Re: pam failure
On Mon, 19 Feb 2001 17:46:10 -0500, tps@unslept.com said:
> On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote:
> > [from /var/log/messages]
> > Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR
> > db, Authentication failure
> > Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM
> > masquerade.micron.com FOR (null), Conversation error
> >
> > This just started happening. Any normal user will recieve a "login
> > incorrect" message when putting in their username and password, and I had to
> > edit the /etc/pam.d/login file to not check /etc/securetty in order to let
> > root login at all (it was previously accepting logons but immediately dumping
> > you back to getty without giving you a prompt). Of course, this is a sudden
> > problem, and all the other admins claim "we didn't do nuttin". Any ideas? I
> > keep thinking it's a pam thing, cuz I hate pam ;-), but so far my
> > troubleshooting has come up with naught.
>
> (Groan) You're *allowing* root to log in remotely? Root should
> never log in directly from anywhere but the console. Use ssh, with
> properly propogated public keys if you have to log in as root, since it
> will be encrypted. But only if you trust the remote host...
>
> Tim
As of this moment, I am allowing myself to login as root remotely, cuz I have
to trouble shoot the problem :-) I have not, nor will ever normally operate
in that mode. *grumble* I knew I should have put a disclaimer on my last
email *grumble*. :-) Anyone have ideas as to why *nobody* can logon
(excepting only root, now that I changed /etc/pam.d/login)??
TIA,
D.A.Bishop
Reply to: