Unable to sudo

[pschaff]

So, did you verify that you can log in as a user, with the password set, using the password, on one of the securetty devices? Can you then, without changing anything else, use sudo?

It would be best to get things working first, before all the security changes, then make incremental changes and test.

[prince_mallow]

[quote]
pschaff wrote:
So, did you verify that you can log in as a user, with the password set, using the password, on one of the securetty devices? Can you then, without changing anything else, use sudo?

It would be best to get things working first, before all the security changes, then make incremental changes and test.[/quote]

Yes I logged in as a user with the password set and using the password.
As to the securetty devices, I use ssh/putty and I have the tty/1 enabled only and I can log into that with a password no problem.
But I am still unable to sudo

(This is a Virtual Private Server btw, so I guess I don't have strait access to the console)

I've never been able to sudo with this user even before I set the security measures, I just don't know which setting needs to be modified in order to let him in. I am willing to make a completely new user if it would make things easier to analyze and see where things are going wrong..

[pschaff]

Creating another new user might be worth a try. I am unable to see where you are going wrong. Putting an entry in /etc/sudoers like [code]pschaff ALL=(ALL) ALL[/code]with visudo works for me. Doesn't matter if it is a local login or via ssh with a key, as long as I give the correct user password when prompted by sudo.

Since you belatedly mention a VPS - are you sure it is true CentOS? Have you read the following?
[url=http://wiki.centos.org/AdditionalResources/OtherVoices]Other Voices[/url]
[url=http://wiki.centos.org/TipsAndTricks/BrokenSpins]When CentOS Is Not CentOS[/url]
[url=http://wiki.centos.org/TipsAndTricks/BrokenVserver]Broken Virtual Server[/url]

Please read [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=25128&forum=47]How to provide information about your system[/url] and show the results of [b]./getinfo.sh package[/b].

[prince_mallow]

is this the best way to make a new user?

[quote]
1. ssh to your server as root
2. Create a user: /usr/sbin/useradd user
3. Expire ther user immediately: /usr/bin/chage -d 0 user
4. Set blank password: /usr/sbin/usermod -p "" user
5. If you want to set the user's password:

* su user
* passwd
[/quote]

[gerald_clark]

As root:
passwd user

[pschaff]

Agree. So that makes the abbreviated procedure:

[code]
1. ssh to your server as root
2. create a user: /usr/sbin/useradd user
3. passwd user[/code]

[prince_mallow]

Oh sorry I didn't see those links before
Alas I do not have a real Centos
[quote]
uname -r
2.6.18-028stab064.7
[/quote]
[quote]If your kernel version looks likes this 2.6.18-92.1.13.el5.028stab059.6 you have custom-made kernel, usually from a virtualization project. This is not a standard CentOS kernel, so you are not running a real CentOS.[/quote]
The rpm -qv & -av return results

Oh here we go, It's the Parallels Virtualization One...

[quote]
root@xxxxx [~/support]# less /tmp/basedata.X16208
== BEGIN uname -rmi ==
2.6.18-028stab064.7 i686 i386
== END uname -rmi ==

== BEGIN rpm -q centos-release ==
centos-release-4-8
== END rpm -q centos-release ==

== BEGIN getenforce ==
Disabled
== END getenforce ==
[/quote]

----------------------------------------------------


here's what I did
/usr/sbin/useradd userx
passwd userx

visudo
Under where it says "root ALL=(ALL) ALL"
userx ALL=(ALL) ALL

root@server # su userx
{it doesn't ask for a password}

userx@server # su root
Bash: /bin/su: Permission denied


userx@server [/root]# sudo root
Password: (userx pass)
Sorry, try again.
Password: (userx pass)
Sorry, try again.
Password: (userx pass)
Sorry, try again.
sudo: 3 incorrect password attempts

scratching my head in frustration

[pschaff]

[quote]
prince_mallow wrote:
...
root@server # su userx
{it doesn't ask for a password}
...
scratching my head in frustration[/quote]
Me too. Grasping at straws, but what happens if instead of "su userx" as root you do[code]ssh userx@server

OR

ssh userx@localhost[/code]
Log in with the password, and if that works, then try sudo. If it doesn't work, then the problem is with basic authentication and not related directly to sudo.

[prince_mallow]

Well this is weird

root@server [~]# ssh userx@server
Password:
Password:
Password:
userx@server's password:
Permission denied, please try again.
userx@server's password:
Received disconnect from xx.xxx.xxx.xxx: 2: Too many authentication failures for userx


What does this mean?

[prince_mallow]

Modified /etc/ssh/sshd_config

added to Allow users the userx

This allowed me to log in via ssh as userx via

ssh userx@server

but sudo root returns the same
sorry, try again
3 incorrect password attempts