[CentOS] Authentication Problems

Wed Feb 16 14:52:58 UTC 2011
James Bensley <jwbensley at gmail.com>

On 16 February 2011 14:34, ... wrote:
> yes, that is what doing an "su - <user>" as *root* will do, which
> doesn't tell you much. instead of doing this from a root login, do
> it from a regular account (you don't routinely log in as root i hope
> - actually it sounds like you do).
>
> if this works, then the issue isn't with the password or shell.

No other user is allowed to execute /bin/su :)

(This is something the VPS providers have put in place, apart from
root, all other users for each virtual site have their shell set to
/usr/local/cpanel/bin/jailshell or /usr/local/cpanel/bin/noshell)

> by the way, it doesn't sound like the accounts on this machine are
> set up very well. you should *never* log in as root (that capability
> should be disabled actually). rather you should log in to a regular,
> unprivileged, account and su (or sudo) to root only when you need to
> do something privileged and only for that moment. your developer's
> access sounds rather odd too, with the seeming lack of separation
> between the login and the site content.

Its not my server so those aren't my decisions to make. I don't
normally allow root ssh, I would have probably installed fail2ban, set
up SELinux blah blah blah and many other things but this isn't my VPS,
I've just been tasked with it so this is the way it is! :s

-- 
James.

http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?