Login or Register to Ask a Question and Join Our Community


AIX

why I cannot login by root

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX why I cannot login by root
# 1  
Old 03-13-2008
why I cannot login by root
I can use sudo su to root from my user id through ssh. Also can change root password. However, I cannnot login by root from ssh.

Does any body know why?
# 2  
Old 03-13-2008
Quote:
Originally Posted by rainbow_bean
I can use sudo su to root from my user id through ssh. Also can change root password. However, I cannnot login by root from ssh.

Does any body know why?
Security. That's how it's designed. I don't think there's a way to work around it, and there probably shouldn't be.

ShawnMilo
# 3  
Old 03-13-2008
however, other AIX server I can login by root. I have root password and I can reset root password. When I login by root, it showed "Access denied"
# 4  
Old 03-13-2008
I don't know, then. Maybe there's something in one of the config files which regulates that. I've never been able to log in as root via ssh on Linux or the Mac, but I've never used AIX, so take that for what it's worth.

ShawnMilo
# 5  
Old 03-13-2008
I don't know if this is related... This is for ESX which is a red hat compatible linux.

edit /etc/ssh/sshd_config: add "permitRootLogin yes"
perform "/etc/init.d/sshd restart"

Actually, this is really not recommended, a security risk, are you former windows administrator who can only think about making a simple life but in return is really the reverse, why don't you just login as regular user then just do su or sudo.

itik
# 6  
Old 03-13-2008
If you are using OpenSSH then sshd_config will regulate users abilities to login.
A workaround is to use keyed access only for root login. This is very convenient and, contrary to other opinions, when well designed is a very attractive solution.

Root login via interactive-password is a very bad idea.
# 7  
Old 03-14-2008
The one possibility (in the ssh config) has already been mentioned. Another possibility would be to (dis-)allow the user root the remote login directly. This is one of the user attributes: check with "lsuser" and if this shows "rlogin=false" change the attribute to "true" by "chuser -a rlogin=true root".

The notion that this poses a security risk is IMHO a misconception. By allowing root to directly login there is no auditing possible any more about who (personally) has logged in. It could be everybody with the root password. If root cannot log in directly the user would have to log in with his normal account and then use "su" to become root. Both events can be logged (/var/adm/wtmp and sulog).

Still, to have an event being auditable does not mean enhanced security by itself. It merely means you can blame it to somebody in case something goes wrong. Further, anybody with a root account could alter these logs so that they are unusable. So this is creating a false sense of security which in fact is not provided by these measures.

bakunin
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Su root or login root

Hi, I find there is some customized linux with application. When I use login account root and type the password. It is not allow to login. But if I login with specified user and password. Then I use command "su - " and type root passwd. It allow you to switch to "root" account . Or if i... (14 Replies)
Discussion started by: chuikingman
14 Replies

2. HP-UX

Cannot login root

With my SSH, my HP-UX cannot login to root. It will come out a message su: unknown id: root. But I can login by user oracle. I also cannot login to console either by using root or oracle anymore. What shall I do. (5 Replies)
Discussion started by: surizan
5 Replies

3. AIX

Can't login root account due to can't find root shell

Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in. I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies

4. UNIX Desktop Questions & Answers

only root can login through X window

Dear Friends I'm using Hp-unix release b.11.11 and i'm facing a problem to login through telnet session. i can login only by user root but other users can not login. but if i use x window application like (reflection X) all users can login with no problem. please kindly advice me on how to... (0 Replies)
Discussion started by: hai_jab
0 Replies

5. Solaris

login error as root

Hi i am using sun netra20 server ruuning solaris 9 and while i trying to login as root its showing error as shown below. SunOS 5.9 login:root password: Not on system console Connection to system closed by foreign host But i can login as scadm and su to root...then it is goin to root... (1 Reply)
Discussion started by: gini
1 Replies

6. Solaris

How to allow root login from a specified terminal ?

I want to enable root login just from one terminal machine, can i do that via /etc/default/login in console=/dev/console line ? and if so what i have to type exactly, another question is it normal to edit the files inside defaults directly ? or i can copy it to /etc/ and edit it there and its... (3 Replies)
Discussion started by: XP_2600
3 Replies

7. Solaris

Root login password

Hello all, I've a problem with root login password in Solaris. After I installed a patch the root password became empty, so to login as root I don't have to type any password, just username: root. I've tried the passwd command but it still doesn't work... Does anyone knows how can I solve this?... (1 Reply)
Discussion started by: pmpx
1 Replies

8. Solaris

sunOS 4.x.x root login

I have an old (I mean "dinosaur old") server that is running SunOS 4.1xxx. I need to allow root login ONLY on the console. I've looked in /etc/default for the login file for the "console=/dev/console" parameter is, but there's no 'default" dir in /etc. Can someone help? Thanks (2 Replies)
Discussion started by: antalexi
2 Replies

9. AIX

root login

How do I make it so user "root" can not log directly into an AIX server? I want a user to be able to SU to it but not log into it to keep a log (2 Replies)
Discussion started by: breigner
2 Replies

10. Answers to Frequently Asked Questions

Lost root password / Can't login as root

We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies
Login or Register to Ask a Question