Chapter 14. Login Problems


User login attempts can fail for many reasons. The account could have been removed or the password changed. Linux provides password aging to force users to change their passwords regularly. A password can have a maximum age after which the account is locked. If a user notifies you that his login attempts fail, the first thing to check is whether he is permitted to log in.

Linux does not provide a meaningful explanation for why logins fail. This is part of good security because few hints are given to would-be intruders. It does make troubleshooting more complex, however. This chapter explains the commands needed to troubleshoot login failures and explains the authentication components. If you follow the steps explained in this chapter, you should be able to understand and correct login failures.

We separate this chapter into the following topics:

  • /etc/passwd,/etc/shadow, and password aging We explain the structure of /etc/passwd and /etc/shadow. We demonstrate how to look at and modify the password aging information in accounts. This is important because a login attempt can fail because of the password aging settings for the account.

  • Login failures due to Linux configuration Some examples include when the login is disabled because system maintenance is being performed and root login is refused because it is attempted from somewhere other than the console.

  • Pluggable Authentication Modules (PAM) configuration PAM provides a configurable set of authentication rules that is shared by applications such as login, KDE, SSH, and so on.

  • Shell problems If a user logs in but does not get the shell prompt or the application doesn't start, there may be a problem with the shell configuration. We discuss some common shell issues.

  • Password problems Finally, we provide a short program to validate user passwords.



Linux Troubleshooting for System Administrators and Power Users
Real World Mac Maintenance and Backups
ISBN: 131855158
EAN: 2147483647
Year: 2004
Pages: 129
Authors: Joe Kissell

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net