Root password set but cannot login via console (Ubuntu Server)

Support and Help
, ,
1

Hi,

I’m running Ubuntu Server 22.04.5 and I’m facing an issue with root login on vsphere console.

I have already set the root password successfully:

sudo passwd root
sudo passwd -S root

The output shows:

root P 01/27/2026 0 99999 7 -1

I also verified that the root shell is valid:

grep '^root:' /etc/passwd

Result:

root:x:0:0:root:/root:/bin/bash

However, I still cannot log in as root via the console (VM console / tty).
The password is rejected even though it was just changed.

Additional info:

  • Logging in with a normal user + sudo -i works fine

  • This is Ubuntu Server, not desktop

  • Issue happens only on direct console login, not sudo

  • SSH access works normally (root login via SSH is disabled)

I would like to understand:

  • Is direct root login via console blocked by default on Ubuntu?

  • Could this be related to PAM (pam_securetty) or console TTY restrictions?

  • Are there recommended steps to safely allow root console login if needed?

Thanks in advance for any guidance.

2

Welcome to Ubuntu Discourse :slight_smile:

I moved your post to the Support and Help category where you are likely to get more help with this issue.

Please note that, in general, the Project Discussion category is for discussions rather than technical support.

Thanks

1 Like
3

thank you so muchhhhh

1 Like
4

anyone can help? I still cant figure it out

5

Check /var/log/auth.log, it should have the reason for the rejection.

Also note that the password requested when you use sudo is that of your current user, not root (the target user), if this helps.

4 Likes
6 
sudo tail -n 50 /var/log/auth.log

You will likely see a PAM-related rejection (e.g. pam_securetty).

Using:

sudo -i

is the recommended and supported way to get a root shell on Ubuntu Server.

3 Likes
7

image
image941×807 95.5 KB

This is the result on /var/log/auth.log

8

Please copy the log output and post it here in a reply with code tags.

Screenshots are often difficult to analyze and especially if we want to copy lines and research them.

Thanks

9

Hi,

Thanks for the advice

Jan 29 14:11:58 sshd[600900]: Invalid user zhangys from 130.12.181.109 port 1112
Jan 29 14:11:58 sshd[600900]: PAM (sshd) illegal module type: ession
Jan 29 14:11:58 sshd[600900]: PAM (other) illegal module type: ession
Jan 29 14:11:58 sshd[601040]: Failed password for root from 206.123.145.57 port 36186 ssh2
Jan 29 14:11:59 sshd[601040]: Connection closed by authenticating user root 206.123.145.57 port 36186 [preauth]
Jan 29 14:12:00 sshd[600900]: pam_unix(sshd:auth): check pass; user unknown
Jan 29 14:12:00 sshd[600900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.12.181.109
Jan 29 14:12:01 CRON[601192]: PAM (other) illegal module type: ession
Jan 29 14:12:01 CRON[601193]: PAM (other) illegal module type: ession
Jan 29 14:12:01 CRON[601194]: PAM (other) illegal module type: ession
Jan 29 14:12:01 CRON[601193]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Jan 29 14:12:01 CRON[601192]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Jan 29 14:12:01 CRON[601194]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Jan 29 14:12:01 CRON[601195]: PAM (other) illegal module type: ession
Jan 29 14:12:01 CRON[601195]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Jan 29 14:12:01 CRON[601197]: PAM (other) illegal module type: ession
Jan 29 14:12:01 CRON[601196]: PAM (other) illegal module type: ession
Jan 29 14:12:01 CRON[601197]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Jan 29 14:12:01 CRON[601196]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Jan 29 14:12:01 CRON[601194]: pam_unix(cron:session): session closed for user root
Jan 29 14:12:01 CRON[601197]: pam_unix(cron:session): session closed for user root
Jan 29 14:12:01 CRON[601192]: pam_unix(cron:session): session closed for user root
Jan 29 14:12:01 CRON[601195]: pam_unix(cron:session): session closed for user root
Jan 29 14:12:01 CRON[601196]: pam_unix(cron:session): session closed for user root
Jan 29 14:12:01 CRON[601193]: pam_unix(cron:session): session closed for user root
Jan 29 14:12:02 sshd[600900]: Failed password for invalid user zhangys from 130.12.181.109 port 1112 ssh2
Jan 29 14:12:06 sshd[600900]: Connection closed by invalid user zhangys 130.12.181.109 port 1112 [preauth]
Jan 29 14:12:09 sshd[601364]: Invalid user hmfei from 206.123.145.52 port 50004
Jan 29 14:12:09 sshd[601364]: PAM (sshd) illegal module type: ession
Jan 29 14:12:09 sshd[601364]: PAM (other) illegal module type: ession
Jan 29 14:12:09 sshd[601148]: Invalid user zuozhuo from 130.12.181.97 port 9176
Jan 29 14:12:09 sshd[601148]: PAM (sshd) illegal module type: ession
Jan 29 14:12:09 sshd[601148]: PAM (other) illegal module type: ession
Jan 29 14:12:09 sshd[601364]: pam_unix(sshd:auth): check pass; user unknown
Jan 29 14:12:09 sshd[601364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.123.145.52
Jan 29 14:12:09 sshd[601231]: PAM (sshd) illegal module type: ession
Jan 29 14:12:09 sshd[601231]: PAM (other) illegal module type: ession
Jan 29 14:12:11 sshd[601364]: Failed password for invalid user hmfei from 206.123.145.52 port 50004 ssh2
Jan 29 14:12:11 sshd[601148]: pam_unix(sshd:auth): check pass; user unknown
Jan 29 14:12:11 sshd[601148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.12.181.97
Jan 29 14:12:11 sshd[601231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.12.181.101 user=mysql
Jan 29 14:12:11 sshd[601421]: Invalid user mhx2 from 206.123.145.49 port 45422
Jan 29 14:12:11 sshd[601421]: PAM (sshd) illegal module type: ession
Jan 29 14:12:11 sshd[601421]: PAM (other) illegal module type: ession
Jan 29 14:12:12 sshd[601421]: pam_unix(sshd:auth): check pass; user unknown
Jan 29 14:12:12 sshd[601421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.123.145.49
Jan 29 14:12:12 sshd[601364]: Connection closed by invalid user hmfei 206.123.145.52 port 50004 [preauth]
Jan 29 14:12:14 sshd[601421]: Failed password for invalid user mhx2 from 206.123.145.49 port 45422 ssh2
Jan 29 14:12:14 sshd[601148]: Failed password for invalid user zuozhuo from 130.12.181.97 port 9176 ssh2
Jan 29 14:12:14 sshd[601231]: Failed password for mysql from 130.12.181.101 port 10142 ssh2

10

there’s a typo somewhere in your pam config files (likely one of your common- files): you have written ession instead of session

3 Likes
11

Yeah I spotted that too

12

What is the output of

cat -n /etc/ssh/sshd_config | grep -i ession

Thanks

13

Hi, this is the output

root@server:~# cat -n /etc/ssh/sshd_config | grep -i ession
37 #MaxSessions 10
78 # and session processing. If this is enabled, PAM authentication will
83 # If you just want the PAM account and session checks to run without
99 #Compression delayed

14

Hi ALL,

Thank you for all the helps. There is error on /etc/pam.d/common-session

Should be session but the line ession just like you spotted. I fix it and now can login already:)

Issue solved

1 Like
15

Great news!

Please mark the post that helped you fix this as the solution.

It gives the user credit and also tells others there is a working solution if they face the same problem in the future.

Thanks for contributing to the community.

16

This topic was automatically closed 18 hours after the last reply. New replies are no longer allowed.