Re: root access denied via SSH

---

• From: ttepandi@xxxxxxxxx
• Date: 10 May 2007 09:35:53 -0700

---

On May 10, 11:54 am, Bill Marcum <marcumb...@xxxxxxxxxxxxx> wrote:

On 10 May 2007 07:19:55 -0700, ttepa...@xxxxxxxxx <ttepa...@xxxxxxxxx> wrote:

Hi,
I'm in a bit of an emergency situation. I suspect that after adding a
user and modifying that users uid and group id in the /etc/passwd
file, all users including root have lost access to the shell - but
only via SSH. After adding this user and modifying it to have root
access (potentially incorrectly) as in:
username:x:0:0::/home/username:/bin/bash
I tested both the root and the new user and all worked as expected.
The new user was able to perform all root tasks I had anticipated.
Overnight access - using either of the two accounts has ceased.

When you say users have lost access only via ssh, does that mean you can
log in from the keyboard of that machine, or your password still works
with ftp or other services?
These days, allowing root login via password can be a security risk.
Perhaps someone broke in and changed the passwords?

--
Sex, Drugs & Linux Rules
-- MaDsen Wikholm, mwikh...@xxxxxxxxxx

Good point. I originally assumed that noone is able to access the box
via SSH. I'm thinking now that the other users I tried I've only used
for FTP access and never SSH access. Is it possible that user is setup
to access only FTP and no SSH? I would assume so. At this point I do
not have access to this machine using a keyboard directly atached to
it. All I have is SSH (well... and FTP). Users with FTP access can
access the machine as usual. Also the user I learned of today used to
run the PATROL services can log in just fine. The problem with this
user is that it's not a superuser so I cannot use it to access any
user/password related functions.
Does this kindof answer your question?

I have never tried to login as root via FTP so I don't know if root
would have FTP access.

I have not ruled the latter out and I'm still trying to get to these
logs that would tell me what commands have been used.

.

---

• References:
  • root access denied via SSH
    • From: ttepandi
  • Re: root access denied via SSH
    • From: Bill Marcum

• Prev by Date: Re: root access denied via SSH
• Next by Date: Re: FTP difference: console and GUI
• Previous by thread: Re: root access denied via SSH
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: able to login as root via ssh :-( ... in as root, and I don't recall changing that setting. ... Of course they are different programs (ftp server/ssh ... sort of implies that ssh to root directly won't work. ... changing port numbers is little more than leaving the door key under the flower pot instead of under the mat. ... (Fedora) Re: able to login as root via ssh :-( ... in as root, and I don't recall changing that setting. ... Of course they are different programs (ftp server/ssh ... sort of implies that ssh to root directly won't work. ... at least that little door is closed now. ... (Fedora) Re: FTP and SSH file access question ... I have root FTP access but only user-level ... > access via SSH. ... > The FTP data port is closed, so I can't get the file with FTP. ... (alt.linux) Re: ftp to webserver - not as root ... >> I'm learning to set up a server via remote. ... We set it up so that root cannot ftp or ssh in. ... (Debian-User) Re: root access denied via SSH ... After adding this user and modifying it to have root ... When you say users have lost access only via ssh, ... (comp.unix.questions)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)