SUMMARY: ssh on Solaris 10 fails

From: Fergus McMenemie <>
Date: Sun Feb 04 2007 - 03:37:00 EST
Turned out that in my rush to get the new machine, my first running Solaris 10,
up and on the network I misconfigured the /etc/ssh/sshd_config. The PermitRootLogin
setting had been set to without-password rather than yes (as indicated in initial
posting). I had assumed that without-password was a super set of the yes option,
meaning that it would allow password-less login once authorized_keys had been 
set up but would also allow passwords to be used. Not so. Read the manual.

Andy Paton had the most useful posting:-
>Out the box, what you have down with /etc/ssh/sshd_config & /etc/defaults/login
>should have worked. I've done it many times.

With thanks to 
	Andrew Hall
	Hudes, Dana
	Tom Healy
	Stephanie C
	Michael Schulte
	Michael Herman
	Santhakumar, Siva
	Andy Paton
Who actually read the whole message properly and who replied with
something relevant! Many of my more recent postings to sun managers
produce replies where I wonder if even the messages subject has been
totally read. 

At 08:07 +0000 4/2/07, Fergus McMenemie wrote:
>We have a problem with a brand new ultra 45 running Solaris 10. We can
>not ssh to the machine from any of the other nodes on the network. All the
>other machines are running Solaris 8 and OpenSHH, but this turned out to
>be a red herring.
>In the end we found the machine could not ssh to itself:-
>   ultra45(root) # ssh ultra45
>   Password:
>   Password:
>   Password:
>   Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive)
>I have commented out CONSOLE=/dev/console in /etc/defaults/login and set
>PermitRootLogin in /etc/ssh/sshd_config to yes, and rebooted the system.
>I downloaded and installed the Solaris 10 recommenced patch cluster,
>while running in single user mode. (many of the patches were skipped with
>an exit status of "1")
>I suspect this a config issue, possibly related to pam.conf, what to I do?


Fergus McMenemie     
Techmore Ltd                   Phone:(UK) 07721 376021

Unix/Mac/Intranets             Analyst Programmer
sunmanagers mailing list
Received on Sun Feb 4 03:37:35 2007

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:04 EST