You may have faced the issue when user root is not able to login in Red Hat and CentOS. Mostly the first thing which come into our mind is might be possible we forgot the password of root and we are not able to login. But apart of this there are other possibilities also which results the failure of root login.
Sharing some of the troubleshooting steps to resolve the user root not login issue.
Forgotten root password
This is mostly happen when we forgot the root password.For resetting the new password we have to boot the Server in Runlevel 1 .
For this “how to” we have already posted in our blog that is Reset Root password in run level 1
Check the no login shell in /etc/passwd file
[root@server ~]# grep root /etc/passwd root:x:0:0:root:/root:/sbin/nolgin
If you find the above /sbin/nologin in /etc/passwd file for root .Change its login shell into /bin/bash
usermod -s /bin/bash root
[root@server ~]# usermod -s /bin/bash root [root@server ~]# grep root /etc/passwd root:x:0:0:root:/root:/bin/bash
Check the root account expiration date
chage -l root (it will show the account information,check the account expiration date).
In case of root account get expired than change it. For troubleshooting purpose we are giving as Never Expired. For more info read man page “man chage “
chage -E never root
[root@server ~]# chage -l root Last password change : Sep 17, 2011 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7 [root@server ~]#
Check “nologin” directory in /etc
Check nologin directory in /etc . If you find then remove it with help of rm command
ls -ld /etc/nologin && rm -fr /etc/nologin
Check the permission of /etc/securetty
If the permission of file /etc/securetty is other than 644 than it is also one of the problem.
Change /etc/securetty file permission to 644
chmod 644 /etc/securetty
Check the /etc/securetty file’s content
The securetty file must have below given contents and in alphabetical manner. If you find any incorrect information regarding terminals from which root can log in please do remove.
Given below is sample.It may vary as per RHEL/CentOS OS versions.
[root@server~]# cat /etc/securetty console vc/1 vc/2 vc/3 vc/4 vc/5 vc/6 vc/7 vc/8 vc/9 vc/10 vc/11 tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 [root@server ~]#
Disabled root login in ssh
In case you are trying with ssh to remote host , might be possible in ssh configuration file login to root is not permitted
[root@server ~]# grep Root /etc/ssh/sshd_config PermitRootLogin no [root@server ~]#
Then change the value
PermitRootLogin yes in /etc/ssh/sshd_config file. And reload or restart the sshd service.
/etc/init.d/sshd reload OR /etc/init.d/sshd restart