> -----Original Message----- > From: Marc Branchaud [mailto:[EMAIL PROTECTED] > Sent: Monday, January 22, 2007 2:54 PM > To: debian-user@lists.debian.org > Subject: Help! Can't login or su, but SSH is ok... > > Hi all, > > Over the weekend one of my sarge boxes decided to stop > accepting logins. > Currently, the box allows remote SSH (via public-key > authentication) > for regular users, but it doesn't allow user logins via > telnet or on the > console, even for root. SSH'd-in users also can't su to any user. > > The only way root can currently log in is to reboot in recovery mode. > Even in that mode, root can su to a regular user, but the > regular user > can't su. > > su reports: > su: Authentication information cannot be recovered > Sorry. > > On Friday, I did change the box's configuration. I had > previously been > trying to make it work with Samba Windows domain > authentication, and had > added some pam_winbind.so lines to files in /etc/pam.d/. On Friday I > decided that I didn't really need Windows domain auth, so I > removed all > references to pam_winbind.so from my /etc/pam.d/ files. > There were no > problems after the changes on Friday, though I wasn't overly > systematic > about trying things out, but I'm pretty sure I su'd to root... > > I can't figure out what went wrong. My /etc/pam.d/ files > look fine to > me (I can compare them to those on another, working sarge box on the > same network). I'm not even sure that's where the problem > lies. Google > can't tell me what "Authentication information cannot be recovered" > means, and the machine isn't logging anything when su or logins fail.
Did you also make sure /etc/nsswitch.conf looks like the default? Namely, passwd, group, and shadow should all have "compat", and only "compat", in the second column. -- Kevin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
