# [SOLVED] can not login as "root" from terminal "Alt-F1..2"

## Joseph_sys

I can not login to the system from terminal: Alt-F1 Alt-F2 etc

When I log-in as user I can"su" or "su root" and it works OK but not when I try "F1" or other terminals.Last edited by Joseph_sys on Fri Mar 05, 2010 5:37 am; edited 1 time in total

----------

## eccerr0r

Take a look at /etc/securetty (man 5 securetty) and see if /dev/ttyX is listed in it...

Might or might not be the problem but worth to check...

----------

## Joseph_sys

 *eccerr0r wrote:*   

> Take a look at /etc/securetty (man 5 securetty) and see if /dev/ttyX is listed in it...
> 
> Might or might not be the problem but worth to check...

 

Yes, they are all there.  Can you login as root if you press "Alt+F1"?

----------

## eccerr0r

I'm not at my machine right now, but last I tried it worked...  You do mean the virtual consoles right? (making sure you don't mean alt-f1 to run some command in X11 to bring up a login window)

Next thing to try is...are you up to date with etc-update?  Updated all your pam stuff?

/etc/pam.d/login

Most of the stuff in here is to deny access, but if it's out of date it may be using some antique mechanism that's no longer available on newer systems (emerge world too).

----------

## Joseph_sys

 *eccerr0r wrote:*   

> I'm not at my machine right now, but last I tried it worked...  You do mean the virtual consoles right? (making sure you don't mean alt-f1 to run some command in X11 to bring up a login window)
> 
> Next thing to try is...are you up to date with etc-update?  Updated all your pam stuff?
> 
> /etc/pam.d/login
> ...

 

I'm sure I'm up to date, updated everything two weeks ago; unless I've missed something during updating.

In the past virtual console worked, so I'm not sure what happened.  No, I'm not trying to start any graphics "X" etc.

All I was trying to do is to kill some program as my KDE hang-up.

Though I've noticed my other machine experience the same behaviour; it will not allow me to login to root from virtual console "Alt-F1..2" etc.

----------

## eccerr0r

Well, here's confirmation that I can login as root on console virtual terminal /dev/tty2 (alt-f2) at least...

Those were the two biggest things that could prevent a root login on console that I can think of off the top of my head.  Only other thing I can think of is making sure your /bin/login wasn't trojaned or something...

----------

## Joseph_sys

I've check on my third machine and root login works from virtual terminal.

The only difference between is that on my other two machine that I "can not" log in as root; I have installed on them "openvpn" and "freenx-server".  

I think "freenx-server" installation is causing it somehow, just need to figure it out why?

I just run rkhunter and just have few warnings 

```
[20:48:24] /usr/bin/ldd                                      [ Warning ]

[20:48:24] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script text executable

[20:48:26] /usr/bin/whatis                                   [ Warning ]

[20:48:26] Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: POSIX shell script text executable

[20:48:27] /usr/bin/lwp-request                              [ Warning ]

[20:48:27] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script text executable

[20:49:01]   Checking for passwd file changes                [ Warning ]

[20:49:01] Warning: Users have been added to the passwd file:

[20:49:01]          nagios:x:114:1015:added by portage for nagios-core:/var/nagios/home:/bin/bash

[20:49:01]          nx:x:1001:1016::/var/lib/nxserver/home:/usr/bin/nxserver

[20:49:01] Info: Starting test name 'group_changes'

[20:49:01]   Checking for group file changes                 [ Warning ]

[20:49:01] Warning: Groups have been added to the group file:

[20:49:01]          utmp:x:406:nx

[20:49:01]          nagios:x:1015:

[20:49:01]          nx:x:1016:

[20:49:03]   Checking for hidden files and directories       [ Warning ]

[20:49:03] Warning: Hidden directory found: /dev/.lvm

[20:49:03] Warning: Hidden directory found: /dev/.udev
```

Not sure about those hidden directories?

/dev.lvm is empty 

but "/dev/.udev" contains:

```
ls -al /dev/.udev

total 4

drwxr-xr-x    6 root root   140 Mar  4 14:14 .

drwxr-xr-x   20 root root 15040 Mar  4 19:37 ..

drwxr-xr-x    2 root root 15160 Mar  4 19:37 db

drwxr-xr-x 1581 root root 31620 Mar  4 19:37 names

-rw-r--r--    1 root root  1175 Mar  4 20:40 queue.bin

drwxr-xr-x    2 root root    60 Mar  4 07:13 rules.d

drwxr-xr-x    2 root root   660 Mar  4 07:13 watch
```

----------

## Joseph_sys

All other directory exist on my other machine that function correctly except the directory "watch"

Here is the content:

```
cd watch/

syscon4 watch # ll

total 0

lrwxrwxrwx 1 root root 28 Mar  4 07:13 10 -> /devices/virtual/block/ram11

lrwxrwxrwx 1 root root 28 Mar  4 07:13 11 -> /devices/virtual/block/ram15

lrwxrwxrwx 1 root root 28 Mar  4 07:13 12 -> /devices/virtual/block/ram13

lrwxrwxrwx 1 root root 28 Mar  4 07:13 13 -> /devices/virtual/block/loop0

lrwxrwxrwx 1 root root 28 Mar  4 07:13 14 -> /devices/virtual/block/ram12

lrwxrwxrwx 1 root root 27 Mar  4 07:13 15 -> /devices/virtual/block/ram3

lrwxrwxrwx 1 root root 28 Mar  4 07:13 16 -> /devices/virtual/block/ram14

lrwxrwxrwx 1 root root 27 Mar  4 07:13 17 -> /devices/virtual/block/ram9

lrwxrwxrwx 1 root root 27 Mar  4 07:13 18 -> /devices/virtual/block/ram8

lrwxrwxrwx 1 root root 27 Mar  4 07:13 19 -> /devices/virtual/block/ram1

lrwxrwxrwx 1 root root 28 Mar  4 07:13 20 -> /devices/virtual/block/loop2

lrwxrwxrwx 1 root root 28 Mar  4 07:13 21 -> /devices/virtual/block/loop4

lrwxrwxrwx 1 root root 27 Mar  4 07:13 22 -> /devices/virtual/block/ram2

lrwxrwxrwx 1 root root 28 Mar  4 07:13 23 -> /devices/virtual/block/ram10

lrwxrwxrwx 1 root root 27 Mar  4 07:13 24 -> /devices/virtual/block/ram5

lrwxrwxrwx 1 root root 28 Mar  4 07:13 25 -> /devices/virtual/block/loop5

lrwxrwxrwx 1 root root 28 Mar  4 07:13 26 -> /devices/virtual/block/loop3

lrwxrwxrwx 1 root root 27 Mar  4 07:13 27 -> /devices/virtual/block/ram6

lrwxrwxrwx 1 root root 68 Mar  4 07:13 28 -> /devices/pci0000:00/0000:00:1f.2/host1/target1:0:0/1:0:0:0/block/sda

lrwxrwxrwx 1 root root 73 Mar  4 07:13 29 -> /devices/pci0000:00/0000:00:1f.2/host1/target1:0:0/1:0:0:0/block/sda/sda4

lrwxrwxrwx 1 root root 73 Mar  4 07:13 30 -> /devices/pci0000:00/0000:00:1f.2/host1/target1:0:0/1:0:0:0/block/sda/sda2

lrwxrwxrwx 1 root root 73 Mar  4 07:13 35 -> /devices/pci0000:00/0000:00:1f.2/host1/target1:0:0/1:0:0:0/block/sda/sda3

lrwxrwxrwx 1 root root 73 Mar  4 07:13 37 -> /devices/pci0000:00/0000:00:1f.2/host1/target1:0:0/1:0:0:0/block/sda/sda5

lrwxrwxrwx 1 root root 73 Mar  4 07:13 38 -> /devices/pci0000:00/0000:00:1f.2/host1/target1:0:0/1:0:0:0/block/sda/sda1

lrwxrwxrwx 1 root root 73 Mar  4 07:13 39 -> /devices/pci0000:00/0000:00:1f.2/host1/target1:0:0/1:0:0:0/block/sda/sda6

lrwxrwxrwx 1 root root 27 Mar  4 07:13 4 -> /devices/virtual/block/ram0

lrwxrwxrwx 1 root root 27 Mar  4 07:13 5 -> /devices/virtual/block/ram4

lrwxrwxrwx 1 root root 28 Mar  4 07:13 6 -> /devices/virtual/block/loop7

lrwxrwxrwx 1 root root 28 Mar  4 07:13 7 -> /devices/virtual/block/loop1

lrwxrwxrwx 1 root root 27 Mar  4 07:13 8 -> /devices/virtual/block/ram7

lrwxrwxrwx 1 root root 28 Mar  4 07:13 9 -> /devices/virtual/block/loop6
```

What is it?

----------

## eccerr0r

Are there any error messages in syslog as to why you can't login to root?

----------

## Joseph_sys

 *eccerr0r wrote:*   

> Are there any error messages in syslog as to why you can't login to root?

 

tail /var/log/messages

is giving me authentication failure

```
syscon4 login[18760]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=  user=root

 syscon4 login[18760]: FAILED LOGIN (1) on 'tty1' FOR `root', Authentication failure

 syscon4 login[18760]: FAILED LOGIN (2) on 'tty1' FOR `root', Authentication failure

 syscon4 login[10635]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=  user=root

 syscon4 login[10635]: FAILED LOGIN (1) on 'tty1' FOR `root', Authentication failure
```

When I try to login to root from user session, it works:

```
 Successful su for root by joseph

Mar  4 21:35:17 syscon4 su[10947]: + pts/2 joseph:root

Mar  4 21:35:17 syscon4 su[10947]: pam_unix(su:session): session opened for user root by (uid=1000)
```

----------

## Joseph_sys

Strange problem with the keyboard on both system

When I pressed "Num Lock" ON and OFF I could login without problem.

In addition without pressing "Num Lock" ON and OFF the keyboard act funny I had to repeat somekey strokes twice time to get a response.  But turning "Num Lock" ON and OFF solved the problem.

Strange :-/

(I hope nobody installed a keyboard logger :-/)

----------

## eccerr0r

odd... so you don't have typing mistakes caused by keyboard input issues elsewhere on console?

----------

## Joseph_sys

 *eccerr0r wrote:*   

> odd... so you don't have typing mistakes caused by keyboard input issues elsewhere on console?

 

No errors when I'm using it on day to day bases, I'm still using KDE3.5 and no issues with the keyboard; it is the first time I've notice this strange behaviour. 

Now when I go to VT I can log IN OK.

----------

## eccerr0r

If I had this problem I wouldn't consider it solved though it is a plausible workaround...

Weird.

So X11/kde is running in background for this to happen?  Can you login root regardless of numlock if you don't have KDE running (kdm, etc., shut down)?

----------

## Joseph_sys

 *eccerr0r wrote:*   

> If I had this problem I wouldn't consider it solved though it is a plausible workaround...
> 
> Weird.
> 
> So X11/kde is running in background for this to happen?  Can you login root regardless of numlock if you don't have KDE running (kdm, etc., shut down)?

 

I've notice this strange behaviour on two system.

One is running KDE3.5

The other is running XFCE4

I just tried to log-in on VT-1 and it wouldn't let me in as root; I had to press ON/OFF "CapsLock" key 

So, I'm not sure what is going on. 

I've maked as solved as I can log-in and I don't have much time on troubleshooting trivial things.

Though, I have noticed that if for example "NumLock" is active on VT-7 when I go to VT-1 or VT-2 etc. it doesn't mean that NumLock will be active on these terminals.  So it seems to me the VT-terminal 1-7 have their independent settings for "NumLock" or "CapsLock" keys.

----------

