On Tue, 3 Apr 2001, Jason Spence wrote:
> Hi -
>
> I hope that this will save somebody time now that I've spent plenty of
> mine on it. Please excuse the wording; I want the search engines to
> pick up the keywords.
>
> Symptoms: ssh server responds with "Failed password for ROOT" (or
> other user) even though the password is set correctly, and local
> logins work properly. ssh server process is running on a Linux system
> with PAM.
>
> Problem: PAM is configured to use the securetty module in
> /etc/pam.conf or /etc/pam.d/sshd:
>
> auth required /lib/security/pam_securetty.so
>
> Solution: Comment out the securetty module or remove it entirely.
> Alternatively, use it like it was intended to be used and add your
> allowed terminals to the /etc/securetty file.
>
> Does anyone know of a general PAM debug mechanism? I couldn't find
> one after a quick search.
Good security practice tells us that you shouldn't be logging in
*remotely* as root.
--------------------
"The best players, I think, are always the ones who remember
their losses, because they remember the pain and they hate it."
-- Billie Jean King
