glowell@portia.Stanford.EDU (gary lowell) (11/15/90)
I am trying to login to my RS6000 from home using an ascii terminal and modem. I can connect ok, but can't login. I am sure there is some trivial parameter that is not set right somewhere. I've spent several hours on the phone with support people, and our SE spent almost a full day on-site with no results. The system is an RS6000 model 320. I have a Trailblazer Plus modem attached to built-in serial port #1, which is /dev/tty0. The line for that port in /etc/security/login.cfg is /dev/tty0: sak_enabled = false herald = "Allegro (tty0)\n\rPlease Login: " When I call up the system what I see is: CONNECT 2400 Allegro (tty0) Please login: glowell 3004-007 You have entered an invalid login name or password login: glowell 3004-007 You have entered an invalid login name or password login: glowell 3004-007 You have entered an invalid login name or password NO CARRIER The user-id 'glowell' is valid, since that is what I use to login at the console (hft). The allowed tty field in the smit user screen is 'ALL'. I have also tried leaving the field blank, and '/dev/console,/dev/tty0, /dev/tty1' with the same results. We have a 3-32 user liscense, and smit shows that that is how the system is configured. Searching through info-explorer I've been unable to discover anything else that might control letting someone login. Someone by now must have succeeded in hanging a terminal off the serial port of an RS6000. Any help or sugestions would be greatly appreciated. Gary Lowell glowell@portia.stanford.edu
robin@sabre.austin.ibm.com (Robin D. Wilson/1000000) (11/21/90)
In article <1990Nov15.015023.20950@portia.Stanford.EDU> glowell@portia.Stanford.EDU (gary lowell) writes: >I am trying to login to my RS6000 from home using an ascii terminal and >modem. I can connect ok, but can't login. I am sure there is some >trivial parameter that is not set right somewhere. I've spent several >hours on the phone with support people, and our SE spent almost a full >day on-site with no results. > >When I call up the system what I see is: > > CONNECT 2400 > Allegro (tty0) > Please login: glowell > 3004-007 You have entered an invalid login name or password Let me guess.... You have the port set up as "LOGIN = SHARE" from smit, and you are at update level "3001/9030G/July". The solution is to set the port to either DELAY or ENABLE (please note the "ENABLE" solution is a temporary workaround for the problem if all else fails). Make sure the telebit is set up to follow true carrier, disconnect on DTR loss, respond to local commands only, etc. If you have to set the port to "ENABLE" the following modem setups are also recommended: NO ECHO, NO COMMAND RESPONSE. You will also have to "pdisable" the port any time you want to use it to dial-out. The best solution is to call 1-800-237-5511 (IBM Software Defect Support) and request the 3002 update. +-----------------------------------------------------------------------------+ |The views expressed herein, are the sole responsibility of the typist at hand| +-----------------------------------------------------------------------------+ |UUCP: cs.utexas.edu!ibmchs!auschs!sabre.austin.ibm.com!robin | |USNail: 701 Canyon Bend Dr. | | Pflugerville, TX 78660 | | Home: (512)251-6889 Work: (512)823-4526 | +-----------------------------------------------------------------------------+
glowell@portia.Stanford.EDU (gary lowell) (11/26/90)
In article <4280@awdprime.UUCP> robin@reed.UUCP (Robin D. Wilson) writes: >Let me guess.... You have the port set up as "LOGIN = SHARE" from smit, and >you are at update level "3001/9030G/July". The solution is to set the port >to either DELAY or ENABLE (please note the "ENABLE" solution is a temporary >workaround for the problem if all else fails). Make sure the telebit is >set up to follow true carrier, disconnect on DTR loss, respond to local >commands only, etc. If you have to set the port to "ENABLE" the following >modem setups are also recommended: NO ECHO, NO COMMAND RESPONSE. You will >also have to "pdisable" the port any time you want to use it to dial-out. > >The best solution is to call 1-800-237-5511 (IBM Software Defect Support) and >request the 3002 update. > Thanks to everyone who replied. The port was originally set up LOGIN=DELAY, and I had tried LOGIN=ENABLE to no effect. Fortunatly, I had requested the 3002 updates for another problem. It arrived last Tuesday, and installing it has fixed this problem. Even PSHARE seems to work now. The only problem I have left is the port permissions. I set the permissions on /dev/tty0 to 666 so that ordinary users might use cu on the port. But everytime the system touches the port, login/logoff for example, the permissions are reset to 662 which prevents everyone except root from using cu on that port thereafter. I saw passing reference in info explorer that the port permissions are kept in the database. But no clues as to where, or how to change them, or even if changing would solve this problem. So, is there anyway that I can permanently change the permissions on a port? Thanks again for the help. Gary Lowell glowell@portia.stanford.edu
robin@sabre.austin.ibm.com (Robin D. Wilson/1000000) (11/27/90)
In article <1990Nov25.195331.11670@portia.Stanford.EDU> glowell@portia.Stanford.EDU (gary lowell) writes: >The only problem I have left is the port permissions. I set the >permissions on /dev/tty0 to 666 so that ordinary users might use >cu on the port. But everytime the system touches the port, login/logoff >for example, the permissions are reset to 662 which prevents everyone >except root from using cu on that port thereafter. You can change the owner of /bin/cu to 'root' and set the permissions to 4555. (This may have serious security repercussions tho'...) This will allow "cu" to run with the UID of the owner (which you set to 'root'). The "real" solution for this problem is being worked through defect support and final solution will not be available for at least two updates (>3004). I am not real sure where the default port permissions are set, but I know that this was changed for a "security enhancement". +-----------------------------------------------------------------------------+ |The views expressed herein, are the sole responsibility of the typist at hand| +-----------------------------------------------------------------------------+ |UUCP: cs.utexas.edu!ibmchs!auschs!sabre.austin.ibm.com!robin | |USNail: 701 Canyon Bend Dr. | | Pflugerville, TX 78660 | | Home: (512)251-6889 Work: (512)823-4526 | +-----------------------------------------------------------------------------+