system login problem

Chris Hilker · ‎11-19-2001

I am wondering why no one can login to our HP-UX server anymore despite presenting it with the valid users and passwords. (No caps or num lock keys are on)

harry d brown jr · ‎11-19-2001

Can you login from the console? but not via telnet or rlogin or remsh? Is inetd running?

live free or die
harry

Live Free or Die

Uday_S_Ankolekar · ‎11-19-2001

Hi,

check the permissions on the /etc/password
-r--r--r-- 1 root sys 1203 May 29 11:30 passwd

Check if password file is being over written by any old password file.
Also check if password aging has been impimented as a security measure.

Goodluck,
-USA..

Good Luck..

Craig Rants · ‎11-19-2001

What message are you getting? Does it say connection refused? Can you ping it? Can you get in from the console? Some more information would probably help everyone on this one.

Let us know,
C

"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut

A. Clay Stephenson · ‎11-19-2001

Can you login as root on the console?

If it ain't broke, I can fix that.

Uday_S_Ankolekar · ‎11-19-2001

Hi ..

Also check On console remote mode is marked with *

Good Luck..

Chris Hilker · ‎11-19-2001

I can't login to the console. How do you check the password file if you can't login?

Chris Hilker · ‎11-19-2001

I can ping the server. I get the standard 'invalid password' for every user I attempt to login as, including root. I am positive that I am typing them correctly. I have tried other users on the consel as well.

harry d brown jr · ‎11-19-2001

You shut the system down and boot into single user mode and check /etc/passwd.

live free or die
harry

Live Free or Die

Uday_S_Ankolekar · ‎11-19-2001

Hi,

Is there any way you could do a remsh to the box without any password ?? ( .rhosts, hosts.equiv file)

Good Luck..

Craig Rants · ‎11-19-2001

To get to single user

1. Power On the System
2. Interrupt boot(Press a Key in 10 sec)
3. Yes for interacting ISL
4. hpux -is

You can then change the password if you want, check the /etc/passwd file, make sure that the /etc/securetty file does not exist or if it does it at least has the console entry in it.

Good Luck,
C

"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut

Roger Baptiste · ‎11-19-2001

<>

Nice conundrum ;-) Can you FTP to the system??

<>

The system is alive !

<>

uh oh. Did somebody whack the password file and log off?? or is your KEYBOARD having a problem?? is the NUMLOCK on?? did you try with a different keyboard? or a different system?
or from a different PC using telnet session?

Also, do you have a backdoor entry into the box, i.e RLOGIN?? Helps in this sort of times.

<< I am positive that I am typing them correctly. I have tried other users on the consel as well. >>

Go slow on this. You wouldn't want to lock all the user accounts by giving wrong passwords.

If this problem persists, power off the system and boot from single user mode
and check the /etc/passwd file. If it seems whacked , copy the original default passwd file from /usr/newconfig/etc/passwd and bring the system up. Then, you would need to get your original passwd file from some backup.

-R

Take it easy.

David Lodge · ‎11-19-2001

What are the results of a normal login from console - is it the usual
Login:
Password:
Login incorrect

(which would tend to indicate a corrupt passwd file or corrupt tcb)

Does it affect all users (including root)

Do you get any other message, or any messages on the console?

Can you get telnet/rlogin/ssh/remsh/rexec etc to let you in?

If not you can reboot to single user mode (use CTRL-B from the console) to check the password file...

dave

Santosh Nair_1 · ‎11-19-2001

If you can't log into any account, then probably your /etc/passwd is messed up...or perhaps the login executable has improper permissions. You might have to crash the system and try to boot into single user mode as mentioned above. If THAT doesn't work, you might have to boot into a recovery shell.

-Santosh

Life is what's happening while you're busy making other plans

Chris Hilker · ‎11-19-2001

The latest update... I re-booted and entered single-user mode. I looked at the /etc/passwd file. All of the encrypted passwords are '*', including root! So that was the problem. How do I now 'fix' root's password? When I type 'passwd root' it wants the old password.

Steven Sim Kok Leong · ‎11-19-2001

Hi,

Are you using HP-UX in trusted mode? If you are, then it is normal for your encrypted passwords to be '*'.

To verify, check your /tcb directory eg. ls -laR /tcb or find /tcb -name * -print.

If your TCB entries are corrupted, I suggest that you try to repair your TCB instead of repairing /etc/passwd.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com

Roger Baptiste · ‎11-19-2001

<>

Did you try converting the system to a TRUSTED mode?? That's when the password entries become "star"red!!. It copies
the user account info including password
to /tcb/files/auth/*/userid file for each
user. In this userid file, there will be the password in encrypted format. If you edit it and null it out, the password will become blank.

See whether you have /tcb directory. If it is present, then your system has been converted to trusted. But, trusted conversion should not change the passwords. It will only prompt for a new password when one log's in.

How to get off the mess?? Make sure whether
your ssytem is in trusted mode, by the above
method. If it is so, then keep a copy
of /tcb directory; also keep a copy of the
existing passwd file.
Then, try unconverting the trusted to regular mode either through SAM or by running
#tsconvert -r

This should get back the password entries in
the password file.

HTH
raj

Take it easy.

Craig Rants · ‎11-19-2001

Is the system trusted? If it is go to /tcb/files/auth/r and vi the root file.

The find the line that looks like this
:u_pwd=askjlkjlkjl:
Delete all the characters between = and :

Then you should not get asked for an old password.

C

"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut

Santosh Nair_1 · ‎11-19-2001

If all the passwords are *, then the password file was generated on a trusted system where the acutual password is stored in a directory under /tcb. Probably the /etc/password file was copied over from another system? My suggestion would be set the password for the root user, bring the system up to multiuser and reset all the remaining passwords. You can set the root password using the passwd utility. Hope this helps.

-Santosh

Life is what's happening while you're busy making other plans

Steven Sim Kok Leong · ‎11-19-2001

Hi,

Was your root password less than 8 characters before you did the conversion? I have a feeling the length of your root password being too short was the cause.

In trusted mode, HP-UX forces your password to be 8 characters or more (as far as I can remember), thus any less-than-8-characters password before the conversion would be rendered invalid.

If this is the case, then it is a matter of unconverting your trusted system to untrusted mode, changing the root password to longer than 8 characters, then re-converting it back to trusted mode, using tsconvert.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com

Steven Sim Kok Leong · ‎11-19-2001

Hi,

Sorry, the default password length for HP-UX in trusted mode is 6 not 8.

I had the default configured to 8 on my systems.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com

David Lodge · ‎11-19-2001

Did you set the system to trusted before you were having the problems? Setting the system to Trusted will expire all current passwords on your system...

When you don't have the root password and need to change it you can edit the /tcb/files/auth/r/root file and set u_pwd to a blank value (sets root to have no password)

dave

Chris Hilker · ‎11-19-2001

The latest...

I have verified that I am in trusted mode. I have tried to do the following:

1) edit the file /tcb/files/auth/r/root and delete the password.
results - I could then set a new password for root while in single-user mode. Rebooted and entered normal mode. Still couldn't login as root. I also tried to just blank out the root password as mentioned above and NOT set a new password...same result 'invalid login' messages.

2) attempted to unconvert from trusted mode via 'tsconvert -r' - didn't recognize the command. I don't know how to do this using SAM.

3) I tried re-setting another user's password while in single-user trusted mode.
result - no effect as far as I can tell.

Should I just copy the original passwd file as RajMan suggested in his '16:10 PM GMT' message?

Patrick Wallek · ‎11-19-2001

I would check that the /tcb directory and everything below has appropriate permissions.

dr-xr-x--x 3 root sys 96 Sep 10 14:32 /tcb/
drwxrwx--x 3 root sys 96 Sep 10 14:32 /tcb/files/
drwxrwx--x 55 root sys 1024 Sep 10 14:32 /tcb/files/auth/
drwxrwx--- 2 root sys 96 Oct 15 15:24 /tcb/files/auth/r/
-rw-rw-r-- 1 root root 258 Oct 15 15:24 /tcb/files/auth/r/root

All user files in /tcb/files/auth/?/user_name should have the same permissions and ownership as above.

tsconvert is in /usr/lbin directory.

To unconvert from trusted system: /usr/lbin/tsconvert -r

Craig Rants · ‎11-19-2001

From command line:
Try /usr/lbin/tsconvert it is a link from /etc/tsconvert
From SAM:
SAM -> Audit and Security -> Actions -> Unconvert System

The problem for you is that in a trusted system there is more than just the password file to replace, so it is more detailed than just copying one file.

Let us know,
C

"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

system login problem

system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem

Re: system login problem