The Blog of Justin Loutsch

I don't know the question, but the answer is 42!

About

I'm Justin, and I live in Boston. I'm a huge geek into process automation and work reduction, and am also an editor at Eat Your Serial. Thanks for dropping by!

Recently a change happened to one of our servers at work which caused sudo to fail completely.

When we ran the sudo command, here’s what we’d see:

sudo vi /etc/samba/smb.conf
Sorry, try again.
Sorry, try again.
Sorry, try again
sudo: 3 incorrect password attempts

All we had to do in this case was hit enter after the command and we would not even have the chance to enter the password before the sudo command failed.

I did some extensive googling and only found one useful result, so I’m posting my experience here to provide one more hit for future encounters of this problem.

It turns out that the Pam config file had a line commented out which caused this error.

The file in question: etc/pam.d/system-auth

What our file looked liked:

# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_fprintd.so
#auth sufficient pam_unix.so nullok try_first_pass
auth sufficient pam_ldap.so try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_sss.so use_first_pass
auth required pam_deny.so

See that third line beginning with #auth? That’s the problem right there.

We removed the # symbol so the system could read the line and restarted the SSH daemon (service sshd
restart) and were regained sudo access immediately afterwards.

Comments are closed.