Hoping someone can help with this. My scenario is that I have an Imac, Suse 11.4 box, and a Win7 AD box. There will be VM’s running on both Suse and Windows. My hope is to control the Linux and Windows boxes along with the VM’s from the iMac using the Mac MS RDP utility as I find that the Mission Control system along with the Mac trackpad is far superior to anything on offer from either Suse or Windows.
I now have the xrdp server setup and running on my Suse box. I can connect to it just fine from the Mac. I thought all was going to be sweet in my world - until kdewallet popped up when I tried to access my kontact mail account - it refused to accept the password. OK that’s no biggy as I simply cancelled it and then entered the mail account password separately in kMail which then downloaded the mail. A little later I needed to su in a terminal - I got an error ‘incorrect password’. Similarly it seemed that anything that requires root privileges was not accepted including opening Yast, doing anything with samba etc etc. After a little searching I discover on a Novell webpage that root login on external display is disabled by Suse by default. So I’ve edited /etc/sysconfig/display manager and changed DISPLAYMANAGER_ROOT_LOGIN_REMOTE=“no” to “yes” and changed DISPLAYMANAGER_SHUTDOWN=“auto” to “all”. Also checked that file permissions are not set to paranoid under the system hardening section of Yast. However after restarting I still find that I am completely unable to get any remote root access - just “incorrect password” messages . This is a real show-stopper for me as root access is something that I need on a regular basis. Surely there must be a way to get this to work??
Any ideas much appreciated
Thanks
Chris
Sorry for having to reply to my own thread but seems there is a 10 minute limit on editing the original post - crazy!
I have just discovered that I can connect a new session from the Mac to SuSE as root user and the root password is accepted without problem. Clearly my edits have done some good. However I have no wish to be logged in as root user permanently, and seeing the root desktop, I simply need to have root privileges available to me as and when needed in my user account. It seems it is not possible to ‘switch’ between users in a remote session so the only way I can get remote root privileges is to close the user session and start a new root session, do what I have to do and then close and open my user session again - a right royal PITA.
You should NEVER login directly as root. And especialy not from a remote site.
Log in as a normal user (you may even consider creating one for this purpose) and then become root in the normal way. And the normal way on a CLI/terminal sesion (like an SSH one) is indeed:
Having been searching for answers to this problem I was quite expecting the ‘shock horror he’s trying to connect to his machine as root’ response.
Perhaps I didn’t make myself clear enough - the three machines I have all sit on my desk, and are actually connected to my LAN through another PC running BOSD and acting as a firewall.
My objective here is to do away with using a KVM on one screen, or Synergy across 3 screens, by using the Mac Mission control app along with its virtual desktops to control other machines using just the Mac along with an auxiliary monitor to give me extra screen space. I have seen this setup on a colleagues Mac and it is a lovely elegant solution for this purpose.
I’m not worried in the slightest about any perceived security issues of ‘logging in’ as root - and in fact as I clearly state in my original post that is not what I want! I do not want to ‘log in’ as root - I just want to have root privileges available to me when I am logged in to my normal account remotely in the same way that I do locally.
I suspect that the knee jerk reaction to my heading daring to include the words remote and root in the same sentence has meant that the fact that I also stated “A little later I needed to su in a terminal - I got an error ‘incorrect password’.” has been overlooked by the responders
su (and sudo) both refuse to accept the root password in a remote session. I note that you say I should use su - (with a hyphen after it) I have tried adding the hyphen in case that is something extra that is needed in a remote session but I still get the response su: incorrect password.
But I apologize for my poor interpretation of your requirements.
Personally I too use remote access, also only on my LAN. But all my machines are openSUSE and I use ssh only. Which does permit me to go su -, once I have the correct settings in the config files.
But I assume (with it’s poached core system) MAC should work well in the scenario you outlined.
shadychris wrote:
>
> I got
> an error ‘incorrect password’." has been overlooked by the responders
> su (and sudo) both refuse to accept the root password in a remote
> session.
I am guessing that there’s something wrong with your keyboard map or
character encoding (rather latter) when you type remotely.
See what you get when you just type the password (no commands, just to
see what you get) in the remote terminal.
Also try another terminal, there are many, xterm, konsole etc.
See also what you get in a text console (Alt Ctrl F1) when you connect.
Sometimes the character encoding (UTF, ISO-8859) gets akward when going
remote in some terminals. This may depend on your locale settings.
I note that you say I should use su - (with a hyphen after it)
> I have tried adding the hyphen in case that is something extra that is
> needed in a remote session
That’s to get the root path. Nothing to do with local/remote.
Vahis
http://waxborg.servepics.com
openSUSE 11.4 (x86_64) 2.6.37.6-0.11-default main host
openSUSE 12.1 (x86_64) 3.2.8-11-desktop Tumbleweed in VirtualBox
openSUSE 12.1 (i586) 3.1.9-1.4-desktop in EeePC 900
Yopu may have described your problem so vague that none of us realy understand what you are doing. That may still be the case. But I will add few remarks that may help you to understand your own situation.
. The - in su - has nothing to do with remote or not. You should allways use it or the bit longer* su -l.* Read tthe man page of su when you want to know what it does and use your brains to find out why you should use it.
. When you are loged in in a system in whatever way (remote or not, CLI or GUI) and then want to change your uername to root (and thus your userid to 0) you have to provide the root password (that is not new to you). When you then get the message that the password is wrong, then IMHO that is wat it says. The login mechanism does not check if the original session is a remote one.
And I for myself do not have any poroblem loggin in using SSH to another system and then using su -:
henk@boven:~> su - mgi ; exit
Wachtwoord:
mgi@boven:~> ssh beneden ; exit
Password:
Last login: Tue Feb 28 10:10:06 2012 from boven.henm.xs4all.nl
Have a lot of fun...
mgi@beneden:~> su - ; exit
Password:
beneden:~ #
I first change from my day to day user to a manager one (mgi) which I specialy created for management work and which is also available on the other system.
Then I ssh to the other system.
Then, being loged in, I change to root.
When I misinterprete your situation completly wrong, then please come with more information, understandable by idiots like me and preferable in an examlple like mine above, where you realy show what happens instead of a story told.
Thanks Vahis and CAF. I’m pretty sure its not a problem with my keyboard map - although it is a Mac keyboard I already had it configured in SuSe when I was running Synergy. Also I am now allowed to login remotely as root and although it is a different password to my user account it is still only alpha/numeric - no symbols. I’m using Konsol and typed the password there as suggested and it is correct. I have now found a way to get sudo working. There is an option in the sudoers file (commented out by default) that allows all users in the wheel group to run any command without a password. Having uncommented that and added myself to wheel I can now run sudo commands. However it is far from ideal - for example sudo /sbin/YaST doesnt open the graphical interface - but rather the hideous cli text version. Other gui based things that need root privileges also are unavailable such as updating from the software updater applet and kdewallet. Seems that somehow there is a problem with the way that the root password is passed to the xserver when logged in as user. maybe something to do with PAM. Have to dig further I guess…
Well - I now have the answer! Vahis wasnt too far off the mark. Crazy as it sounds the number ‘three’ key is either not being sent across RDP to the SuSe box, or it is being sent but not being undertsood It works fine on the mac client and also fine on the Windows client - just not on the SuSE server. I just swapped for a normal PC keyboard and get exactly the same behaviour. Every single key on the board gets sent to SuSe except the ‘three’ !!! Guess the next step is to remote into the Suse Box from my Windows machine and see if I get the same problem…
Exactly the same when connecting to SuSe RDP server from Win7 - the number three key does not get recognised in any Suse applications! That is really weird because both my username and root passwrds use the number three so it** is** the case that three is recognised at the login prompt - but not after logged in remotely… If use a keyboard connected directly to the suse box then I can enter a three fine on the local session screen, just not in the remote session.
Thanks Henk - I tried first with yast - then remembered i needed a 2 for the gui but I used YaST2 which failed. Anyways - seems the root of the problem is that my xrdp server is for some reason not accepting the number 3 (i’m logged in local now) after login…
shadychris wrote:
>
> Exactly the same when connecting to SuSe RDP server from Win7 - the
> number three key does not get recognised in any Suse applications! That
> is really weird because both my username and root passwrds use the
> number three so it* is* the case that three is recognised at the login
> prompt - but not after logged in remotely… If use a keyboard
> connected directly to the suse box then I can enter a three fine on the
> local session screen, just not in the remote session.
>
>
Is there any difference if you use the kb numeric keys or your numeric
key pad?
Vahis
http://waxborg.servepics.com
openSUSE 11.4 (x86_64) 2.6.37.6-0.11-default main host
openSUSE 12.1 (x86_64) 3.2.8-11-desktop Tumbleweed in VirtualBox
openSUSE 12.1 (i586) 3.1.9-1.4-desktop in EeePC 900
You are welcome. You can also stop using all sorts of upper/lowercase combiinations when you try to type openSUSE or simply SUSE.
Everything is easy as soon as you know
And of course I, like you, have no idea why the 3 key is such a special beast. Does it also fail to give you the character belonging to Shift-3 (# in my keyboard). Just a small thing I would try when debugging this phenomenon.
Vahis - I love you and want to kiss you - even if you are a man with a beard If I use the numeric pad to the right all numbers are available!! seems it is just the keyboard number 3 and the £ that arent working in a logged in remote session. The £ I can probably live without but I dont think I could survive too long without a 3!! Now I juts need to retrain myself to use the numeric pad… Many many thanks - it doesnt solve the problem of why 3&£ dont work but at least it gives me a usable workaround. su is of course now working perfectly now that it is getting all of my password, so I’ll undo all the other edits to sudoers and Displaymanager
Yes Henk - the shift +3 should give me a £ - seems for some reason a logged in xrdp session just doesn’t like that one key… but having spent the best part of today banging my head against this I’m just going to live with the workaround of the numeric pad.
On 2012-03-03 14:46, shadychris wrote:
>
> Having been searching for answers to this problem I was quite expecting
> the ‘shock horror he’s trying to connect to his machine as root’
> response.
Mmm.
> Perhaps I didn’t make myself clear enough - the three machines I have
> all sit on my desk, and are actually connected to my LAN through another
> PC running BOSD and acting as a firewall.
Mmm.
The dangers we usually expostulate here about are not usually about remote
login as root, but about local login as root, in a graphical session. We
consider that a no-no always. I see no reason for you to do it even for a
minute.
Instead, log in remotely as user, then use “su -” to get access to whatever
root tool you need.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)
shadychris wrote:
>
If I use the numeric pad to the right all numbers are
> available!! seems it is just the keyboard number 3 and the £ that
> arent working in a logged in remote session.
So do you get locally:
3 = 3
and remotely 3 = £ (which is AltGr 3 here)
There is something wrong with your character encoding settings in one of
them ends.
Try those combinations both locally and remotely, with shift and AltGr.
How do other numeric keys act with those options?
Vahis
http://waxborg.servepics.com
openSUSE 11.4 (x86_64) 2.6.37.6-0.11-default main host
openSUSE 12.1 (x86_64) 3.2.8-11-desktop Tumbleweed in VirtualBox
openSUSE 12.1 (i586) 3.1.9-1.4-desktop in EeePC 900
Hi Vahis - no I get 3 locally and shift + 3 = pound currency sign. Remotely the 3 key does not enter any symbols, either as 3 or shift +3. I have also just discovered that if I lock the SUSE screen in a remote session, or allow password protected screen saver to run I am then unable to log back in again - the numeric keypad to the right of the keyboard no longer functions at all and although I can enter letters and numbers on the main keyboard the 3 key still does nothing. This isnt a major problem for me as I simply disable screen saver, and at the end of the day the front door key to everything now is through the Mac - so if I need to leave my desk unattended I simply lock the Mac screen. All key behaviour also works perfectly in conjunction with an RDP session into a windows box. It also works fine when using SUSE as a client into windows boxes. It seems that the problem is specific to the xrdp server on SUSE, or at least something on my SUSE setup anyway. I’m guessing that as all tests fine locally using the same keyboard I use for remote that it is more likely to be in the xrdp side of things. This also reinforced by the fact that everything works perfectly in the SUSE Enterprise remote desktop login window presented when I specify the connection address. It is only after I have validated with my password - which does contain a 3, that the 3 key then stops working.
