Page 1 of 4 123 ... LastLast
Results 1 to 10 of 36

Thread: Unable to access Yast

  1. #1

    Default Unable to access Yast

    I am not sure if this is the right place for this thread, I apologise if I've got it wrong. I am a very fresh Opensuse convert (just installed it today) and trying to protect myself from a hacker inside my building complex, please be kind

    So, I have just moved from a very buggy Vista Home Basic system after having myriad issues with internet speeds and especially after most of my social media accounts had their passwords changed. (I know, I know, they are not related but please bear with me). After my passwords were changed it sent me on a wild hunt to secure my system and network. Initially I wanted to have a dual-boot system (Vista and openSUSE) so I could ease into the transition but it was next to impossible to stabilize the system, anything I would download to install would be damaged or corrupted. Even the ISO files for the distro were damaged and I had to ask a friend to make the LiveUSB.

    So as of now the system is running openSUSE 13.1. As soon as I installed it and after I updated the packages through Install/Remove software, I wanted to secure my machine. I also ran Yast a few other times when I was going through different articles, so I know that it was working. But, all of a sudden now it is inaccessible.

    I am using Gnome desktop. When I search for it, I can see it, but clicking on it brings me back to the browser window. Trying to access it from the terminal, and I paste the output here:

    zen@linux-3g7l:~> yast
    Absolute path to 'yast' is '/sbin/yast', so running it may require superuser privileges (eg. root).
    zen@linux-3g7l:~> sudo yast
    sudo: effective uid is not 0, is sudo installed setuid root?

    I searched around for why I would be locked out of sudo (if that's the right way to put it), and I found that you might need the output of the following command to help:

    zen@linux-3g7l:~> mount | grep '/'
    devtmpfs on /dev type devtmpfs (rw,relatime,size=1537720k,nr_inodes=210371,mode=755)
    tmpfs on /dev/shm type tmpfs (rw,relatime)
    tmpfs on /run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
    /dev/mapper/system-root on / type btrfs (rw,relatime,space_cache)
    proc on /proc type proc (rw,relatime)
    sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
    securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
    tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,mode=755)
    cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
    pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
    cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
    cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
    cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
    cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
    cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
    cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
    cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
    cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
    cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
    systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=29,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
    hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)
    mqueue on /dev/mqueue type mqueue (rw,relatime)
    debugfs on /sys/kernel/debug type debugfs (rw,relatime)
    tmpfs on /var/run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    tmpfs on /var/lock type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    /dev/mapper/system-home on /home type btrfs (rw,relatime,space_cache)
    /dev/sda1 on /usr/local type ext4 (rw,relatime,data=ordered)
    /dev/sda2 on /boot type ext4 (rw,relatime,data=ordered)
    vmware-vmblock on /var/run/vmblock-fuse type fuse.vmware-vmblock (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    vmware-vmblock on /run/vmblock-fuse type fuse.vmware-vmblock (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
    gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    gvfsd-fuse on /var/run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)

    I installed nmap and Zenmap so I could monitor the network and look for open ports. The first time I ran nmap, the default telnet port was open, but subsequently it closed (didn't show up on Zenmap on consequent runs, even though I have not done anything to close it).

    I was looking into installing DenyHost to secure the ssh port, and then I was planning to work my way to closing all the extra open ports I could see on Zenmap (which I didn't need, atleast as far as my basic knowledge tells me), when I encountered this problem with Yast.

    My main question to you at this point is, is there anything I can do to secure my system before that hacker gets into it? He seems to be way more knowledgeable and even though I can work my way around, I am not a professional. I tried talking to my friend about it but he thinks I am being paranoid. Nobody believes me.

    Please help, this is slowly driving me to despair.

  2. #2

    Default Re: Unable to access Yast

    Quote Originally Posted by RoadRunner2014 View Post
    I am using Gnome desktop. When I search for it, I can see it, but clicking on it brings me back to the browser window. Trying to access it from the terminal, and I paste the output here:

    zen@linux-3g7l:~> yast
    Absolute path to 'yast' is '/sbin/yast', so running it may require superuser privileges (eg. root).
    zen@linux-3g7l:~> sudo yast
    sudo: effective uid is not 0, is sudo installed setuid root?
    Apparently some file permissions are incorrect.
    What does "ls -l /usr/bin/sudo" say?
    It should be this:
    Code:
    # ls -l /usr/bin/sudo
    -rwsr-xr-x 1 root root 137736 28. Sep 10:45 /usr/bin/sudo
    Does it work to switch to root with running "su"? If not, please log in as root, maybe in text mode if you prefer.
    Run this and post the output if you get any:
    Code:
    chkstat --system
    I installed nmap and Zenmap so I could monitor the network and look for open ports. The first time I ran nmap, the default telnet port was open, but subsequently it closed (didn't show up on Zenmap on consequent runs, even though I have not done anything to close it).
    Nothing is listening on the telnet port on a default installation.

    Just a hint: if you run Zenmap on your local system to check the ports on that same system you might not get accurate results, because you do not even use the network. (you only connect via the loopback interface)
    You would have to do this from a different system to really see which ports are open from the outside.

    I was looking into installing DenyHost to secure the ssh port, and then I was planning to work my way to closing all the extra open ports I could see on Zenmap (which I didn't need, atleast as far as my basic knowledge tells me), when I encountered this problem with Yast.
    On a default installation, the ssh port is not even open in the Firewall, so no need to secure anything.
    That you can still connect from localhost is because you don't go through the Firewall because you don't even use the network, see above.

    If you want to make really sure that nobody can login via ssh, just disable the sshd service in YaST->System->Services Manager.

    My main question to you at this point is, is there anything I can do to secure my system before that hacker gets into it? He seems to be way more knowledgeable and even though I can work my way around, I am not a professional. I tried talking to my friend about it but he thinks I am being paranoid. Nobody believes me.
    Well, IMHO you are really too paranoid.
    How are you connected to the Internet actually? If it's via a router, nobody should be able to access your system from the outside anyway.
    Better take care to not install any malware or similar. But the likelyhood of doing this in Linux is not as big as in Windows.

    PS: Don't follow random guides on the Internet on how to secure your system by changing file permissions. Chances are that vital services don't work anymore, as you already experienced.

  3. #3
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Unable to access Yast

    On 2014-01-20 11:16, RoadRunner2014 wrote:


    > I am using Gnome desktop. When I search for it, I can see it, but
    > clicking on it brings me back to the browser window. Trying to access it
    > from the terminal, and I paste the output here:


    Just a detail. Please use code tags for printouts and commands (the '#'
    button in the forum editor).

    View this post and the next


    It makes it easier for us to read what you post below:

    Code:
    
    > zen@linux-3g7l:~> yast
    > Absolute path to 'yast' is '/sbin/yast', so running it may require
    > superuser privileges (eg. root).
    > zen@linux-3g7l:~> sudo yast
    > sudo: effective uid is not 0, is sudo installed setuid root?

    That's strange.

    You should see this:

    [CODE]
    minas-tirith:~ # l /usr/bin/sudo
    -rwsr-xr-x 1 root root 137736 Sep 28 10:45 /usr/bin/sudo*
    minas-tirith:~ #
    [CODE]
    >
    > I searched around for why I would be locked out of sudo (if that's the
    > right way to put it), and I found that you might need the output of the
    > following command to help:
    >


    Code:
    
    > zen@linux-3g7l:~> mount | grep '/'
    > devtmpfs on /dev type devtmpfs (rw,relatime,size=1537720k,nr_inodes=210371,mode=755)
    > tmpfs on /dev/shm type tmpfs (rw,relatime)
    > tmpfs on /run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
    > /dev/mapper/system-root on / type btrfs (rw,relatime,space_cache)
    > proc on /proc type proc (rw,relatime)
    > sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
    > securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
    > tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,mode=755)
    > cgroup  on /sys/fs/cgroup/systemd type cgroup  (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
    > pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
    > cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
    > cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
    > cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
    > cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
    > cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
    > cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
    > cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
    > cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
    > cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
    > systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=29,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
    > hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)
    > mqueue on /dev/mqueue type mqueue (rw,relatime)
    > debugfs on /sys/kernel/debug type debugfs (rw,relatime)
    > tmpfs on /var/run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > tmpfs on /var/lock type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > /dev/mapper/system-home on /home type btrfs (rw,relatime,space_cache)
    > /dev/sda1 on /usr/local type ext4 (rw,relatime,data=ordered)
    > /dev/sda2 on /boot type ext4 (rw,relatime,data=ordered)
    > vmware-vmblock  on /var/run/vmblock-fuse type fuse.vmware-vmblock  (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    > vmware-vmblock  on /run/vmblock-fuse type fuse.vmware-vmblock  (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    > fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
    > gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    > gvfsd-fuse on /var/run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    The only thing strange is that you apparently created a "/usr/local". It
    is something atypical for a Linux novice, but it is not wrong. I also
    have that partition.

    You apparently also have installed vmware, but that makes sense if you
    intend to use your old Windows that way.

    Your home might be encrypted. Not sure.


    Did you do all that yourself?


    > I installed nmap and Zenmap so I could monitor the network and look for
    > open ports. The first time I ran nmap, the default telnet port was
    > open, but subsequently it closed (didn't show up on Zenmap on
    > consequent runs, even though I have not done anything to close it).


    You should not even have the telnet daemon installed. The telnet client,
    yes, maybe, but the daemon (server) certainly not.

    sshd yes - if you have more computers, or if your friend does remote
    maintenance on your machine.


    > I was looking into installing DenyHost to secure the ssh port, and then
    > I was planning to work my way to closing all the extra open ports I
    > could see on Zenmap (which I didn't need, atleast as far as my basic
    > knowledge tells me), when I encountered this problem with Yast.


    Just make sure that the firewall is up and secured, that closes
    everything you don't explicitly open.


    > My main question to you at this point is, is there anything I can do to
    > secure my system before that hacker gets into it? He seems to be way
    > more knowledgeable and even though I can work my way around, I am not a
    > professional. I tried talking to my friend about it but he thinks I am
    > being paranoid. Nobody believes me.
    >
    > Please help, this is slowly driving me to despair.


    I can understand.


    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  4. #4

    Post Re: Unable to access Yast

    Quote Originally Posted by wolfi323 View Post
    Apparently some file permissions are incorrect.
    What does "ls -l /usr/bin/sudo" say?
    It should be this:
    Code:
    # ls -l /usr/bin/sudo
    -rwsr-xr-x 1 root root 137736 28. Sep 10:45 /usr/bin/sudo
    This is my output:
    zen@linux-3g7l:~> ls -l /usr/bin/sudo
    -rwxr-xr-x 1 root root 139920 Sep 28 10:21 /usr/bin/sudo


    Quote Originally Posted by wolfi323 View Post
    Does it work to switch to root with running "su"? If not, please log in as root, maybe in text mode if you prefer.
    Run this and post the output if you get any:
    Code:
    chkstat --system
    Trying to log in as root gives me the output so:

    zen@linux-3g7l:~> su
    Password:
    su: Authentication failure

    Quote Originally Posted by wolfi323 View Post
    Nothing is listening on the telnet port on a default installation.
    Why would I not see it when I ran Zenmap next?

    Quote Originally Posted by wolfi323 View Post
    Just a hint: if you run Zenmap on your local system to check the ports on that same system you might not get accurate results, because you do not even use the network. (you only connect via the loopback interface)
    You would have to do this from a different system to really see which ports are open from the outside.

    On a default installation, the ssh port is not even open in the Firewall, so no need to secure anything.
    That you can still connect from localhost is because you don't go through the Firewall because you don't even use the network, see above.
    So Zenmap is actually running on the loopback interface which has no link to the Firewall; for example if Zenmap tells me that an xyz port is open in the TCP protocol, I am not to take it seriously, if I understand it correctly. My next question would be, how would you know a reliable external port-scanner?

    Quote Originally Posted by wolfi323 View Post
    If you want to make really sure that nobody can login via ssh, just disable the sshd service in YaST->System->Services Manager.
    I am going to try that. But I may have messed up the sshd_config file which is causing these issues. I edited the /etc/ssh/sshd_config file after reading such an article; basically I changed all the commands to comments by adding a hash in front of them (which looks like it wasn't such a great idea). I did not realize it would have such a drastic consequence, if that is actually what has happened.

    Quote Originally Posted by wolfi323 View Post
    Well, IMHO you are really too paranoid.
    How are you connected to the Internet actually? If it's via a router, nobody should be able to access your system from the outside anyway.
    Better take care to not install any malware or similar. But the likelyhood of doing this in Linux is not as big as in Windows.
    I am connected via a router, which I have flashed already with dd-wrt software. Yes it was a bad infestation which I did not realize until the passwords were changed.
    My biggest concern is, the person (I feel) I am up against is a sys admin; he would have the requisite tools to break into the router? I am really sorry for this annoying question.

    Quote Originally Posted by wolfi323 View Post
    PS: Don't follow random guides on the Internet on how to secure your system by changing file permissions. Chances are that vital services don't work anymore, as you already experienced.
    You are right, I think I might have done something to mess this up after reading an article. It is a relief though to join in the Forum. I cannot wait to start using my machine once I have rested my doubts

  5. #5

    Default Re: Unable to access Yast

    Thank you for leading the way robin_listas! I have taken note of the Forum decorum and will ensure I follow it.

    Please see my reply to wolfi323, and my reply to you so:

    Quote Originally Posted by robin_listas View Post
    On 2014-01-20 11:16, RoadRunner2014 wrote:


    > I am using Gnome desktop. When I search for it, I can see it, but
    > clicking on it brings me back to the browser window. Trying to access it
    > from the terminal, and I paste the output here:


    Just a detail. Please use code tags for printouts and commands (the '#'
    button in the forum editor).

    View this post and the next


    It makes it easier for us to read what you post below:

    Code:
    
    > zen@linux-3g7l:~> yast
    > Absolute path to 'yast' is '/sbin/yast', so running it may require
    > superuser privileges (eg. root).
    > zen@linux-3g7l:~> sudo yast
    > sudo: effective uid is not 0, is sudo installed setuid root?

    That's strange.

    You should see this:

    [CODE]
    minas-tirith:~ # l /usr/bin/sudo
    -rwsr-xr-x 1 root root 137736 Sep 28 10:45 /usr/bin/sudo*
    minas-tirith:~ #
    [CODE]
    I was trying to access Yast through the command line, I am not entirely clear if your suggestion would do the same?

    Quote Originally Posted by robin_listas View Post
    >
    > I searched around for why I would be locked out of sudo (if that's the
    > right way to put it), and I found that you might need the output of the
    > following command to help:
    >
    Quote Originally Posted by robin_listas View Post

    Code:
    
    > zen@linux-3g7l:~> mount | grep '/'
    > devtmpfs on /dev type devtmpfs (rw,relatime,size=1537720k,nr_inodes=210371,mode=755)
    > tmpfs on /dev/shm type tmpfs (rw,relatime)
    > tmpfs on /run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
    > /dev/mapper/system-root on / type btrfs (rw,relatime,space_cache)
    > proc on /proc type proc (rw,relatime)
    > sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
    > securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
    > tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,mode=755)
    > cgroup  on /sys/fs/cgroup/systemd type cgroup  (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
    > pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
    > cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
    > cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
    > cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
    > cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
    > cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
    > cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
    > cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
    > cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
    > cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
    > systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=29,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
    > hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)
    > mqueue on /dev/mqueue type mqueue (rw,relatime)
    > debugfs on /sys/kernel/debug type debugfs (rw,relatime)
    > tmpfs on /var/run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > tmpfs on /var/lock type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > /dev/mapper/system-home on /home type btrfs (rw,relatime,space_cache)
    > /dev/sda1 on /usr/local type ext4 (rw,relatime,data=ordered)
    > /dev/sda2 on /boot type ext4 (rw,relatime,data=ordered)
    > vmware-vmblock  on /var/run/vmblock-fuse type fuse.vmware-vmblock  (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    > vmware-vmblock  on /run/vmblock-fuse type fuse.vmware-vmblock  (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    > fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
    > gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    > gvfsd-fuse on /var/run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    The only thing strange is that you apparently created a "/usr/local". It
    is something atypical for a Linux novice, but it is not wrong. I also
    have that partition.

    You apparently also have installed vmware, but that makes sense if you
    intend to use your old Windows that way.

    Your home might be encrypted. Not sure.


    Did you do all that yourself?
    That is a fluke! I wanted to overwrite all of the HDD space but the installer's default partition settings wanted to keep the Windows partition. So I checked the option to format it, but then was not sure about where to mount it. So I chose a mount point just so I could retrieve all that HDD space later. About the encryption, that too was an option in the installer, I just checked it


    Quote Originally Posted by robin_listas View Post
    > I installed nmap and Zenmap so I could monitor the network and look for
    > open ports. The first time I ran nmap, the default telnet port was
    > open, but subsequently it closed (didn't show up on Zenmap on
    > consequent runs, even though I have not done anything to close it).
    Quote Originally Posted by robin_listas View Post

    You should not even have the telnet daemon installed. The telnet client,
    yes, maybe, but the daemon (server) certainly not.

    sshd yes - if you have more computers, or if your friend does remote
    maintenance on your machine.
    That is exactly what has been bothering me all this while. I have not intentionally installed telnet as a server, which is what makes me suspicious. As I said I have a feeling the hacker neighbor has installed a script which maybe gets copied to my LiveUSB somehow (this is where I am lost). Nobody is actually accessing my machine remotely (not to my knowledge or my consent), which is what makes the appearance of telnet even more worrisome, and which I went a little overboard with the sshd_config file. Logically I have absolutely no use for any remote services (as I am not receiving any help through those channels).

    A scan of the router shows port 23 open with telnet running on it as of now. How can I fix this?

    Quote Originally Posted by robin_listas View Post
    > I was looking into installing DenyHost to secure the ssh port, and then
    > I was planning to work my way to closing all the extra open ports I
    > could see on Zenmap (which I didn't need, atleast as far as my basic
    > knowledge tells me), when I encountered this problem with Yast.
    Quote Originally Posted by robin_listas View Post

    Just make sure that the firewall is up and secured, that closes
    everything you don't explicitly open.
    So as wolfi323 advised, setting up the Firewall should technically be good.

    Quote Originally Posted by robin_listas View Post
    > My main question to you at this point is, is there anything I can do to
    > secure my system before that hacker gets into it? He seems to be way
    > more knowledgeable and even though I can work my way around, I am not a
    > professional. I tried talking to my friend about it but he thinks I am
    > being paranoid. Nobody believes me.
    >
    > Please help, this is slowly driving me to despair.
    Quote Originally Posted by robin_listas View Post

    I can understand.
    Thanks

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)[/QUOTE]

  6. #6

    Default Re: Unable to access Yast

    Quote Originally Posted by robin_listas View Post
    Code:
    
    > zen@linux-3g7l:~> mount | grep '/'
    > devtmpfs on /dev type devtmpfs (rw,relatime,size=1537720k,nr_inodes=210371,mode=755)
    > tmpfs on /dev/shm type tmpfs (rw,relatime)
    > tmpfs on /run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
    > /dev/mapper/system-root on / type btrfs (rw,relatime,space_cache)
    > proc on /proc type proc (rw,relatime)
    > sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
    > securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
    > tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,mode=755)
    > cgroup  on /sys/fs/cgroup/systemd type cgroup  (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
    > pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
    > cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
    > cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
    > cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
    > cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
    > cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
    > cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
    > cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
    > cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
    > cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
    > systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=29,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
    > hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)
    > mqueue on /dev/mqueue type mqueue (rw,relatime)
    > debugfs on /sys/kernel/debug type debugfs (rw,relatime)
    > tmpfs on /var/run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > tmpfs on /var/lock type tmpfs (rw,nosuid,nodev,relatime,mode=755)
    > /dev/mapper/system-home on /home type btrfs (rw,relatime,space_cache)
    > /dev/sda1 on /usr/local type ext4 (rw,relatime,data=ordered)
    > /dev/sda2 on /boot type ext4 (rw,relatime,data=ordered)
    > vmware-vmblock  on /var/run/vmblock-fuse type fuse.vmware-vmblock  (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    > vmware-vmblock  on /run/vmblock-fuse type fuse.vmware-vmblock  (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)
    > fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
    > gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    > gvfsd-fuse on /var/run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
    The only thing strange is that you apparently created a "/usr/local". It
    is something atypical for a Linux novice, but it is not wrong. I also
    have that partition.

    You apparently also have installed vmware, but that makes sense if you
    intend to use your old Windows that way.

    Your home might be encrypted. Not sure.

    Did you do all that yourself?
    Sorry forgot to add - I have not installed the VMWare consciously as well (I don't remember the installer having any option for that), since my intention is to move completely away from Windows.



  7. #7

    Default Re: Unable to access Yast

    Quote Originally Posted by RoadRunner2014 View Post
    This is my output:
    zen@linux-3g7l:~> ls -l /usr/bin/sudo
    -rwxr-xr-x 1 root root 139920 Sep 28 10:21 /usr/bin/sudo

    Trying to log in as root gives me the output so:

    zen@linux-3g7l:~> su
    Password:
    su: Authentication failure
    Well, as I suspected, the permissions for sudo are wrong, so it cannot get root rights and therefore doesn't work.
    I'm sure su has the same problem, and that's also the reason why YaST cannot be started.

    So as you don't have any other possibility to get root permissions to fix that, you have to log in as root, as already suggested.

    Then run "chkstat --system" (as I also wrote already), that should fix your permissions.
    And please post the output.
    If some directories' permissions are also wrong, you'll have to fix them first.

    If you don't want to login to the GUI as root, just log into text mode as root and run this:
    Code:
    chmod +s /usr/bin/sudo
    You should then be able to at least use sudo as normal user.

    Then log in to your normal account (into the graphical session) and run:
    Code:
    sudo chkstat --system
    I will try to answer your other questions later...

  8. #8

    Default Re: Unable to access Yast

    Quote Originally Posted by wolfi323 View Post
    Well, as I suspected, the permissions for sudo are wrong, so it cannot get root rights and therefore doesn't work.
    I'm sure su has the same problem, and that's also the reason why YaST cannot be started.

    So as you don't have any other possibility to get root permissions to fix that, you have to log in as root, as already suggested.

    Then run "chkstat --system" (as I also wrote already), that should fix your permissions.
    And please post the output.
    If some directories' permissions are also wrong, you'll have to fix them first.

    If you don't want to login to the GUI as root, just log into text mode as root and run this:
    Code:
    chmod +s /usr/bin/sudo
    You should then be able to at least use sudo as normal user.

    Then log in to your normal account (into the graphical session) and run:
    Code:
    sudo chkstat --system
    I will try to answer your other questions later...
    I tried getting into the root via Ctrl+Alt+Fn, but the password did not work there either. Had to forcibly restart the system. Then I entered my password at the login screen.

    After that, I get a message on the screen so:
    "Authentication Required

    Authentication is required to create a color managed device.

    Administrator

    Incorrect permissions on /usr/lib/polkit-1/polkit-agent-helper-1(needs to be setuid root)."
    There is a button to "Authenticate", it takes me back to login screen.

    I did change the sshd_config file and there was a warning I might be locked out of the system. Could this be because of it?

    UPDATE
    I hit "cancel" and I am into the system. I will report back about your suggested steps in a bit.

  9. #9

    Default Re: Unable to access Yast

    Well, as I suspected, the permissions for sudo are wrong, so it cannot get root rights and therefore doesn't work.
    I'm sure su has the same problem, and that's also the reason why YaST cannot be started.

    So as you don't have any other possibility to get root permissions to fix that, you have to log in as root, as already suggested.

    Then run "chkstat --system" (as I also wrote already), that should fix your permissions.
    And please post the output.
    If some directories' permissions are also wrong, you'll have to fix them first.

    If you don't want to login to the GUI as root, just log into text mode as root and run this:
    Code:
    chmod +s /usr/bin/sudo
    You should then be able to at least use sudo as normal user.

    Then log in to your normal account (into the graphical session) and run:
    Code:
    sudo chkstat --system
    I will try to answer your other questions later...
    This is what I have tried so far. Please bear with me:

    1. Pressed Ctrl+Alt+F1 to get to the command line
    2. Tried several times to enter with username: root, and the password, but no success.
    3. Hard rebooted the system, tried again, and this time I was able to login.
    4. Ran chkstat --system. No output. The command just went to the next prompt.
    5. Tried to exit the text console by typing init5 but system crashed. Had to hard reboot again.

    Still cannot get into sudo, Yast. Telnet port on router (not localhost) has opened up again, along with another unknown port with a red signal behind it.

  10. #10
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,748

    Default Re: Unable to access Yast

    Get any error with init 5??

    What video card and what driver?

    Did you try yast command line logged in or changed (su -) to root?

Page 1 of 4 123 ... LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •