su not working when non-root (authentification failure)
Some UNIX:es requires you to be member of the wheel group to be able to switch user.
from wikipedia article:
Some Unix-like systems have a wheel group of users, and only allow these users
to su to root.[1]
This may or may not mitigate these security concerns, since an intruder might
first simply break into one of those accounts.
Check weather your otheruser are a member, and maybe compare id userone with id usertwo and see if maybe userone is a member of groups which usertwo are not, granting extra privileges.
Related videos on Youtube
00 : 06
01 : 54
02 : 52
00 : 51
02 : 12
Suzanne Soy
Updated on September 18, 2022Comments
-
Suzanne Soy over 1 year
On a VPS I own (hosted at bluevm.com), I have three users:
userone, with passwordfoo, and sudo rights.usertwo, with passwordbar, without sudo rights.root, with now password (deleted withpasswd -d)
I can't use
suwhen non-root to swicth fromuseronetousertwoand vice-versa, although I'm sure the password is OK since I use it to connect via ssh, and the keyboard layout seems to be OK. Also, thepasswdcommand does not seem to work.When connecting as userone
sshto connect works:$ ssh [email protected] [email protected]'s password: foo Last login: blah blahsu otheruserdoes not work:$ su usertwo Password: bar su: Authentication failureself-
sudoes not work:$ su userone Password: foo su: Authentication failuressh otheruser@localhostworks:ssh usertwo@localhost usertwo@localhost's password: Last login: blah blah $ who am i usertwo blah blah $ exitpasswddoes not work:$ passwd Changing password for userone. (current) UNIX password: foo passwd: Authentication token manipulation error passwd: password unchangedsudoworks, and when rootsu otheruserworks:$ sudo -i [sudo] password for userone: foo # su usertwo $ who am i usertwo blah blah $ exit $ exitWhen connecting as usertwo
sshto connect works:$ ssh [email protected] [email protected]'s password: bar Last login: blah blahsu otheruserdoes not work:$ su userone Password: foo su: Authentication failureself-
sudoes not work:$ su usertwo Password: bar su: Authentication failurepasswddoes not work:$ passwd Changing password for usertwo. (current) UNIX password: bar passwd: Authentication token manipulation error passwd: password unchanged-
circle almost 11 yearsDoes /var/log/auth.log get any additional info about the su authentication failure?
-
ganesh almost 11 yearsYou can use
sudo su - newuser -
Suzanne Soy almost 11 years@Hennes No, not when I'm logged in as usertwo, which does not have sudo rights.
-
Suzanne Soy almost 11 yearsInteresting insight. I tried adding both users to the same list of groups, but without success (also, I can't
sufromuseronetouseroneitself). The system does not have awheelgroup (it is aDebian GNU/Linux 6.0.7 (squeeze)system), but I'll try to investigate that idea further.
