SUMMARY: ssh on Solaris 10 fails

From: Fergus McMenemie <fergus_at_twig.demon.co.uk>
Date: Sun Feb 04 2007 - 03:37:00 EST
Turned out that in my rush to get the new machine, my first running Solaris 10,
up and on the network I misconfigured the /etc/ssh/sshd_config. The PermitRootLogin
setting had been set to without-password rather than yes (as indicated in initial
posting). I had assumed that without-password was a super set of the yes option,
meaning that it would allow password-less login once authorized_keys had been 
set up but would also allow passwords to be used. Not so. Read the manual.

Andy Paton had the most useful posting:-
>Out the box, what you have down with /etc/ssh/sshd_config & /etc/defaults/login
>should have worked. I've done it many times.


With thanks to 
	francisco
	kalyan.x.manchikanti@jpmchase.com
	Andrew Hall
	Hudes, Dana
	Tom Healy
	Stephanie C
	Michael Schulte
	Michael Herman
	Loris.Serena@pfpc.ie
	Santhakumar, Siva
	Andy Paton
Who actually read the whole message properly and who replied with
something relevant! Many of my more recent postings to sun managers
produce replies where I wonder if even the messages subject has been
totally read. 

At 08:07 +0000 4/2/07, Fergus McMenemie wrote:
>We have a problem with a brand new ultra 45 running Solaris 10. We can
>not ssh to the machine from any of the other nodes on the network. All the
>other machines are running Solaris 8 and OpenSHH, but this turned out to
>be a red herring.
>
>In the end we found the machine could not ssh to itself:-
>   ultra45(root) # ssh ultra45
>   Password:
>   Password:
>   Password:
>   Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive)
>
>I have commented out CONSOLE=/dev/console in /etc/defaults/login and set
>PermitRootLogin in /etc/ssh/sshd_config to yes, and rebooted the system.
>
>I downloaded and installed the Solaris 10 recommenced patch cluster,
>while running in single user mode. (many of the patches were skipped with
>an exit status of "1")
>
>I suspect this a config issue, possibly related to pam.conf, what to I do?

-- 

===============================================================
Fergus McMenemie               Email:fergus@twig.demon.co.uk.
Techmore Ltd                   Phone:(UK) 07721 376021

Unix/Mac/Intranets             Analyst Programmer
===============================================================
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Sun Feb 4 03:37:35 2007

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:04 EST