Re: pam failure
On Mon, 19 Feb 2001 17:46:10 -0500, [EMAIL PROTECTED] said: > On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote: > > [from /var/log/messages] > > Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com > FOR > > db, Authentication failure > > Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM > > masquerade.micron.com FOR (null), Conversation error > > > > This just started happening. Any normal user will recieve a "login > > incorrect" message when putting in their username and password, and I had > to > > edit the /etc/pam.d/login file to not check /etc/securetty in order to let > > root login at all (it was previously accepting logons but immediately > dumping > > you back to getty without giving you a prompt). Of course, this is a > sudden > > problem, and all the other admins claim "we didn't do nuttin". Any > ideas? I > > keep thinking it's a pam thing, cuz I hate pam ;-), but so far my > > troubleshooting has come up with naught. > > (Groan) You're *allowing* root to log in remotely? Root should > never log in directly from anywhere but the console. Use ssh, with > properly propogated public keys if you have to log in as root, since it > will be encrypted. But only if you trust the remote host... > > Tim As of this moment, I am allowing myself to login as root remotely, cuz I have to trouble shoot the problem :-) I have not, nor will ever normally operate in that mode. *grumble* I knew I should have put a disclaimer on my last email *grumble*. :-) Anyone have ideas as to why *nobody* can logon (excepting only root, now that I changed /etc/pam.d/login)?? TIA, D.A.Bishop
Re: pam failure
On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote: > [from /var/log/messages] > Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR > db, Authentication failure > Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM > masquerade.micron.com FOR (null), Conversation error > > This just started happening. Any normal user will recieve a "login > incorrect" message when putting in their username and password, and I had to > edit the /etc/pam.d/login file to not check /etc/securetty in order to let > root login at all (it was previously accepting logons but immediately dumping > you back to getty without giving you a prompt). Of course, this is a sudden > problem, and all the other admins claim "we didn't do nuttin".Any > ideas? I > keep thinking it's a pam thing, cuz I hate pam ;-), but so far my > troubleshooting has come up with naught. (Groan) You're *allowing* root to log in remotely? Root should never log in directly from anywhere but the console. Use ssh, with properly propogated public keys if you have to log in as root, since it will be encrypted. But only if you trust the remote host... Tim -- >< >> Tim Sailer (at home) >< Coastal Internet, Inc. << >> Network and Systems Operations >< PO Box 671 << >> http://www.buoy.com >< Ridge, NY 11961 << >> [EMAIL PROTECTED]/[EMAIL PROTECTED] >< (631) 924-3728 << ><
pam failure
[from /var/log/messages] Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR db, Authentication failure Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM masquerade.micron.com FOR (null), Conversation error This just started happening. Any normal user will recieve a "login incorrect" message when putting in their username and password, and I had to edit the /etc/pam.d/login file to not check /etc/securetty in order to let root login at all (it was previously accepting logons but immediately dumping you back to getty without giving you a prompt). Of course, this is a sudden problem, and all the other admins claim "we didn't do nuttin". Any ideas? I keep thinking it's a pam thing, cuz I hate pam ;-), but so far my troubleshooting has come up with naught. TIA, D.A.Bishop
Re: pam failure
On Mon, 19 Feb 2001 17:46:10 -0500, [EMAIL PROTECTED] said: > On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote: > > [from /var/log/messages] > > Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR > > db, Authentication failure > > Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM > > masquerade.micron.com FOR (null), Conversation error > > > > This just started happening. Any normal user will recieve a "login > > incorrect" message when putting in their username and password, and I had to > > edit the /etc/pam.d/login file to not check /etc/securetty in order to let > > root login at all (it was previously accepting logons but immediately dumping > > you back to getty without giving you a prompt). Of course, this is a sudden > > problem, and all the other admins claim "we didn't do nuttin". Any ideas? I > > keep thinking it's a pam thing, cuz I hate pam ;-), but so far my > > troubleshooting has come up with naught. > > (Groan) You're *allowing* root to log in remotely? Root should > never log in directly from anywhere but the console. Use ssh, with > properly propogated public keys if you have to log in as root, since it > will be encrypted. But only if you trust the remote host... > > Tim As of this moment, I am allowing myself to login as root remotely, cuz I have to trouble shoot the problem :-) I have not, nor will ever normally operate in that mode. *grumble* I knew I should have put a disclaimer on my last email *grumble*. :-) Anyone have ideas as to why *nobody* can logon (excepting only root, now that I changed /etc/pam.d/login)?? TIA, D.A.Bishop -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: pam failure
On Mon, Feb 19, 2001 at 02:37:29PM -0700, David Bishop wrote: > [from /var/log/messages] > Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR > db, Authentication failure > Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM > masquerade.micron.com FOR (null), Conversation error > > This just started happening. Any normal user will recieve a "login > incorrect" message when putting in their username and password, and I had to > edit the /etc/pam.d/login file to not check /etc/securetty in order to let > root login at all (it was previously accepting logons but immediately dumping > you back to getty without giving you a prompt). Of course, this is a sudden > problem, and all the other admins claim "we didn't do nuttin".Any ideas? I > keep thinking it's a pam thing, cuz I hate pam ;-), but so far my > troubleshooting has come up with naught. (Groan) You're *allowing* root to log in remotely? Root should never log in directly from anywhere but the console. Use ssh, with properly propogated public keys if you have to log in as root, since it will be encrypted. But only if you trust the remote host... Tim -- >< >> Tim Sailer (at home) >< Coastal Internet, Inc. << >> Network and Systems Operations >< PO Box 671 << >> http://www.buoy.com >< Ridge, NY 11961 << >> [EMAIL PROTECTED][EMAIL PROTECTED] >< (631) 924-3728 << >< -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
pam failure
[from /var/log/messages] Feb 19 15:29:56 server1 login: FAILED LOGIN 1 FROM masquerade.micron.com FOR db, Authentication failure Feb 19 15:29:58 server1 login: FAILED LOGIN SESSION FROM masquerade.micron.com FOR (null), Conversation error This just started happening. Any normal user will recieve a "login incorrect" message when putting in their username and password, and I had to edit the /etc/pam.d/login file to not check /etc/securetty in order to let root login at all (it was previously accepting logons but immediately dumping you back to getty without giving you a prompt). Of course, this is a sudden problem, and all the other admins claim "we didn't do nuttin". Any ideas? I keep thinking it's a pam thing, cuz I hate pam ;-), but so far my troubleshooting has come up with naught. TIA, D.A.Bishop -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]