Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cannot ssh login, su or sudo

Status
Not open for further replies.

mrberry

MIS
Jun 15, 2004
80
US
I have a Leopard install where I do seem to be able to login at the OS level. I cannot ssh to the box, I cannot sudo to any user (all users have admin rights) and I cannot su to a user. No error, just rejects the password of any user I try. I can login with all users using the password in the GUI, but nothing works at the command line.

I even enabled the root user and it has the same behaviour. I check the console logs are can see nothing.

The user says he didn't change anything....

Anybody have any idea what this might be or what else to look at?
 
To ssh in, you need several things, first Remote Login must be enabled in System Prefs, the port must be open on your router/firewall. I would check all of those first before anything else.

Have you tried creating a new account, one that you set up yourself and given admin rights to?

A permmissiond fix might be a good call too.

Twist

===========================================
Everything will be OK in the end.
If it's not OK, then it's not the end
 
twiSSt, thank you for your reply.

I do not believe that this is an ssh issue as I cannot sudo or su locally on the problem machine. I am thinking the problem must be at the Darwin (OS) level as I can access all users at the Aqua (GUI)level.

I did try a permissions fix and it did not resolve the problem.

I have not tried to add a new admin user. I will give that a try.
 
Adding another admin user did not fix the problem. The new user has the same issues as the other users.
 
what do you see when you type the following in the terminal

Code:
ls -la /private/etc/sudoers

it should show you

Code:
-r--r-----  1 root  wheel  1135 Sep 23  2007 /private/etc/sudoers

and the users you are trying to use should be part of the wheel group.

Twist

===========================================
Everything will be OK in the end.
If it's not OK, then it's not the end
 
Looks the same as yours:

root# ls -l /private/etc/sudoers
-r--r----- 1 root wheel 1135 Sep 23 2007 /private/etc/sudoers

I am using Leopard 10.5.4 and I don't believe the users need to be part of the wheel group because they are not on any of my other Macs. I believe that they only need to be in the admin group and this line in the sudoers file is what gives admin users rights:

%admin ALL=(ALL) ALL


Because I cannot su or ssh I don't think the problem is to do with the sudo configuration.

 
OK, I think I found what the problem is; it looks like a library issue.

I see this in the syslog:

sudo[538]: PAM unable to _pam_dlopen(/usr/lib/pam/pam_securityserver.so)
sudo[538]: PAM adding faulty module: /usr/lib/pam/pam_securityserver.so


su[539]: PAM unable to _pam_dlopen(/usr/lib/pam/pam_securityserver.so)
su[539]: PAM adding faulty module: /usr/lib/pam/pam_securityserver.so
su[539]: pam_authenticate: Authentication failure



I also found on this machine if you try to use spotlight from the GUI the search crashes and I see this in the syslog:

com.apple.dyld[447]: update_dyld_shared_cache[447] for arch=i386 failed: flat namespace not supported in /usr/lib/libxslt.1.dylib

The file /usr/lib/libxslt.1.dylib is a symbolic link. On other working Macs it is a regular file.

The user said that he did not change/install anything, but I am thinking that something updated some of the libraries and now there are incompatibilities.

Other than re-install I am not sure what else I can do with this.

 
My bad, you need to be in the admin group to sudo. If you don't mind me asking, what are you trying to do?

what do you get when you type this in the terminal:
Code:
ls -lad /

should return:
Code:
drwxrwxr-t  35 root  admin  1258 Jul 11 13:14 /


Twist

===========================================
Everything will be OK in the end.
If it's not OK, then it's not the end
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top