_____
From: Mark Shields [mailto:[EMAIL PROTECTED]
Sent: Friday, September 14, 2007 10:07 AM
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] root can't login on console, but can ssh...
On 9/13/07, Daevid Vincent <[EMAIL PROTECTED]> wrote:
I've posted this about two months ago without any replies. I've been
googling and trying things, but still can't get this to work like it used
to.
I simply want root to be able to login from console (tty[1-6]) or ssh
(pts/[0-9]) without a password. Currently ssh does work fine. It's only the
physical console that doesn't.
This WAS working perfectly, then PAM or some other ebuild "broke it" on me.
Just for sanity, I even assigned root a password, I now get a "Password"
prompt, but it STILL can't login. (positive I'm typing it right) It says
"Login incorrect".
-----Original Message-----
From: Daevid Vincent [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 17, 2007 3:47 PM
To: gentoo-user@lists.gentoo.org
Subject: [gentoo-user] root can't login on console, but can ssh...
I have a LAMP development VMWare setup so that I can login as root sans
password.
This was working fine until something recently changed that.
It doesn't even prompt for the password, it just timesout after x
seconds.
Oddly I can ssh in as root (without the password as expected).
I have my "daevid" account without password and that logs in fine on the
console and ssh.
I can circumvent this behaviour by logging in as 'daevid', then 'sudo su
-' (which doesn't prompt for pw either), but I'd like it to work the way
it did.
Perhaps it was some PAM thing? Or login.defs? Or in pam.d/ ?
LAMP pam.d # cat login
#%PAM-1.0
auth required pam_securetty.so
auth required pam_tally.so file=/var/log/faillog onerr=succeed
no_magic_root
auth required pam_shells.so
auth required pam_nologin.so
auth include system-auth
account required pam_access.so
account include system-auth
account required pam_tally.so deny=0 file=/var/log/faillog
onerr=succeed no_magic_root
password include system-auth
session required pam_env.so
session optional pam_lastlog.so
session optional pam_motd.so motd=/etc/motd
session optional pam_mail.so
# If you want to enable pam_console, uncomment the following line
# and read carefully README.pam_console in /usr/share/doc/pam*
#session optional pam_console.so
session include system-auth
LAMP ~ # cat /etc/securetty
# /etc/securetty: list of terminals on which root is allowed to login.
# See securetty(5) and login(1).
console
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
vc/0
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
vc/9
vc/10
vc/11
vc/12
tty0
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
tty12
tts/0
ttyS0
Check out /etc/securetty (man securetty). There should be at least one
uncommented entry listing 'tty1' if you want to be able to log in with just
the first virtual terminal, or if you want root to be allowed on all virtual
terminals, add tty1 through tty12.
- Mark Shields
Thanks Mark for the reply, however, don't I already have those set in
/etc/securetty (as shown above)??