61

I am having problems with the su command. I know my password and I am typing it correctly, but su indicates Authentication failure.

So I checked on the internet and then went into recovery mode and changed my user's password to what I was entering before. Even now, entering the same password on su gives me Authentication failure.

What am I doing wrong?

BeastOfCaerbannog
  • 14,585
user12895
  • 765

7 Answers7

75

su asks for the root password. Since Ubuntu doesn't set a root password by default, you can't use it to become root.

Instead, to become root, use sudo -i with your personal password.

terdon
  • 100,812
david
  • 2,430
17

su asks for the password of the account you're trying to login. It's usage (simplified):

su username

When omitting username, the username default to root. Since the root password is disabled by default on Ubuntu, no password will be valid. The preferred way to run root commands is not through a su shell, but with sudo as in:

sudo mount /dev/sdb1 /mnt
Lekensteyn
  • 174,277
11

The root account in Ubuntu is disabled by default. This is to say that it has no password (which is different from it having a blank password) and no attempt to authenticate with root's password will succeed. Therefore, su or su - will not work.

Instead, use sudo to run a command as root:

sudo command...

If you want a root shell like you get with su, run:

sudo -s

If you want a root shell like you get with su -, run:

sudo -i
Eliah Kagan
  • 117,780
4

when you need to login as one of your non-login userids say git ( has no pwd)

su - git
Password: 
su: Authentication failure

SOLUTION - use this syntax to login as userid git

sudo su - git
muru
  • 197,895
  • 55
  • 485
  • 740
Scott Stensland
  • 15,575
  • 1
    It's not a different syntax, but an entirely different program. In addition, sudo itself support logging in as another user, e.g. the equivalent command would be sudo -iu git. – McSinyx Jul 20 '22 at 03:01
3

I came across an OS, Minibian, where the setuid bit was missing from /bin/su, causing this error, even if the password of the root account was enabled.

On Linux, the only way to become root is to execute a setuid-root file. When you run sudo or su, their setuid bit is set, so the process' effective user becomes root, then they do the authentiaction already as root! If it fails they exit.

Anyway, here are the symptoms and the fix:

$ su
Password:
su: authentication failure
$ sudo su
# ls -l /bin/su
-rwxr-xr-x 1 root root 31092 Jun  5  2012 /bin/su
# chmod u+s /bin/su
# ls -l /bin/su
-rwsr-xr-x 1 root root 31092 Jun  5  2012 /bin/su

Note the difference: rwx before, rws after.

SzG
  • 131
  • I don't really see how a bug on a completely different Linux distribution is related to Ubuntu...? – Byte Commander Feb 19 '16 at 08:20
  • I faced this on Ubuntu Trusty as well! I dont know how I landed up in that situation, but this answer was a life saver! :) /bin/su should have permissions 4755 if not, get weird errors like Account expired !! – Ani Jan 03 '22 at 10:09
1

su asks for the root password.

You can set a root password while you're root (by giving sudo su, providing that you are on the sudoers file), by giving the command passwd and setting a new password.

This is not recommend it for various reasons, though.

hytromo
  • 4,904
0

In my case, it was because the entry for that user was missing in /etc/shadow.

I had copied to another test server all entries in /etc/passwd with ID higher than 1000 along with /etc/group but forgot /etc/shadow. So everytime I did su with any of those users I would get that error. After adding the missing entry in /etc/shadow the error would stop appearing.

For example /etc/shadow:

myusername:*:16992:0:99999:7:::
Wadih M.
  • 332