HPE Community
Operating System - Linux
1832255 Members
2492 Online
110041 Solutions
New Discussion

Re: cannot login as root in RedHat AS 3.0

 
SOLVED
Go to solution
Jdamian
Respected Contributor

‎11-11-2004 11:19 PM

‎11-11-2004 11:19 PM

cannot login as root in RedHat AS 3.0

Hi

In my Red Hat Enterprise Advanced Server 3.0 user
root can open FTP sessions but no telnet session.
'su -' works fine...

I think login is the problem because after logging as an ordinary user I run "login" and type 'root' and its password.... 'login incorrect' is the error.

'login' checks /etc/securetty. I renamed that file... no change.

I commented the /etc/pam.d/login entry:

# auth required pam_securetty.so

but login still fails.


Any idea ?

Thanks.

0 Kudos
14 REPLIES 14
Sergejs Svitnevs
Honored Contributor

‎11-12-2004 12:16 AM

‎11-12-2004 12:16 AM

Re: cannot login as root in RedHat AS 3.0

Simply edit the file /etc/securetty and add the following to the end of the file:

pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.

Regards,
Sergejs
0 Kudos
HGN
Honored Contributor

‎11-12-2004 12:21 AM

‎11-12-2004 12:21 AM

Re: cannot login as root in RedHat AS 3.0

Hi

To enable root access you need to edit the
/etc/securetty and add the following lines

pts/0
pts/1
pts/2
pts/3
pts/4
pts/5

The more the number you enter it will allow more sessions.

Rgds

HGN
0 Kudos
Jdamian
Respected Contributor

‎11-14-2004 04:33 AM

‎11-14-2004 04:33 AM

Re: cannot login as root in RedHat AS 3.0

That was the first action I did... but it didn't solve my problem.
0 Kudos
Celso Medina Kern
Trusted Contributor

‎11-14-2004 04:41 AM

‎11-14-2004 04:41 AM

Re: cannot login as root in RedHat AS 3.0

Oscar,

Make sure youre putting the correct pty in your /etc/securetty. Login as regular user and execute tty command. Then add this device in /etc/securetty without preceding /dev, logout and try to logon again.

Other thing to check is the service cfg, in /etc/xinetd.d/telnet, to see if there is any constraint against root, and the tcp wrapper in /etc/hosts.allow and /etc/hosts.deny if i am not mistaken.

Regards,

Celso
God bless pessimists, they did the backup!
0 Kudos
Stuart Browne
Honored Contributor

‎11-14-2004 09:51 AM

‎11-14-2004 09:51 AM

Re: cannot login as root in RedHat AS 3.0

If you've commented out the 'auth required pam_securetty.so' in '/etc/pam.d/login', then that should be sufficient to bypass the security checks that restrict a root login. I've double checked (on an ES3.0 system though), and it works here.

What else is in '/etc/pam.d/login' then?

Incidentally, you should put '/etc/securetty' back where it is, other things rely upon it.
One long-haired git at your service...
0 Kudos
Jdamian
Respected Contributor

‎11-14-2004 06:05 PM

‎11-14-2004 06:05 PM

Re: cannot login as root in RedHat AS 3.0

/> cat /etc/pam.d/login
#%PAM-1.0
#auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so

/> cat /etc/securetty
console
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
vc/9
vc/10
vc/11
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
0 Kudos
dirk dierickx
Honored Contributor

‎11-14-2004 07:05 PM

‎11-14-2004 07:05 PM

Re: cannot login as root in RedHat AS 3.0

why do you need ftp as root? can't you use something like 'scp' instead?
0 Kudos
Stuart Browne
Honored Contributor

‎11-15-2004 08:22 AM

‎11-15-2004 08:22 AM

Re: cannot login as root in RedHat AS 3.0

Remove the pts entries from securetty.

Try to log in, then past us the log entries in /var/log/messages and /var/log/secure.
One long-haired git at your service...
0 Kudos
Fred Ruffet
Honored Contributor

‎11-15-2004 09:11 AM

‎11-15-2004 09:11 AM

Re: cannot login as root in RedHat AS 3.0

root access to telnet and ftp are disabled as default to prevent clear password to navigate in a clear form through your network, and to prevent people to know at least one login and use some cracking software.

Try to use ssh and sftp instead would be a better way than enabling root access to those protocols.

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Jdamian
Respected Contributor

‎11-17-2004 05:55 PM

‎11-17-2004 05:55 PM

Re: cannot login as root in RedHat AS 3.0

in /var/log/messages appears:

Nov 18 07:51:52 ssoro363 login: ROOT LOGIN REFUSED ON pts/1 FROM localhost

in /var/log/secure appears:

Nov 18 07:51:47 ssoro363 xinetd[31752]: START: telnet pid=24153 from=127.0.0.1
0 Kudos
rmueller58
Valued Contributor

‎01-27-2005 06:02 AM

‎01-27-2005 06:02 AM

Re: cannot login as root in RedHat AS 3.0

Make sure if you use ssh to check your /etc/ssh/sshd_config permitroot login is commented.


#PermitRootLogin yes
0 Kudos
Touker
New Member

‎12-06-2006 10:38 AM

‎12-06-2006 10:38 AM

Solution

Re: cannot login as root in RedHat AS 3.0

Applicable for RHEL AS3 / AS4:

First, edit /etc/securetty and add pts/0 to let say pts/8

Second, you have to use telnet-server package, because krb5-telnet does not allow root login via telnet.

Third, remember that in.telnetd is invoked through superdaemon xinetd, therefore you have to have it running.
0 Kudos
Ermin Borovac
Honored Contributor

‎12-08-2006 02:44 PM

‎12-08-2006 02:44 PM

Re: cannot login as root in RedHat AS 3.0

I think that telnetd uses /etc/pam.d/remote file so you would need to remove securetty line from that file as well.
0 Kudos
Jdamian
Respected Contributor

‎10-14-2008 11:18 AM

‎10-14-2008 11:18 AM

Re: cannot login as root in RedHat AS 3.0

.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.