su not working when non-root (authentification failure)
Some UNIX:es requires you to be member of the wheel
group to be able to switch user.
from wikipedia article:
Some Unix-like systems have a wheel group of users, and only allow these users
to su to root.[1]
This may or may not mitigate these security concerns, since an intruder might
first simply break into one of those accounts.
Check weather your otheruser
are a member, and maybe compare id userone
with id usertwo
and see if maybe userone is a member of groups which usertwo are not, granting extra privileges.
Related videos on Youtube
Suzanne Soy
Updated on September 18, 2022Comments
-
Suzanne Soy over 1 year
On a VPS I own (hosted at bluevm.com), I have three users:
userone
, with passwordfoo
, and sudo rights.usertwo
, with passwordbar
, without sudo rights.root
, with now password (deleted withpasswd -d
)
I can't use
su
when non-root to swicth fromuserone
tousertwo
and vice-versa, although I'm sure the password is OK since I use it to connect via ssh, and the keyboard layout seems to be OK. Also, thepasswd
command does not seem to work.When connecting as userone
ssh
to connect works:$ ssh [email protected] [email protected]'s password: foo Last login: blah blah
su otheruser
does not work:$ su usertwo Password: bar su: Authentication failure
self-
su
does not work:$ su userone Password: foo su: Authentication failure
ssh otheruser@localhost
works:ssh usertwo@localhost usertwo@localhost's password: Last login: blah blah $ who am i usertwo blah blah $ exit
passwd
does not work:$ passwd Changing password for userone. (current) UNIX password: foo passwd: Authentication token manipulation error passwd: password unchanged
sudo
works, and when rootsu otheruser
works:$ sudo -i [sudo] password for userone: foo # su usertwo $ who am i usertwo blah blah $ exit $ exit
When connecting as usertwo
ssh
to connect works:$ ssh [email protected] [email protected]'s password: bar Last login: blah blah
su otheruser
does not work:$ su userone Password: foo su: Authentication failure
self-
su
does not work:$ su usertwo Password: bar su: Authentication failure
passwd
does not work:$ passwd Changing password for usertwo. (current) UNIX password: bar passwd: Authentication token manipulation error passwd: password unchanged
-
circle almost 11 yearsDoes /var/log/auth.log get any additional info about the su authentication failure?
-
ganesh almost 11 yearsYou can use
sudo su - newuser
-
Suzanne Soy almost 11 years@Hennes No, not when I'm logged in as usertwo, which does not have sudo rights.
-
Suzanne Soy almost 11 yearsInteresting insight. I tried adding both users to the same list of groups, but without success (also, I can't
su
fromuserone
touserone
itself). The system does not have awheel
group (it is aDebian GNU/Linux 6.0.7 (squeeze)
system), but I'll try to investigate that idea further.