[CentOS] Authentication Problems

Wed Feb 16 14:50:28 UTC 2011
Jeff <jlar310 at gmail.com>

On Wed, Feb 16, 2011 at 6:28 AM, James Bensley <jwbensley at gmail.com> wrote:
> Hi List,
>
> We have a CentOS VPS running a web site in a DC far away. The chap that
> dev's this site told me he couldn't SFTP in yesterday, his password was
> being rejected (I went to his desk to confirm and saw it was telling him the
> password was incorrect but neither him nor me had changed it and we are the
> only two with access to this VPS). So I logged in as root and reset his
> password, be he still couldn't log in (same problem, claiming the password
> was wrong).
>
> [root at server ~]# passwd webdevuser
> Changing password for user webdevuser.
> New UNIX password:
> Retype new UNIX password:
> passwd: all authentication tokens updates successfully.
>
> I tried to SSH in as the web dev user and it wouldn't let me in. Returning
> back to my root console window;
>
> [root at server ~]# su - webdevuser
> [webdevuser at server ~]# passwd
> Changing password for user webdevuser.
> Changing password for webdevuser.
> (current) UNIX password:
> passwd: Authentication token manipulation error
>
> Firstly; I am stracthing my head as to why his password was no longer
> working in the first place?
>
> Secondly; Why I can't reset it?
>
> Googling around many people suggest there is a discrepancy between the
> /etc/passwd and /etc/shadow files and by deleting /etc/shadow and using
> pwconv to recreate shadow and the same for /etc/groups, deleting gshadow
> recreating it with grpconv will solve the problem but I still can't login as
> the web dev user.
>
> Any ideas anyone?

What does /etc/nsswitch.conf look like? Anything other than "files"
for passwd, shadow and group? If that's OK, I would start comparing
files in /etc/pam.d to a known-good system.

--
Jeff