[ale] Goofed up root login via console, oops!

Ryan Bridges ryan at linuxgeneral.net
Tue Nov 23 13:45:20 EST 1999


-----BEGIN PGP SIGNED MESSAGE-----


Check your /etc/securetty file to see if it has any entries.  Only tty's
listed in this file will allow a root login.  If the file has no entries,
you would not be able to login as root at the console.

Ryan Bridges
ryan at linuxgeneral.net
reverend at linux.com  

On Tue, 23 Nov 1999, Gary S. Mackay wrote:

> Well, in my effort to create a very secure firewall/gateway for a client, I
> have managed to fix it so 'root' can NOT login via the main console. I can ssh
> into the box and 'su -' to root tho, so I know the password is correct.
> (That's the message I get at the console, 'invalid password').
> 	I have turned off telnet and almost all other protocols in the inetd.conf
> file since this is ONLY a gateway/firewall, not a mail server or samba or
> anything else. I have implemented a VERY strong ruleset via ipchains, and
> everything is working just fine, except for the fact that I have to admin the
> box via the internet since I can not log into it locally! (I know, that's the
> plus of linux vs NT, remote admin. But it would be nice to get into the box
> locally when I do happen to be on site.) I can log in locally as another user,
> but can NOT 'su -' to 'root' from the console, only remotely. 
> 
> Totally confused? Good, so am I!
> 
> - Gary
> 
> 
> -- 
> Edison Information Technologies
> P.O. Box 554
> Milan, OH  44846-0554
> 419.499.7040
> www.EdisonInfo.com
> Gary at EdisonInfo.com
> --
> 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQEVAwUBODrgxqb36zV0MhMZAQF/iAf/Up2mQAyHfT5y8JbPtLGf2XmLhJvw/k3l
WzaV9ccTu3bbO7kCd+qxVOhUpYw7QLBgl21/MsMzyvlkuD75TsyOqb7JGKNV0wS5
PZzVLbm2RfYKrti2ICox/T4I94y8OILYVS2xRl3nAi2oaad/B22eIjsTsj3E4Q5b
kF+f7TJEiw9i+I95V3/E+1aRLMorOSPotERLAc008G+Bxj57xrhLltd+Yo80JzUe
5wzqBCP+h5oBghJydTkNcG5cY8XkwPS6drFIij+dus7QvPi1oiw1mIaQ+m7Qky4j
MPu76CtOGuil0RjStHqbYA7RfwSdNmcX3BmE0AjKN+91XoilHErJwg==
=72Vi
-----END PGP SIGNATURE-----






More information about the Ale mailing list