n this post we are going to see how to allow root direct login on console in Solaris 11. As we all know, Solaris 11 having a restriction that root can't be direct login as its act as a Role account. We have to change the type as normal, in order to make the root direct login. Let we can check some prerequisites and do the changes.
Getting below error while accessing the server directly with root user.
unixrock console login: root Password: Roles can not login directlyChecking Role account type in /etc/user_attr
root@unixrock:~# grep -i root /etc/user_attr root::::type=role unixrock::::lock_after_retries=no;profiles=System Administrator;roles=root root@unixrock:~#Changing the Role type as normal account
root@unixrock:~# rolemod -K type=normal root root@unixrock:~# root@unixrock:~# grep -i root /etc/user_attr root::::type=normal unixrock::::lock_after_retries=no;profiles=System Administrator;roles=root root@unixrock:~#Checking CONSOLE value on /etc/default/login, the value should be shown as like below.
root@unixrock:~# grep -i console /etc/default/login # If CONSOLE is set, root can only login on that device. # If the specified device is /dev/console, then root can also log into CONSOLE=/dev/console root@unixrock:~#
Still If you want to make root direct login through ssh, then we need to check "PermitRootLogin" value on /etc/ssh/sshd_config. If you change the value as like below, need to restart the ssh services from console.
root@unixrock:~# grep -i PermitRootLogin /etc/ssh/sshd_config PermitRootLogin yes root@unixrock:~# root@unixrock:~# svcadm restart svc:/network/ssh:default root@unixrock:~#CAUTION : This is not recommended to do this setting on production environment servers.
Thanks for reading this post. Please leave your valuable comments and queries, I will get back to you at earliest.
No comments:
Post a Comment