The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Operating Systems > AIX
Problems with SSH / telnet Problems with SSH / telnet
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read


AIX AIX is IBM's industry-leading UNIX operating system that meets the demands of applications that businesses rely upon in today's marketplace.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Running Script from Telnet - Problems pauljohn UNIX for Dummies Questions & Answers 1 10-03-2006 01:58 PM
Problems with telnet. cordobapablo UNIX for Dummies Questions & Answers 2 10-17-2005 10:22 AM
Problems with Telnet Lestat UNIX for Dummies Questions & Answers 1 07-22-2005 06:28 PM
Unix SCO 5.0.6 Telnet Problems josramon UNIX for Dummies Questions & Answers 2 03-09-2004 06:28 PM
SCO openserver 5.0.6 Telnet Problems josramon UNIX for Dummies Questions & Answers 6 06-05-2003 10:11 AM

Closed Thread
Page 3 of 3 12 3
English Japanese Spanish French German Portuguese Italian Dutch Swedish Russian Norwegian Hungarian Hebrew Danish Powered by Powered by Google
 
LinkBack Thread Tools Search this Thread Rate Thread Display Modes
  #15 (permalink)  
Old 10-17-2008
Neo's Avatar
Neo Neo is offline Forum Staff  
Administrator
  
 

Join Date: Sep 2000
Location: Asia Pacific
Posts: 6,656
Quote:
Originally Posted by shockneck View Post
T If nobody at your datacenter can name exactly where this additional security compared to the current version of OpenSSH is you might consider using OpenSSH instead. Reason is that you will get faster and better response to questions related to a product that is widely used compared to some niche product.
I agree. If there is no bone fide security reason not to use OpenSSH, then the poster is better to switch, because he will have open support.
  #16 (permalink)  
Old 10-17-2008
bakunin bakunin is offline Forum Staff  
Bughunter Extraordinaire
  
 

Join Date: May 2005
Location: In the leftmost byte of /dev/kmem
Posts: 1,628
I checked with a colleague who happened to know the Tectia product: the difference is that normal ftp can provide a chrooted environment for every user, but the sftp can't do that, at least not out of the box, while Tectias sftp does have this functionality.

This might be perceived as being "more secure" to people who have no idea at all how ftp really works, which is, sad to say, quite often the case in auditing teams who in turn come up with some some "security-enhancement" which in fact is just plain silliness. I have once heard a default umask of 777 mentioned as desirable from such folk. Its usually the administrators who have to suffer from these, ahem, ideas.

Sorry, this won't help you with your problem but now i feel some relief. ;-))

bakunin

PS: I strongly suggest that you find out if this functionality is really needed at all in your case and if it isn't (which is most likely the case) you switch to openSSL products as suggested by Neo and shockneck. And i hop this helps.

bakunin
  #17 (permalink)  
Old 10-17-2008
vbe's Avatar
vbe vbe is offline Forum Staff  
Moderator
  
 

Join Date: Sep 2005
Location: Switzerland - GE
Posts: 1,568
Isnt the product trying to open some closed/filtered port you know like above 9000 after having used 443 ?

Just thoughts...
  #18 (permalink)  
Old 10-22-2008
Hille Hille is offline
Registered User
  
 

Join Date: Aug 2008
Location: Belgium
Posts: 13
Thanks for the replies. I think that the root user doesn't use his .profile and /etc/profiles files and therefore can't login to the server. All of the permissions however are correct (just like in other boxes). I've checked many things together with my collegue but nothing came out of it. It's a very strange error in the system..
  #19 (permalink)  
Old 11-12-2008
bots bots is offline
Registered User
  
 

Join Date: Jul 2008
Posts: 1
hey,

I'm not sure of this particular version/type of ssh.. I use open ssh on AIX.. have u tried checking the entries in /etc/ssh/sshd_config?

in a fully implemented ssh environment, there should be a user@server entry under the AllowUsers key?. If you make a change to this file, the ssh demon needs a restart too.

cheers.
  #20 (permalink)  
Old 11-16-2008
csorhand csorhand is offline
Registered User
  
 

Join Date: Oct 2008
Posts: 81
Hille,

Have you tried setting the permission of your /home to 700.? I have strange encounters with ssh that user root can't login. Tried setting world writeable to 777 but it doesnt work. Tried 700 and the systems works.
  #21 (permalink)  
Old 12-11-2008
ghp ghp is offline
Registered User
  
 

Join Date: Dec 2008
Location: Zwevegem, Belgium
Posts: 13
Quote:
Originally Posted by Hille View Post
This is the output of lsuser root.

root id=0 pgrp=system groups=system,bin,sys,security,cron,audit,lp,exploit home=/ shell=/usr/bin/ksh auditclasses=general login=true su=true rlogin=true daemon=true admin=true sugroups=ALL admgroups=<all groups> tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registry=files SYSTEM=compat logintimes= loginretries=0 pwdwarntime=0 account_locked=false minage=0 maxage=0 maxexpired=-1 minalpha=0 minother=0 mindiff=0 maxrepeats=8 minlen=0 histexpire=0 histsize=0 pwdchecks= dictionlist= fsize=-1 cpu=-1 data=-1 stack=-1 core=4194302 rss=65536 nofiles=20000 fsize_hard=-1 cpu_hard=-1 data_hard=-1 stack_hard=-1 time_last_login=1223971121 time_last_unsuccessful_login=1224082704 tty_last_login=/dev/pts/11 tty_last_unsuccessful_login=/dev/pts/0 host_last_login=<all servers> host_last_unsuccessful_login=server2 unsuccessful_login_count=13 roles=


The 'host_last_login' is kind of strange though because every server is listed, normally there is only 1 or so? It's like every server tried to connect at the same time, not certain though if it has anything to do with the problem.
The host_last_login is the cause of your problems, the entry is too long. Clean your /etc/security/lastlog. Probably caused by an entry in /etc/hosts with too many aliases.
Sponsored Links
Closed Thread
Page 3 of 3 12 3

Bookmarks

Tags
shell script, shell scripting, unix scripting, unix scripting basics

« merge text files | Technology Level update errors »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -4. The time now is 03:40 AM.

The UNIX and Linux Forums - Learn UNIX and UNIX Commands RSS Feeds - Contact Us - The UNIX and Linux Forums - Learn UNIX and UNIX Commands - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited. Language Translations Powered by .
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
The UNIX and Linux Forums Content Copyright ©1993-2009. All Rights Reserved.Ad Management by RedTyger

Content Relevant URLs by vBSEO 3.2.0