From owner-freebsd-questions@FreeBSD.ORG Fri Jul 13 22:27:54 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 85A1B16A404 for ; Fri, 13 Jul 2007 22:27:54 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from mail-in08.adhost.com (mail-in08.adhost.com [216.211.128.141]) by mx1.freebsd.org (Postfix) with ESMTP id 5EE9013C491 for ; Fri, 13 Jul 2007 22:27:54 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from ad-exh01.adhost.lan (unknown [216.211.143.69]) by mail-in08.adhost.com (Postfix) with ESMTP id 30E5F8FC44; Fri, 13 Jul 2007 15:27:53 -0700 (PDT) (envelope-from mksmith@adhost.com) Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Fri, 13 Jul 2007 15:27:48 -0700 Message-ID: <17838240D9A5544AAA5FF95F8D52031602402C66@ad-exh01.adhost.lan> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: cannot log in via console, cannot su(1), only as root Thread-Index: AcfE5OrlTY23l5GpTbe1YluJoMSJ6gAt8KZQ References: <17838240D9A5544AAA5FF95F8D520316022AC752@ad-exh01.adhost.lan> From: "Michael K. Smith - Adhost" To: "martinko" , Cc: Subject: RE: cannot log in via console, cannot su(1), only as root X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jul 2007 22:27:54 -0000 Hello Martin: > -----Original Message----- > From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd- > questions@freebsd.org] On Behalf Of martinko > Sent: Thursday, July 12, 2007 5:28 PM > To: freebsd-questions@freebsd.org > Subject: Re: cannot log in via console, cannot su(1), only as root >=20 > Michael K. Smith - Adhost wrote: > > Hello Martinko: > > > >> -----Original Message----- > >> From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd- > >> questions@freebsd.org] On Behalf Of martinko > >> Sent: Saturday, July 07, 2007 4:36 PM > >> To: freebsd-questions@freebsd.org > >> Subject: Re: cannot log in via console, cannot su(1), only as root > >> > >> martinko wrote: > >>> hello list, > >>> > >>> i was updating sw configuration of my old computer and towards the > >> end i > >>> noticed i couldn't log in on local console other than root. i > tried > >>> remote ssh using public keys which worked but i found out su(1) to > >> any > >>> user except root does not work either. i've no idea how i could > >>> possibly manage to "break" my system like this and unfortunately i > >> need > >>> to fix it by tomorrow. therefore i would really appreciate your > >> prompt > >>> hints as what to check etc. > >>> > >> some more details follow ... > >> > >> upgrade from 6.0-R to 6.2-R > >> everything went ok .. > >> i was doing changes in /etc based on my other computer settings > >> i was working via ssh(1), therefore i haven't noticed when logging > on > >> console stopped working. > >> > >> what works: > >> log in via ssh(1) using public/private keys > >> log in on local console as root > >> su(1) to root > >> > >> what doesn't work: > >> log in via ssh(1) using password > >> log in on local console as a normal user > >> su(1) to a normal user (it even doesn't ask for password a throws > >> "sorry") > >> > >> besides, as root i'm able to change passwords via passwd(1), but it > >> doesn't help and a normal user cannot change their own password (old > >> password check would fail). > >> > >> i ran vipw(8) and it doesn't seem to me there's something wrong with > > my > >> files. > >> > >> any hints pls ?? > >> > > > > The normal user would have to be a member of the "wheel" group to use > su > > at any point. If your normal user logs in via ssh/console/whatever, > > they should be able to run the passwd command to change their own > > password. You wouldn't want them to su to do so. If you want to > test > > this, add your normal user to the wheel group, log in again and see > if > > it works. > > >=20 > I'm not having problem with a password as such. I can change it. I > just cannot log in using password as any user apart from root, whether > logging locally (console) or remotely (ssh). Users I tried su(1) are > of > course members of wheel group. su(1) failed before even accepting any > password. There's something wrong somewhere and I need to find it, > just > don't know how. Any ideas pls ?? >=20 > Martin >=20 There are three things I would check. 1) When you ps auxww | grep sshd is it the system version in /sbin or is it firing from /usr/local/sbin? a) If it's in /usr/local/sbin then the config file *may* be in /usr/local/etc/sshd/sshd_config 2) Is your /etc/ttys configuration odd? 3) Is /etc/pam.d/sshd configured the way you would like? Is it calling odd or unexpected PAM modules? Regards, Mike