[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: pam failure

On Mon, 19 Feb 2001 17:46:10 -0500, tps@unslept.com said:

> On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote:
>  > [from /var/log/messages]
>  > Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR
>  > db, Authentication failure
>  > Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM
>  > masquerade.micron.com FOR (null), Conversation error
>  > 
>  > This just started happening.  Any normal user will recieve a "login
>  > incorrect" message when putting in their username and password, and I had to
>  > edit the /etc/pam.d/login file to not check /etc/securetty in order to let
>  > root login at all (it was previously accepting logons but immediately dumping
>  > you back to getty without giving you a prompt).  Of course, this is a sudden
>  > problem, and all the other admins claim "we didn't do nuttin".	Any ideas?  I
>  > keep thinking it's a pam thing, cuz I hate pam ;-), but so far my
>  > troubleshooting has come up with naught.  
>  (Groan) You're *allowing* root to log in remotely? Root should 
>  never log in directly from anywhere but the console. Use ssh, with
>  properly propogated public keys if you have to log in as root, since it
>  will be encrypted. But only if you trust the remote host...
>  Tim

As of this moment, I am allowing myself to login as root remotely, cuz I have
to trouble shoot the problem :-)  I have not, nor will ever normally operate
in that mode.  *grumble* I knew I should have put a disclaimer on my last
email *grumble*. :-)  Anyone have ideas as to why *nobody* can logon
(excepting only root, now that I changed /etc/pam.d/login)??



Reply to: