5

I have change the user's (user1) password using root

passwd user1

but when i tried to ssh user@localhost or through gdm or tty it always failed

the journalctl log shows

Failed password for user1 from ::1 
FAILED LOGIN 1 FROM tty3 FOR user1, Authentication failure
pam_unix(gdm-password:auth): conversation failed
pam_unix(gdm-password:auth): auth could not identify password for [user1]

I'm using fresh Arch Linux installation (64-bit)

Kokizzu
  • 9,699

3 Answers3

6

So the solution was, change the /etc/passwd file

for user1's shell from /usr/bin/bash into /bin/bash

Kokizzu
  • 9,699
  • Just ran into the same problem. Any idea why this is? /usr/bin/bash and /bin/bash both execute a shell. But only the latter will allow proper login. –  Jan 11 '15 at 19:32
  • yeah I never found any documentation for this – Kokizzu Jan 13 '15 at 00:58
  • Is /usr/bin/bash a symlink to /bin/bash? It may not work if it's a symlink. – LawrenceC Jan 13 '15 at 21:08
  • no.. -rwxr-xr-x 1 root root 787584 2014.10.06 13:06 /usr/bin/bash* it isn't -rwxr-xr-x 1 root root 787584 2014.10.06 13:06 /bin/bash* – Kokizzu Jan 14 '15 at 00:36
  • 4
    /usr/bin/bash is the same file as /bin/bash, as /bin is a symlink to /usr/bin. you can add /usr/bin/bash to the /etc/shells file and that should work for /usr/bin/bash login, but that's non-standard – hanetzer Feb 04 '15 at 03:09
  • The cause is that pam_shells.so requires a valid shell in /etc/shell. /usr/bin/bash, even if it's a symlink, is not listed in /etc/shells, so the login is denied. To make it easier for others to find, I'll mention that I could log in via ssh pubkey but not with a password. The salient detail here is that sshd skips PAM altogether for pubkey logins, so pam_shells.so never runs, even if you have UsePAM yes. That option only applies to password / kbdinteractive logins. – anahata Jun 21 '23 at 23:30
2

The solution is in the file /etc/shells as documented in man 5 shells.

To cut it short "[that] is a text file which contains the full pathnames of valid login shells".

Traditionally /etc/shells only contains /bin/sh and /bin/bash.

So, in order to "fix" that issue, you either add /usr/bin/bash to /etc/shells or change the user's shell to be /bin/bash for example by using chsh.

Modern distributions have /bin as a symlink to /usr/bin so the former fix should be the right one. Be warned that this could break a number of programs that don't use the getusershell() call but have hard-coded shell paths.

The one and only shell you should rely upon is /bin/sh, though.

EnzoR
  • 933
0

1.Login as root enter username as root, I prefer text(tty# ex: tty2) mode for simplicity. Open it by
Ctrl + Alt + F#(any of function keys F2-F7) 

username : root
password :

2.Check for user's shell

$less /etc/passwd

you may see some thing like

mr_rathod:x:1000:1000:Abhay Raj Singh Rathod:/home/mr_rathod:/usr/bin/bash (unaccessible shell)
mr_rathod:x:1000:1000:Abhay Raj Singh Rathod:/home/mr_rathod:/bin/zsh (unvailable shell)

3.Change the passwd file fix it by editing passwd file

# nano /etc/passwd

changing shell to /bin/bash would work as it is present in most UNIX based system

Abhay Raj Singh Rathod
  • 1