Sponsored Content
Special Forums Cybersecurity SSH password-less login issue between linux and solaris Post 302713797 by bakunin on Thursday 11th of October 2012 10:13:20 AM
Old 10-11-2012
Quote:
Originally Posted by error_lee
Unfortunately, I don't have the permission to restart sshd.
Then get someone who can to analyze the problem.

Quote:
The thing is that I did not change anything in the sshd config, but simply generated the keys. You think this may be related?
No, not at all. But ssh-communication requires two things to work in accordance: the client side (ssh-client, authentication data) and the server side (the sshd daemon and its configuration).

I don't claim to know what went wrong in your case, but the debug output you provided makes me suppose the problem is with the server side. To verify this one will have to examine the server configuration and eventually reconfigure/restart it, as i have told you.

Alternatively you can try to set up communication from a third host to the problematic one: if i got you correctly "HostA->HostB" works, but "HostB->HostA" doesn't. Set up "HostC->HostA" and see if this works. If it does it is probably not the sshd in host A as such, but maybe just the configuration: there are different versions of open-ssl (the library which does the underlying encryption) and maybe you hit upon such a version incompatibility.

Fact is: i don't know and as long as you can't present more and better data probably nobody can. So we are left to suggestions and more or less educated guesses about possible reasons.

I hope this helps.

bakunin
 

9 More Discussions You Might Find Interesting

1. Solaris

password less login from openssh to SSH Secure Shell 3.0.1 Sun solaris 7

Hi, I would like to login from a Sun server running ssh: Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f to ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6 How can I achieve this? Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies

2. HP-UX

login ssh without password

There is two server, server A and server B. In server A, I would like to login ssh to server B without typing password. (no need for ssh2) Therefore, I do the followings: Server A: >cd ~ >mkdir .ssh >ssh-keygen -t dsa -f .ssh/id_dsa Then copy the file id_dsa.pub to Server B Server B:... (2 Replies)
Discussion started by: alfredo
2 Replies

3. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

4. Shell Programming and Scripting

SSH Login by passing password.

ssh/sftp login by passing password , is it possible.Don't want to expect. (1 Reply)
Discussion started by: dinjo_jo
1 Replies

5. Emergency UNIX and Linux Support

SSH password login issue

Hi All, I am facing issue in setting up passwordless login through ssh on two Solaris-10 boxes. user-id ravrwa from server tsapiq04-zrwdq01 should be able to login to server tsbrit03 as cpsuserq, which is not happening. I am not sure where is the problem, while keys are already all set. Here is... (14 Replies)
Discussion started by: solaris_1977
14 Replies

6. Solaris

Problem with ssh login without password

Hello friends, I have the problem with password less login in solaris 10. Issue : In solaris 10 I have 2 different users on is oracle and the other is archmon. when I try to ssh to the other server from oracle it is successful but when I try to ssh from archmon it fails, and it asks for the... (1 Reply)
Discussion started by: Pavankrv
1 Replies

7. SuSE

SSH issue - can't get password less login to work

Hello, I can't seem to get the password less login to work on one of my SLES 11 servers. My ssh agent lets me login to all my other servers, which are Solaris 10, RHEL 5, and SLES 11 servers. Some servers mount my home directory and others don't. The server that I'm having an issue with doesn't... (7 Replies)
Discussion started by: bitlord
7 Replies

8. Cybersecurity

Ssh password less login with different ID

Hi, I have setup password less ssh connection between Server A and Server B and I am able to connect with User2. But my requirement is, User 1 run a script in Server A to ssh into Server B as User 2 but it is asking password every time I execute. Server A: Login as User 1 and execute sh... (8 Replies)
Discussion started by: sakthi.99it
8 Replies

9. Red Hat

Need to login without password using ssh

I am using redhat 6.4 and i want to login ssh without password kindly guide me (2 Replies)
Discussion started by: kannansoft1985
2 Replies
ssh-keysign(1M)                                                                                                                    ssh-keysign(1M)

NAME
ssh-keysign - ssh helper program for host-based authentication SYNOPSIS
ssh-keysign ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the client user. ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host- basedAuthentication to yes. ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen- tication. /etc/ssh/ssh_config Controls whether ssh-keysign is enabled. /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_rsa_key These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based authentication is used. ssh-keysign will not sign host-based authentication data under the following conditions: o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri- den in users' ~/.ssh/ssh_config files. o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is invoked and the name of the user invoking ssh-keysign. In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default. See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWsshu | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ ssh(1), sshd(1M), ssh_config(4), attributes(5) AUTHORS
Markus Friedl, markus@openbsd.org HISTORY
ssh-keysign first appeared in Ox 3.2. 9 Jun 2004 ssh-keysign(1M)
All times are GMT -4. The time now is 03:33 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy