No
--James. (This email was sent from a mobile device)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Hi List,
We have a CentOS VPS running a web site in a DC far away. The chap that
dev's this site told me he couldn't SFTP in yesterday, his password was
being rejected (I went to his desk to confirm and saw it was telling him the
password was incorrect but neither him nor me had changed it and we
On Wed, Feb 16, 2011 at 7:28 AM, James Bensley jwbens...@gmail.com wrote:
Hi List,
We have a CentOS VPS running a web site in a DC far away. The chap that
dev's this site told me he couldn't SFTP in yesterday, his password was
being rejected (I went to his desk to confirm and saw it was
On 16 Feb 2011 12:34, Nico Kadel-Garcia nka...@gmail.com wrote:
Uh-oh. Has your developer, or you, been editing the /etc/passwd,
/etc/shadow, /etc/group, or /etc/gshadow files manually?
Nope.
And do you
use NIS or LDAP for authentication?
Nope.
And this is a publicly exposed
webserver,
On Wed, Feb 16, 2011 at 7:43 AM, James Bensley jwbens...@gmail.com wrote:
On 16 Feb 2011 12:34, Nico Kadel-Garcia nka...@gmail.com wrote:
Uh-oh. Has your developer, or you, been editing the /etc/passwd,
/etc/shadow, /etc/group, or /etc/gshadow files manually?
Nope.
And do you
use NIS or
On 16/02/11 13:28, James Bensley wrote:
Hi List,
We have a CentOS VPS running a web site in a DC far away. The chap that
dev's this site told me he couldn't SFTP in yesterday, his password was
being rejected (I went to his desk to confirm and saw it was telling him
the password was
On Wed, Feb 16, 2011 at 7:28 AM, James Bensley jwbens...@gmail.com wrote:
[root@server ~]# su - webdevuser
[webdevuser@server ~]# passwd
Changing password for user webdevuser.
Changing password for webdevuser.
(current) UNIX password:
passwd: Authentication token manipulation error
A lot
Thanks to all for your various replies
On 16 February 2011 12:50, Nico Kadel-Garcia nka...@gmail.com wrote:
Check the /etc/shadow and /etc/group for consistent numbers of
entries, and /etc/group and /etc/gshadow.
Do you mean duplicate entries? If so there are none of those.
No, I mean
On 16 February 2011 13:00, ... wrote:
you realize that there are no passwords in /etc/passwd, so if you
delete /etc/shadow and rebuild it using pwconv there will be no
passwords in the new /etc/shadow... depending on the exact state,
you either won't be able to log in, or the machine will be
Nico Kadel-Garcia wrote:
On Wed, Feb 16, 2011 at 7:43 AM, James Bensley jwbens...@gmail.com
wrote:
On 16 Feb 2011 12:34, Nico Kadel-Garcia nka...@gmail.com wrote:
snip
Do you have other users who
can still log in or not?
There is only the root and web dev user on this box.
snip
What does
On 16 February 2011 14:17, m.r...@5-cent.us wrote:
What does lastlog | grep -v Never show you?
Hi Mark,
This has shown something (potentially) interesting:
[root@server ~]# lastlog | grep -v Never
Username Port From Latest
root pts/2x.x.x.x Wed Feb 16
On 16/02/11 15:16, James Bensley wrote:
i'd suggest looking at the log files (/var/log/secure and
.../messages), for indications of why you're having trouble logging
in as the other user. you can also, in a terminal window from a
mere mortal (not root) login, try:
su - user
as
On Wed, Feb 16, 2011 at 6:28 AM, James Bensley jwbens...@gmail.com wrote:
Hi List,
We have a CentOS VPS running a web site in a DC far away. The chap that
dev's this site told me he couldn't SFTP in yesterday, his password was
being rejected (I went to his desk to confirm and saw it was
On 16 February 2011 14:34, ... wrote:
yes, that is what doing an su - user as *root* will do, which
doesn't tell you much. instead of doing this from a root login, do
it from a regular account (you don't routinely log in as root i hope
- actually it sounds like you do).
if this works, then
Ok, everything is fixed now. I spoke with the VPS providers;
The jailed shell was removed from the webdev user (and the webmaster
user?) and they reset the password. I logged into ssh as the webdev
user to change the password and they told me off for trying and said I
must do it through
On 02/16/11 6:27 AM, James Bensley wrote:
However he always uses the webdev account which lastlog shows as never
logged in, so when accessing the VPS as the webdev user account are we
somehow actually accessing the VPS as webmaster? Is it possible the
VPS providers performed some crazy voodoo
16 matches
Mail list logo