Passwod for Root login in Terminal:

Similar Messages

• Solaris 11 AutoInstaller service profile for ssh to enable root logins?

  Hi Guys,
  I have got a basic system configuration profile that sets various things for my newly installed solaris 11 client.
  I was curious if anyone has a xml service configuration declaration I could use that configures the ssh service to allow remote root logins.
  I'd appreciate it.

  SSH configuration is not held in SMF but in /etc/ssh/sshd_config so it is not currently possible to use just an AI/SC manifest & profile to do what you ask.
  You need do deliver an updated /etc/ssh/sshd_config file with "PermitRootLogin yes", you will also need to have your SC profile setup so that the root account is not configured as a role. Y
  ou can deliver the /etc/ssh/sshd_config file either in an IPS package or you could do it with a custom [first boot script|http://docs.oracle.com/cd/E26502_01/html/E28980/firstboot-1.html#scrolltoc] or use a software_type of archive in your AI manifest to deliver it via cpio/tar.

• Applications only for root are displayed even with user login

  I am using MBP Pro with OSx 10.7.3. I use admin account. Recently I enabled root account and then disabled it back again. Since then I am seeing applications only for root and not for admin even with admin login. If I go to /Users/<admin username>/Library/Preferences, I can see that the applications has relevant files over there. When I looked more carefully I observed that, I am able to see the applications installed for the root only and not for the admin user. Is there any way to corrrect this?

  This particular discussion group is for Classic Mac OS.  Your question would be better suited in the OS X Lion group (https://discussions.apple.com/community/mac_os/mac_os_x_v10.7_lion).

• Not able to change normal login password through ssh root login remotely

  I am able to login to serverb from servera as root user without password
  as i have set the ssh key authentication between the two servers
  ==============================================================
  bash-3.00# hostname
  servera
  bash-3.00# ssh serverb
  Sun Microsystems Inc. SunOS 5.9 Generic May 2002
  You have new mail.
  root@serverb # hostname
  serverb
  root@serverb #
  ==============================================================
  i am also able to execute remote commands from servera to serverb
  through ssh as root :
  ==============================================================
  bash-3.00# ssh serverb "hostname ; date ; uptime;id -a "
  serverb
  Friday December 11 16:52:10 GMT 2009
  4:52pm up 258 day(s), 2:24, 1 user, load average: 0.12, 0.07, 0.06
  uid=0(root) gid=1(other) groups=1(other),0(root),2(bin),3(sys),4(adm),5(uucp),6(mail),7(tty),8(lp),9(nuucp),12(daemon),1001(srsncadm
  bash-3.00#
  ==============================================================
  But when i try to change a normal users login password it give me the following
  error even as root user, can someone please let me know why it preventing
  from a normal login password change though ssh even for a superuser account
  =============================================================
  bash-3.00# ssh serverb passwd testuser
  Permission denied
  bash-3.00#

  You cannot "ssh passwd username" remotely, for one thing. Remember, the passwd command is going to ask for input from the terminal.
  Also, look into the pfexec man page because you might need to change roles in order to change the password on the remote system.

• OL5.7 & Oracle 11gR2 - unable to login at terminal

  I was installing oracle 11gR2 which requires me to log in as "root" to run some scripts. Well I opened a terminal windows and
  typed "login" at the prompt, then the system asked for the username and I typed "root" (without quotes of course) then I typed the
  requested password but the system replies with "Login incorrect" message.
  I'm sure I'm typing the correct username and password.
  However, say that I'm logged as "oracle" and try to run the user/groups administraton program under the system menu, the system
  will ask for my "root" password and it will accept it with no problems.
  What I did was to log out "oracle" , log in as root, ran the scripts, then log in as "oracle" again, rerun the oracle installation, and now it says
  it cannot continue installation because there is already an installation in the same direcrtory and asks me to choose a different location.
  I will have then to delete all files under the /u01/app/oracle or uninstall the software completely with some oracle utility, I don't know.
  Anyway I first have to solve the problem of the system not accepting my login as root in the terminal window, what am I doing wrong ??

  My comments:
  1) su does not standard for "super user". Su stands for switch user, substitute user, etc. http://en.wikipedia.org/wiki/Su_(Unix)
  I agree, sudo is a better way to go than su. sudo is more secure and allows the OS administrator to grant the minimal privileges required. As well, knowing the root password is not required. Configuring sudo can be a bit complicated however and requires an experienced OS administrator to do so correctly and safely.
  2) To remove your Oracle installation from UNIX:
  cd <directory where dbms is installed>
  rm -Rf *
  3) Your OS configuration may have restrictions that prevent you from opening a session as root. You should get your OS administrator to assist you. Or are YOU the OS administrator? : )
  4) The purpose of logging in as root to complete the dbms installation - certain files in the dbms installation have to be owned as root. As well, a few files are required in /etc, and only root can write to that directory. You must run the required scripts as root, or your dbms installation will be incomplete.
  Scot

• In Yosemite, I can;t operate for more than a few minutes with Keychain or Safari asking for my login password.  How can I turn this off, and still be safe?

  Using Yosemite, I an't seem to work for more than a few minutes without being asked for my login password.  Keychain wants it, Safari wants it, iCloud wants it..the list goes on.  Then in 10 minutes or so, they all want it again.  Passwords are being stored by Safari as usual, but new tabs or pages bring up the request.  How can I turn this off and still have protection?

  Tutorial: Resolving Keychain Issues
  If you can't access your keychain, or forget your password If you can't get into your keychain file because you've forgotten your password or the keychain file appears to be corrupt, there are a couple of options.
  First, if you've forgotten your password, you can use the "Keychain First Aid" utility to make the keychain password the same as the login password. This can be accomplished via the following process:
    1. Open Keychain Access (located in Applications/Utilities)
    2. Go to the "Keychain Access" menu and select "Preferences"
    3. Click the "First Aid" tab
    4. Make sure the "Synchronize login keychain password" box is checked
    5. Close the Preferences window
    6. Go to the "Keychain Access" menu and select "Keychain First Aid"
    7. Enter your username and password
    8. Click the "Repair" button
  The second option is to completely delete your keychain then recreate it. This routine is useful if your keychain appears to be corrupt or otherwise inaccessible. This can be accomplished as follows:
    1. Launch Keychain Access (located in Applications/Utilities)
    2. Click "Show Keychains" in the lower-left corner of the window.
    3. Select the problematic keychain from the left-hand pane.
    4. Navigate to the "File" menu and select "Delete Keychain '(name of keychain)'"
    5. Check all options for deletion and press "OK"
    6. Create a new keychain by going to the "File" menu, then "New" and selecting
        "New Keychain"
    7. You can now make this keychain your default if you desire by selecting it, then
        going to the "File" menu and selecting "Make '(name of keychain)' Default"
  Login as root and perform repair In some cases, problems with keychains can only be resolved when logged in as the root user.
  First, you want to enable the root user:
    1. OS X Mountain Lion: Enable and disable the root user
    2. OS X Lion: Enable and disable the root user
    3. Mac OS X 10.6: Enabling the root user
    4. Enabling and using the "root" user in Mac OS X
  After enabling the root user, and logging in under this account, again open Keychain Access. First attempt repairs using Keychain First Aid, and failing that, delete then recreate the keychain as described above while logged in as root.
  Persistently asked for stored passwords If you are persistently asked for passwords in various applications that you have specified should be remembered in a keychain, your "login" keychain may not be active for one reason or another.
  Navigate to ~/Library/Keychains/ (this is the Library folder inside your user's home folder). Find the file named "login.keychain" and double-click it.
  Failing that, select the "login" keychain within the Keychain Access application and make sure it is the default keychain by going to the "File" menu and selecting "Make 'Login' Default"
  Turn off Keychain synchronization in applications having problems If specific applications are experiencing issues when accessing password-protected material, the Keychain may be to blame.
  The above comes from an article published on MacFixit.com.

• Can't create a folder without being asked for a login password.

  I'm running 10.9.5 on an iMac. When I try to create a folder I'm asked for my login password. When I try to move a file into the folder I'm asked again for my login password. This is very annoying. My other Mac running 10.4.8 doesn't do this.

  You may need to rebuild permissions on your user account. To do this,boot to your Recovery partition (holding down the Command and R keys while booting) and open Terminal from the Utilities menu. In Terminal, type:  ‘resetpassword’ (without the ’s), hit return, and select the admin user. You are not going to reset your password. Click on the icon for your Macs hard drive at the top. From the drop down below it select the user account which is having issues. At the bottom of the window, you'll see an area labeled Restore Home Directory Permissions and ACLs. Click the reset button there. The process takes a few minutes. When complete, restart.   
  Repair User Permissions

• Root login

  Hello all,
  I've a problem with root login password in Solaris.
  After I installed a patch the root password became empty, so to login as root I don't have to type any password, just username: root.
  I've tried the passwd command but it still doesn't work, it asks for password when I type su but still automatically logs in with root username and don't ask the password ...
  Does anyone knows how can I solve this?
  Thanks!!!

  Have you check the /etc/passwd and /etc/shadow file status. try running pwconv command and try set a password

• The connection was denied because the user account is not authorized for remote login

  Using Terminal Server 2008 not able to get non administrator users to login to the remote desktop. Have tried from Windows server 2008 and from Windows servers 2003. Get error login in "The connection was denied because the user account is not authorized for remote login" from Windows Server 2008. Error "The requested session access is denied" from Windows Server 2000.

  Is that seriously the only way to do this? Doesn't this render the "Allow log on through Terminal Services" GP Setting useless?
  I would like to know this answer, as well.  I have created a new AD group for my assistant admins called "Domain Admins (limited)".  I have added this group to the GP setting "Allow log on through Terminal Services", but the
  assistant admins cannot log in through RDP.  It 'feels like' this is all I would need to do.
  Craig
  Found some good info
  here. There are really two things required for a user to connect to a server via RDP. You can configure one of them via Group Policy but not the other.
  1) Allow log on through Terminal Services can be configured through Group Policy, no problem.
  2) Permissions on the RDP-listener must also be granted.  If your user is a member of the local Administrators group or the local Remote Desktop Users group then this is handled.  If you are trying to utilize a new, custom group (as I am),
  then there isn't a way to do this via group policy (that I have found).
  EDIT: Found the answer.  I am creating a blog post to outline the steps.  They aren't hard, but they're not self-explanatory.  It deals with the Restricted Groups mentioned above, but it's still automate-able using Group Policy so that you
  don't have to touch each computer.  I think the above poster (Andrey Ganev) got it right, but
  I had trouble deciphering his instructions.
  Here is my blog post that walks through this entire process, step-by-step.

• [SOLVED]Where is the place to set program path for root in arch?

  The situation is that I use qingy (set up according to wiki) as login manager and kde as desktop. When I use tty6 (agetty) to login (how comes that I cannot login as root, have to login as user and then su) /usr/sbin is in the path for root, but in kde when I su in konsole it is not. That caused me some headache with the latest kernel upgrade, since in kde the kernel will not upgrade properly, I have to do it on tty6. what is the proper way to set paths in arch? I looked at /root/.bashrc and that is almost empty. What obvious things am I missing? Has qingy to do with that problems? Any docs on that for arch? Besides firefox doesn't see any installed plugins, opera does. Plain Centrino laptop here.
  Thanks, signor_rossi
  Last edited by signor_rossi (2007-08-24 15:12:31)

  Thanks for the answers. Investigated a little more and it seems it is really qingy what messes things up. Deactivated it and used "startxfce4" to start xfce and "startx" with "exec startkde" in my  .xinitrc to start kde (once I figured out that in Arch "startkde" on command prompt alone does not work ) and voila, the path weirdness is gone in both DEs. Will look again into qingy when I have more time, since it is really nice when using different X setups (laptop on the go or laptop on docking with second display), like the eye candy. I guess I will stick to console now and simply use bash aliases for that purpose.
  Thanks, signor_rossi.

• Disable SSH root login in RAC system

  Hi Alll,
  We have a oracle 11.2.7 RAC in Linux. As statement, SA will disable ssh root log and Nagios will monitor each nodes in RAC system.
  As I know, Nagios only apply DH key for SSH. But Oracle RAC apply two type of SSH key for ssh_equivelancy in Oracle CRS.
  Dees any experts have experience for oracle RAC and database when disable root SSH log in Linux system?
  Thanks very much!
  JIn

  Security is not based on the number of keys one needs - but on the quality of the locks.Partially agree. But just like in real world one lock is not enough even superb. Why cars have imobilisers, defendlocks etc.? Why there is fence in front of some shop's door? It's very common to have two locks on front door. It's much harder (at least it takes much time) to break two locks than break just one. And the time matters. Back to IT security. Disabled root account is one of best practices and is reasonable because you can't 100% assure that your administrator is using strong password everytime. He might just forgot to change password after installation. He might set weak password just for "temporary" reason. You can of course force the password complexity but of course one you have the system installed.
  So can passwords. Deep packet inspection can occur unknowingly. Perhaps we still talking about SSH, don't we?
  The user may be targeted using social engineering, instead of targeting the actual computer system.It's much harder to get two passwords than just one even by using social engineering.
  The question is whether such a server is exposed to an unsecured or public network. And one would manage the risks differently on such a server than one for example in a private network, protected by a reverse proxy in the DMZ, that in turn provides access from a public network.OK, so we've got another locks here ;-)
  So if that user is compromised, so can root as that user can gain root access. I do not see this as better security. It is merely obfuscating security.Which user acccount? Do you know name of that account? Because I know the name of your's. ;-) So you need to find correct account name, get password for that account and also get the password for root account whilst I need to get password for root account only.
  Yes, partially agree with "obfuscation security" term. But in fact this is not for first time when obfuscation is used in security and neither for last time.
  But you can't consider "PermitRootLogin no" and "wheel" group as an obfuscation.
  Using encryption keys (public & private) is one answer to having to share and keep secrets. No, this is also not 100% safe, but I prefer it over having to know, remember and on occasion, share secrets (passwords).How well is your local machine secured? Are you using strong password? Do have all accounts strong password on your local machine? Is your local machine up to date for known sec. bugs (I don't mean zero days)? Is your local machine in separated VLAN or anybody from LAN can access your machine? Because if there are at least two "No" answers then how much time it will take for some skilled part-time worker (in your company) to break into your computer, steal the keys or even worse use your local machine to access the server?
  Don't get me wrong. I am not against encryption keys. Of course I am using it but in combination with other security restrictions which come from "best practices". And to disable direct root access is one of those practices. Even NSA (and other security institutions) suggest to do that (see page #37): www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf Also security auditors check for disabled direct access to privileged accounts.
  I understand this as good enough proof that disabling of direct access to privileged accounts rises security.
  Another good reason is right here:
  Install
  In other words, if any user has possibility to login as root, he uses "root" as default account which is another well known bad practice.

• Shaman doesn't ask for root password. But gets root privileges!!

  As the title says:
  Shaman is launched as a reguler user, never asks for root password, but still i able to install and uninstall packages.
  Either something in my system is seriously fucked, or there is a major securiy problem with shaman.
  Running openbox, installed shaman while running gnome, if that has anythiung to say. Sudo is not installed.
  Output from running shaman in terminal:
  [gert@flyktig ~]$ shaman
  This process is currently running setuid or setgid.
  GTK+ does not allow this therefore Qt cannot use the GTK+ integration.
  Try launching your app using 'gksudo', 'kdesudo' or a similar tool.
  See http://www.gtk.org/setuid.html for more information.
  Translations are enabled.
  Loading translations from "/usr/share/shaman/translations/"
  Parsing "core"
  Parser exited
  Parsing "extra"
  Parser exited
  Parsing "community"
  Parser exited
  Parser exited
  Log File should be: ""
  "core" ---> "http://mirror.archlinux.no/core/os/i686"
  "extra" ---> "http://mirror.archlinux.no/extra/os/i686"
  "community" ---> "http://mirror.archlinux.no/community/os/i686"
  Root privileges retired.
  "/home/gert/.config/shaman/shaman.conf"
  >>
  >> Shaman 1.0.9
  >> Compiled against Qt 4.4.1
  >> Running with Qt 4.4.3
  >>
  >> Our website is @ http://shaman.iskrembilen.com/ , join in!!
  >> You can also find a bugtracker in the website, please use it.
  >>
  >> Have you found a bug? Help us solving it faster! Please read
  >> http://shaman.iskrembilen.com/trac/wiki/Debugging_Shaman
  >> and please follow these steps to report bugs effectively!
  >>
  >> Starting Up Shaman...
  User agent is: "shaman/1.0.9 (Linux i686) libalpm/3.1.1"
  Shaman registered on the System Bus as ":1.51"
  Service org.archlinux.shaman successfully exported on the System Bus.
  --> UNSETENV HTTP_PROXY
  --> UNSETENV FTP_PROXY
  Populating Repo column
  Log file is: /var/log/pacman.log
  refinePkgView
  The left TextBox is over, let's do the ComboBox
  Show all packages
  Remove Package
  "Uninstall package: alunn"
  "alunn"
  "community"
  Process Queue
  Queue Dialog started
  Queue signals connected
  Starting Package Removal
  Root Privileges granted.
  Uid is: 1000
  Received Event Callback
  Alpm Thread Waiting.
  Entering Queue Lock
  Releasing Queue Lock
  Alpm Thread awake.
  Received Event Callback
  Alpm Thread Waiting.
  Entering Queue Lock
  Releasing Queue Lock
  Alpm Thread awake.
  Received Event Callback
  Alpm Thread Waiting.
  Entering Queue Lock
  No scriptlet for package alunn
  Releasing Queue Lock
  Alpm Thread awake.
  Received Event Callback
  Alpm Thread Waiting.
  Entering Queue Lock
  No scriptlet for package alunn
  Releasing Queue Lock
  Alpm Thread awake.
  /sbin/ldconfig: Can't create temporary cache file /etc/ld.so.cache~: Ikke tilgang
  Root privileges retired.
  Transaction Completed Successfully
  refinePkgView
  refinePkgView
  The left TextBox is over, let's do the ComboBox
  Show all packages
  [gert@flyktig ~]$

  The point of this thread was that you don't need to enter the root password at all. Not the first time, not ever.
  As far as I understand, it is supposed to work like this: When you first use shaman too install anything, it asks for the root password You can tick a "Do not ask me again"-box, so you don't have to enter the password again. If you tick the box and enter the password, shaman add the lines
  [auth]
  askforpwd=false
  to the users shaman.conf-file (~./config/shaman/shaman.conf) The next time shaman is run, it checks the config file, and if the askforpwd value is set to false, it grants itself root privileges (with some nifty setuuid root-thingy, I imagine) This is not the problem - this is the feature.
  The bug is this:
  the fact that any user can add the lines
  [auth]
  askforpwd=false
  to his own shaman.conf file, without ever entering the root password in shaman. The next time shaman is run, it checks the config file, and if the askforpwd value is set to false, it grants itself root privileges - even though the user has never entered the root password.
  This works for any unprivileged user on the system.
  If that is indeed a feature intended by any sane person, then I'm Mother Mary. And that can't be, seeing as I don't have breasts.

• Java for root only?

  i installed java and i'm running one java chat. it works fine. the problem is that java is available for root user only. when i login as a normal user I get java: command not found.
  [root@ainars /root]# which java
  /usr/java/j2re1.4.0/bin/java
  [root@xxx ok]# java -version
  java version "1.4.0"
  Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-b92)
  Java HotSpot(TM) Client VM (build 1.4.0-b92, mixed mode)
  [ainars@ainars ainars]$ java -version
  bash: java: command not found
  Does anyone know hot to enable java for users so that they can install chats and other things in their directories?
  I use Ensim software on my server and it runs a chroot'd enviroment for shell users.

  (1)
  Try as the non-root user to see whether you have execute permission:
  /usr/java/j2re1.4.0/bin/java -version
  Confer also:
  ls -l /usr/java/j2re1.4.0/bin/java
  (2)
  Set your PATH to include /usr/java/j2re1.4.0/
  E.G.
  put this to the end of your .profile
  PATH=$PATH:/usr/java/j2re1.4.0/bin

• Keychain not updated for Remote Login

  Since installing Lion on both machines: When I connect to my G5 Powermac from my MBAir, I use the Keychain to remember my password. This feature worked in previous OS Versions by selecting  the 'Remember' Option in the dialogue (meaning you would only see the following dialogue when your password changed on the destionation machine).
  With Lion, the Password onthe Keychain is not updated when the flag is set. As a result, when I select the destination machine from the Finder, I always have to wait for 'Not Connected' message (while the process tries to log in with my old password). Then, I have to 'Connect As. ..." and enter my current password (every rassafrassin' time).
  Can someone please patch this thing.
  Thanks,
  g

  I'm having some trouble with an RD server Win 2008 on a domain. I have a group called domain\authorizedpeople that I would like to enable remote access for. I added this group to the gpo: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Allow log on through Terminal Services. I also added this group to server manager > configure remote desktop on the server itself, and I added this group to the remote desktop users' group on the server for good measure.
  When I try to log on using an account in that group, I get "The connection was denied because the user account is not authorized for remote login". However when I go to server manager > configure remote desktop and add that specific user, it works fine.
  Is there a reasonable explanation for this? I really don't want to have to add...
  This topic first appeared in the Spiceworks Community

• Enable ftp root login on S11

  Hi ,
  I am testing ftp on a quite recent version of S11: S11u11 update1
  #Last login: Thu Mar 1 15:22:29 2012 from qlogic-47fezfvt
  Oracle Corporation SunOS 5.11 11.1 January 2012
  I am wondering why the ftp root login remains disabled, even after I removed "root" from /etc/ftpd/ftpusers and reboot?
  Mar 1 15:48:43 galilei proftpd[2294]: galilei (::ffff:172.27.1.112[::ffff:172.27.1.112]) - SECURITY VIOLATION: root login attempted.
  Any idea how to allow ftp root login?
  Tom

  Hi Tom,
  I haven't checked the docs for all the steps to enable ftp,
  but I see this output on my s11 system:
  # svcs -a | grep ftp
  disabled Feb_17 svc:/network/ftp:default
  disabled Feb_17 svc:/network/tftp/udp6:default
  Have you enabled the service?
  Thanks,
  Cindy