Public private key setup issue in Solaris 10 | Unix Linux Forums | Solaris

  Go Back    


Solaris The Solaris Operating System, usually known simply as Solaris, is a Unix-based operating system introduced by Sun Microsystems. The Solaris OS is now owned by Oracle.

Public private key setup issue in Solaris 10

Solaris


Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 02-12-2013
muraliinfy04 muraliinfy04 is offline
Registered User
 
Join Date: Mar 2010
Last Activity: 12 March 2014, 3:09 AM EDT
Location: Chennai,India
Posts: 73
Thanks: 13
Thanked 0 Times in 0 Posts
Oracle Public private key setup issue in Solaris 10

Hi i am using solaris 10.I am trying to setup a public/private key but it is not working.Appreciate your repsonse on it

There are two servers DB1 server and DB2 server.

1)I have generated public/private key using below step on both servers.
ssh-keygen -t rsa
2)From DB1 server moved the public key to the DB2 server and appended to the authorized_keys and changed permission as below.
scp ~/.ssh/id_rsa.pub mzty3f@DB2@:/tmp/id_rsa.pub.DB1
cat /tmp/id_rsa.pub.DB2 >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
3)Same step repeated on DB2 server,moved the public key to the DB2 server and appended to the authorized_keys and changed
scp ~/.ssh/id_rsa.pub mzty3f@DB1:/tmp/id_rsa.pub.DB2
cat /tmp/id_rsa.pub.DB1 >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
4) when i do ssh still it is prompting for password.I have done this setup using root.please help me on this error

Last edited by muraliinfy04; 02-12-2013 at 05:48 AM..
Sponsored Links
    #2  
Old 02-12-2013
elixir_sinari's Avatar
elixir_sinari elixir_sinari is offline Forum Advisor  
Gotham Knight
 
Join Date: Mar 2012
Last Activity: 18 April 2014, 12:09 AM EDT
Location: India
Posts: 1,412
Thanks: 100
Thanked 495 Times in 472 Posts
Turn on the verbose/debug mode of ssh using the -v option and post the output.
Sponsored Links
    #3  
Old 02-12-2013
muraliinfy04 muraliinfy04 is offline
Registered User
 
Join Date: Mar 2010
Last Activity: 12 March 2014, 3:09 AM EDT
Location: Chennai,India
Posts: 73
Thanks: 13
Thanked 0 Times in 0 Posts
Thanks for the reply.Please find the requested output.let me know anything else is needed.

dcwipphvom001 # ssh -v
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
You have to specify host.
Usage: ssh [options] host [command]
Options:
-l user Log in using this user name.
-n Redirect input from /dev/null.
-F config Config file (default: ~/.ssh/config).
-A Enable authentication agent forwarding.
-a Disable authentication agent forwarding (default).
-X Enable X11 connection forwarding.
-x Disable X11 connection forwarding (default).
-i file Identity for public key authentication (default: ~/.ssh/identity)
-t Tty; allocate a tty even if command is given.
-T Do not allocate a tty.
-v Verbose; display verbose debugging messages.
Multiple -v increases verbosity.
-V Display version number only.
-q Quiet; don't display any warning messages.
-f Fork into background after authentication.
-e char Set escape character; ``none'' = disable (default: ~).
-c cipher Select encryption algorithm
-m macs Specify MAC algorithms for protocol version 2.
-p port Connect to this port. Server must be on the same port.
-L listen-port:host:port Forward local port to remote address
-R listen-port:host:port Forward remote port to local address
These cause ssh to listen for connections on a port, and
forward them to the other side by connecting to host:port.
-D port Enable dynamic application-level port forwarding.
-C Enable compression.
-N Do not execute a shell or command.
-g Allow remote hosts to connect to forwarded ports.
-1 Force protocol version 1.
-2 Force protocol version 2.
-4 Use IPv4 only.
-6 Use IPv6 only.
-o 'option' Process the option as if it was read from a configuration file.
-s Invoke command (mandatory) as SSH2 subsystem.
-b addr Local IP address.

    #4  
Old 02-12-2013
elixir_sinari's Avatar
elixir_sinari elixir_sinari is offline Forum Advisor  
Gotham Knight
 
Join Date: Mar 2012
Last Activity: 18 April 2014, 12:09 AM EDT
Location: India
Posts: 1,412
Thanks: 100
Thanked 495 Times in 472 Posts
While connecting and not by itself!

Code:
ssh -v username@host

Sponsored Links
    #5  
Old 02-12-2013
muraliinfy04 muraliinfy04 is offline
Registered User
 
Join Date: Mar 2010
Last Activity: 12 March 2014, 3:09 AM EDT
Location: Chennai,India
Posts: 73
Thanks: 13
Thanked 0 Times in 0 Posts
dcwipphvom001 # ssh -v root@148.93.1.222

Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 148.93.1.222 [148.93.1.222] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Logging to host: 148.93.1.222
debug1: Local user: root Remote user: root
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.4
debug1: match: Sun_SSH_1.1.4 pat Sun_SSH_1.1.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.4
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: i-default
debug1: Peer sent proposed langtags, stoc: i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 147/256
debug1: bits set: 1581/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '148.93.1.222' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug1: bits set: 1567/3191
debug1: ssh_rsa_verify: signature correct
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
Subject to applicable law, anyone using the Network expressly consents to:
1) having his/her network activity monitored and recorded; and,
2) using the Network only in accordance with the terms of the applicable
Acceptable Use Practices (www.NetworkAUP.com < http://www.networkaup.com/ > ).
Your work product created, transmitted or stored on GM networks or systems,
including your name or other personally identifiable information, may be shared
with other GM entities, suppliers and third parties around the globe when required for
business or legal purposes.
BE ADVISED, that improper usage of the network and/or computing systems and
equipment may result in disciplinary action, up to and including termination of employment.
If possible criminal activity is detected, system records may be provided
to law enforcement officials
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149 lastkey 6eed8 hint 1
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:

Sponsored Links
    #6  
Old 02-13-2013
GP81 GP81 is offline
Registered User
 
Join Date: Nov 2012
Last Activity: 13 January 2014, 7:20 AM EST
Location: Warsaw, Poland
Posts: 65
Thanks: 0
Thanked 14 Times in 13 Posts
Did you enabled root login in /etc/ssh/sshd_config ?
There should be:

Code:
PermitRootLogin yes

The Following User Says Thank You to GP81 For This Useful Post:
muraliinfy04 (02-13-2013)
Sponsored Links
    #7  
Old 02-13-2013
muraliinfy04 muraliinfy04 is offline
Registered User
 
Join Date: Mar 2010
Last Activity: 12 March 2014, 3:09 AM EDT
Location: Chennai,India
Posts: 73
Thanks: 13
Thanked 0 Times in 0 Posts
Hi thanks for the response.it worked.
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
how to create a public/private key using ssh-keygen rahul125 UNIX for Dummies Questions & Answers 1 10-27-2011 11:33 PM
Solaris 8 ssh public key authentication issue - Server refused our key aixlover Solaris 1 05-25-2011 04:07 PM
SFTP in a shell script without public/private key Alexis Duarte Shell Programming and Scripting 6 12-30-2009 08:12 PM
SSL Public key/Private question tical00 UNIX for Dummies Questions & Answers 3 06-04-2009 12:52 AM
Public/Private Key SSH from UNIX to Windows (Cygwin) kclerks11 Windows & DOS: Issues & Discussions 9 12-02-2008 10:30 PM



All times are GMT -4. The time now is 07:37 PM.