1 |
On 9/13/07, Daevid Vincent <daevid@××××××.com> wrote: |
2 |
> |
3 |
> I've posted this about two months ago without any replies. I've been |
4 |
> googling and trying things, but still can't get this to work like it used |
5 |
> to. |
6 |
> |
7 |
> I simply want root to be able to login from console (tty[1-6]) or ssh |
8 |
> (pts/[0-9]) without a password. Currently ssh does work fine. It's only |
9 |
> the |
10 |
> physical console that doesn't. |
11 |
> |
12 |
> This WAS working perfectly, then PAM or some other ebuild "broke it" on |
13 |
> me. |
14 |
> |
15 |
> Just for sanity, I even assigned root a password, I now get a "Password" |
16 |
> prompt, but it STILL can't login. (positive I'm typing it right) It says |
17 |
> "Login incorrect". |
18 |
> |
19 |
> -----Original Message----- |
20 |
> From: Daevid Vincent [mailto:daevid@××××××.com] |
21 |
> Sent: Tuesday, July 17, 2007 3:47 PM |
22 |
> To: gentoo-user@l.g.o |
23 |
> Subject: [gentoo-user] root can't login on console, but can ssh... |
24 |
> |
25 |
> I have a LAMP development VMWare setup so that I can login as root sans |
26 |
> password. |
27 |
> |
28 |
> This was working fine until something recently changed that. |
29 |
> It doesn't even prompt for the password, it just timesout after x |
30 |
> seconds. |
31 |
> |
32 |
> Oddly I can ssh in as root (without the password as expected). |
33 |
> |
34 |
> I have my "daevid" account without password and that logs in fine on the |
35 |
> console and ssh. |
36 |
> |
37 |
> I can circumvent this behaviour by logging in as 'daevid', then 'sudo su |
38 |
> -' (which doesn't prompt for pw either), but I'd like it to work the way |
39 |
> it did. |
40 |
> |
41 |
> Perhaps it was some PAM thing? Or login.defs? Or in pam.d/ ? |
42 |
> |
43 |
> LAMP pam.d # cat login |
44 |
> #%PAM-1.0 |
45 |
> |
46 |
> auth required pam_securetty.so |
47 |
> auth required pam_tally.so file=/var/log/faillog onerr=succeed |
48 |
> no_magic_root |
49 |
> auth required pam_shells.so |
50 |
> auth required pam_nologin.so |
51 |
> auth include system-auth |
52 |
> |
53 |
> account required pam_access.so |
54 |
> account include system-auth |
55 |
> account required pam_tally.so deny=0 file=/var/log/faillog |
56 |
> onerr=succeed no_magic_root |
57 |
> |
58 |
> password include system-auth |
59 |
> |
60 |
> session required pam_env.so |
61 |
> session optional pam_lastlog.so |
62 |
> session optional pam_motd.so motd=/etc/motd |
63 |
> session optional pam_mail.so |
64 |
> |
65 |
> # If you want to enable pam_console, uncomment the following line |
66 |
> # and read carefully README.pam_console in /usr/share/doc/pam* |
67 |
> #session optional pam_console.so |
68 |
> |
69 |
> session include system-auth |
70 |
> |
71 |
> |
72 |
> LAMP ~ # cat /etc/securetty |
73 |
> # /etc/securetty: list of terminals on which root is allowed to login. |
74 |
> # See securetty(5) and login(1). |
75 |
> console |
76 |
> pts/0 |
77 |
> pts/1 |
78 |
> pts/2 |
79 |
> pts/3 |
80 |
> pts/4 |
81 |
> pts/5 |
82 |
> pts/6 |
83 |
> pts/7 |
84 |
> pts/8 |
85 |
> vc/0 |
86 |
> vc/1 |
87 |
> vc/2 |
88 |
> vc/3 |
89 |
> vc/4 |
90 |
> vc/5 |
91 |
> vc/6 |
92 |
> vc/7 |
93 |
> vc/8 |
94 |
> vc/9 |
95 |
> vc/10 |
96 |
> vc/11 |
97 |
> vc/12 |
98 |
> tty0 |
99 |
> tty1 |
100 |
> tty2 |
101 |
> tty3 |
102 |
> tty4 |
103 |
> tty5 |
104 |
> tty6 |
105 |
> tty7 |
106 |
> tty8 |
107 |
> tty9 |
108 |
> tty10 |
109 |
> tty11 |
110 |
> tty12 |
111 |
> tts/0 |
112 |
> ttyS0 |
113 |
> |
114 |
> |
115 |
> ÐÆ5ÏÐ |
116 |
> |
117 |
> |
118 |
> -- |
119 |
> gentoo-user@g.o mailing list |
120 |
> |
121 |
> |
122 |
> -- |
123 |
> gentoo-user@g.o mailing list |
124 |
> |
125 |
> |
126 |
Check out /etc/securetty (man securetty). There should be at least one |
127 |
uncommented entry listing 'tty1' if you want to be able to log in with just |
128 |
the first virtual terminal, or if you want root to be allowed on all virtual |
129 |
terminals, add tty1 through tty12. |
130 |
|
131 |
-- |
132 |
- Mark Shields |