1 |
_____ |
2 |
|
3 |
From: Mark Shields [mailto:laebshade@×××××.com] |
4 |
Sent: Friday, September 14, 2007 10:07 AM |
5 |
To: gentoo-user@l.g.o |
6 |
Subject: Re: [gentoo-user] root can't login on console, but can ssh... |
7 |
|
8 |
|
9 |
On 9/13/07, Daevid Vincent <daevid@××××××.com> wrote: |
10 |
|
11 |
|
12 |
I've posted this about two months ago without any replies. I've been |
13 |
googling and trying things, but still can't get this to work like it used |
14 |
to. |
15 |
|
16 |
I simply want root to be able to login from console (tty[1-6]) or ssh |
17 |
(pts/[0-9]) without a password. Currently ssh does work fine. It's only the |
18 |
physical console that doesn't. |
19 |
|
20 |
This WAS working perfectly, then PAM or some other ebuild "broke it" on me. |
21 |
|
22 |
Just for sanity, I even assigned root a password, I now get a "Password" |
23 |
prompt, but it STILL can't login. (positive I'm typing it right) It says |
24 |
"Login incorrect". |
25 |
|
26 |
-----Original Message----- |
27 |
From: Daevid Vincent [mailto:daevid@××××××.com] |
28 |
Sent: Tuesday, July 17, 2007 3:47 PM |
29 |
To: gentoo-user@l.g.o |
30 |
Subject: [gentoo-user] root can't login on console, but can ssh... |
31 |
|
32 |
I have a LAMP development VMWare setup so that I can login as root sans |
33 |
password. |
34 |
|
35 |
This was working fine until something recently changed that. |
36 |
It doesn't even prompt for the password, it just timesout after x |
37 |
seconds. |
38 |
|
39 |
Oddly I can ssh in as root (without the password as expected). |
40 |
|
41 |
I have my "daevid" account without password and that logs in fine on the |
42 |
console and ssh. |
43 |
|
44 |
I can circumvent this behaviour by logging in as 'daevid', then 'sudo su |
45 |
-' (which doesn't prompt for pw either), but I'd like it to work the way |
46 |
it did. |
47 |
|
48 |
Perhaps it was some PAM thing? Or login.defs? Or in pam.d/ ? |
49 |
|
50 |
LAMP pam.d # cat login |
51 |
#%PAM-1.0 |
52 |
|
53 |
auth required pam_securetty.so |
54 |
auth required pam_tally.so file=/var/log/faillog onerr=succeed |
55 |
no_magic_root |
56 |
auth required pam_shells.so |
57 |
auth required pam_nologin.so |
58 |
auth include system-auth |
59 |
|
60 |
account required pam_access.so |
61 |
account include system-auth |
62 |
account required pam_tally.so deny=0 file=/var/log/faillog |
63 |
onerr=succeed no_magic_root |
64 |
|
65 |
password include system-auth |
66 |
|
67 |
session required pam_env.so |
68 |
session optional pam_lastlog.so |
69 |
session optional pam_motd.so motd=/etc/motd |
70 |
session optional pam_mail.so |
71 |
|
72 |
# If you want to enable pam_console, uncomment the following line |
73 |
# and read carefully README.pam_console in /usr/share/doc/pam* |
74 |
#session optional pam_console.so |
75 |
|
76 |
session include system-auth |
77 |
|
78 |
LAMP ~ # cat /etc/securetty |
79 |
# /etc/securetty: list of terminals on which root is allowed to login. |
80 |
# See securetty(5) and login(1). |
81 |
console |
82 |
pts/0 |
83 |
pts/1 |
84 |
pts/2 |
85 |
pts/3 |
86 |
pts/4 |
87 |
pts/5 |
88 |
pts/6 |
89 |
pts/7 |
90 |
pts/8 |
91 |
vc/0 |
92 |
vc/1 |
93 |
vc/2 |
94 |
vc/3 |
95 |
vc/4 |
96 |
vc/5 |
97 |
vc/6 |
98 |
vc/7 |
99 |
vc/8 |
100 |
vc/9 |
101 |
vc/10 |
102 |
vc/11 |
103 |
vc/12 |
104 |
tty0 |
105 |
tty1 |
106 |
tty2 |
107 |
tty3 |
108 |
tty4 |
109 |
tty5 |
110 |
tty6 |
111 |
tty7 |
112 |
tty8 |
113 |
tty9 |
114 |
tty10 |
115 |
tty11 |
116 |
tty12 |
117 |
tts/0 |
118 |
ttyS0 |
119 |
|
120 |
|
121 |
|
122 |
Check out /etc/securetty (man securetty). There should be at least one |
123 |
uncommented entry listing 'tty1' if you want to be able to log in with just |
124 |
the first virtual terminal, or if you want root to be allowed on all virtual |
125 |
terminals, add tty1 through tty12. |
126 |
|
127 |
- Mark Shields |
128 |
|
129 |
Thanks Mark for the reply, however, don't I already have those set in |
130 |
/etc/securetty (as shown above)?? |