After updating a SLES 10 SP4 system to SLES 11 SP1, I was not able to authenticate. It seems like the PAM modules are not able to read the hashed password in the /etc/shadow file. Booting to a rescue disk and chroot did allow a change of passwords.
This is ok for a few users, but it will cause havoc in a Production system.
Is there some change to the PAM modules? Any thoughts on why this is will be greatly appreciated.
I may be wrong (correct me if I am guys!) but the default encryption algorithm for SLES 11 is Blowfish, which is different than the encryption algorithm for SLES 10, which was DES.
You can change the encryption algorithm back to DES via YaST | Security and Users | User and Group Administration and select the Expert Options | Password Encryption at the bottom-right of the screen. I’m not sure if you need to reboot (I doubt it) to pick up the change. I had this same issue several years ago when I first upgraded a server from SLES 10 to SLES 11.