------ , owned by root and group sys.

If you view this file whilst logged in as root or su from another location :-

pg /etc/securetty

it should contain the word console if you want to login as root from the console.

Additional info:

If you are using CDE (Common Desktop Environment) then make sure that console use is also not restricted in the following file :-

/etc/dt/config/Xstartup

Hope this helps.

Keith
You are either part of the solution or part of the problem
0 Kudos
Reply
RAC_1
Honored Contributor

‎12-19-2003 12:16 AM

‎12-19-2003 12:16 AM

Re: root login at console

If your password have special chars in it, (such as @ etc.)you may have problem logging in from console as root.

For a while mv /etc/securetty to /etc/securetty.bak.

Now telnet to machine and try loggin in with root. If this is working, try logging in from console as root, if you still get error, and you have special char in password, then change it(do not use special char)and try.
There is no substitute to HARDWORK
0 Kudos
Reply
Elmar P. Kolkman
Honored Contributor

‎12-19-2003 01:12 AM

‎12-19-2003 01:12 AM

Re: root login at console

Anyone tried using a -B in root's passwd? ;-)
Every problem has at least one solution. Only some solutions are harder to find.
0 Kudos
Reply
Kent Ostby
Honored Contributor

‎12-19-2003 02:36 AM

‎12-19-2003 02:36 AM

Re: root login at console

Elmar --

How about cntl-bRS in the password :-)

"Well, actually, she is a rocket scientist" -- Steve Martin in "Roxanne"
0 Kudos
Reply
Suresh M S R_1
Occasional Advisor

‎12-21-2003 04:00 PM

‎12-21-2003 04:00 PM

Re: root login at console

hi

the problem was with /etc/securetty only. i moved that file as securetty.org,then i am able to login as root. but when i added console in that file , login incorrect mesg is coming in console also , pls help

thanx
rajeev
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎12-21-2003 04:04 PM

‎12-21-2003 04:04 PM

Re: root login at console

Do you have just the word 'console' in the file?

# cat /etc/securetty
console
#

If you have something like /dev/console then it will not work.
0 Kudos
Reply
Suresh M S R_1
Occasional Advisor

‎12-21-2003 04:10 PM

‎12-21-2003 04:10 PM

Re: root login at console

hi

i have inserted console in that file, and /dev/console is also there in the mechine.

than
rajeev
0 Kudos
Reply
Suresh M S R_1
Occasional Advisor

‎12-21-2003 04:37 PM

‎12-21-2003 04:37 PM

Re: root login at console

hi

so how can i restrict root to be accessed only from console, pls help

thanx
rajeev
0 Kudos
Reply
ConnieK
Regular Advisor

‎12-22-2003 01:14 AM

‎12-22-2003 01:14 AM

Re: root login at console

Rejeev,

I have a feeling that the root account has been disabled. If you are attempting to log in at the console with VUE/CDE and this message appears, open up a terminal session instead of CDE. In other words, go to the console, right-click the button that says "Start Over". A drop-down menu will appear. Select the one that says "No Windows" and hit return. You should see a shell login prompt where you can login as root. This should correct your problem.

Connie K.

Independent by nature
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎12-22-2003 02:39 AM

‎12-22-2003 02:39 AM

Re: root login at console

The securetty file CANNOT have a fullpath such as /dev/console. It must only have the word console. The security module prepends the word(s) in securetty with /dev/ so if you have /dev/console, then the 'approved' device is: /dev//dev/console and that will fail. Since you can use su, the root account is OK. I would start all over with your /etc/securetty file (in case there are special characters hidden in the problem file):

echo console > /etc/securetty

That should fix it.


Bill Hassell, sysadmin
0 Kudos
Reply
Suresh M S R_1
Occasional Advisor

‎12-22-2003 04:01 PM

‎12-22-2003 04:01 PM

Re: root login at console

hi all

thanx for your help , i added console in /etc/securetty using echo consloe > /etc/securetty and changed permissions to
-rwx------ , owned by root and group sys.

After this i restarted the mechine , it worked !!!!!!!

now i am able to login as root only from consloe

thanx again to all of u for the help


Rajeev
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.