Can't Log into Solaris 10 u10 due to Pam and DH errors
Dears,,
i hope everything is going fine with you,,
Yesterday i was trying to log into My Solaris 10 u10 x86 Via SSH , But it showing me many error message and refusing to login even with with the root account and below you can find the error message:
Code:
[root@home:~] # ssh -v root@192.168.10.1
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 192.168.10.1 [192.168.10.1] port 22.
debug1: Connection established.
debug1: identity file /export/home/root/.ssh/identity type -1
debug1: identity file /export/home/root/.ssh/id_rsa type -1
debug1: identity file /export/home/root/.ssh/id_dsa type -1
debug1: Logging to host: 192.168.10.1
debug1: Local user: root Remote user: root
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.5
debug1: match: Sun_SSH_1.1.5 pat Sun_SSH_1.1.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.4
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
no common kex alg: client 'diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1', server 'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g=='
debug1: Calling cleanup 0x807177a(0x0)
After google if found that i have to delete the /etc/ssh/ssh_host_*
So i logged into the system Via Fail safe > mounted the / to /a and deleted the ssh_hos_*
After reboot the machine i found there is another logs (also the diffie-hellman error still exist :
Code:
/usr/lib/security/pam_authtok_get.so.1 writable by group
/usr/lib/security/pam_dhkeys.so.1 writable by group
That's make me very confused, after more searching i found topic advising to check for the permission for the pam files, so loged into the system Via fail-safe and found out that all files taking full permission and i believe it's not good, below you can find the permission:
Code:
-rwxrwxrwx+
So i will be appreciated if you help me in this case is really it make me confused.
So you can't login as root even directly on the console (without SSH)!!!!
Have you, or someone else, edited /etc/passwd and/or /etc/shadow directly recently?
If so, display them to your screen and check very carefully the formatting.
For example, the root account information must be on the very first line. Just inserting a blank line at the beginning of /etc/passwd will screw up all logins.
Before we suggest anything else, do these files look alright?
All the fields in them correctly delimited, etc.
---------- Post updated at 06:04 PM ---------- Previous update was at 05:23 PM ----------
I installed x86 Solaris 10 update 10 after Windows XP, later I removed xp and installed Debian 9 stretch on the same partition but, Debian couldn't find any other os so it deleted Solaris 10 grub or did something like that I couldn't got.
I thought I would be able to recover the lost record by... (0 Replies)
Does anyone know what is solution for this error ?tar: Exiting with failure status due to previous errors from last 3 days I am trying to take backup of home/user directory getting again and again same error please anyone give me solution (8 Replies)
Hello,
I an triyng to write an emergency procedure, and I need your help, or point of view.
I trying to find a way to get connected to an U10 Sun Solaris by the serial port to be able to get access to the system to debug systeme crash before restarting the server.
The SUN U10 does not... (3 Replies)
Hi,
I use a software which can create account on many system or application.
One of resource which is managed by this soft his a server SUSE Linux Enterprise Server 10 (x86_64). patch level 3.
This application which is an IBM application use ssh to launch command to create account in... (3 Replies)
Hello All,
I have Sun DSEE7 (11g) on Solaris 10.
I have run idsconfig and initialized ldap client with profile created using idsconfig.
My ldap authentication works. Here is my pam.conf
# Authentication management
#
# login service (explicit because of pam_dial_auth)
#
login ... (3 Replies)
This is a zone running Solaris 10u8 on a 6320 blade. The global zone is also running 10u8.
One my users is attempting to change his password and getting a following screen:
$ ssh remotesys
Password:
Warning: Your password has expired, please change it now.
New Password:
Re-enter new... (1 Reply)
How do we know if PAM is turned on? I think that there is no process or anything that we can check for. Anyway to ensure that rather than doing a configuration and "physical" testing on a machine? (5 Replies)
Here's the issue. Currently when I run passwd -f "username" on any account, when I try to login with said account I don't get prompted to change my password I just keep getting prompted to input a password. (Of course this works just fine with telnet)Is there something i need to add to... (7 Replies)
I am trying to compile the pro*C file but gives errors. It says it encountered "std" while it was expecting ; , = ( $ $ORACLE_HOME/bin/proc tradewind/dataaccess/Blob.pcc
Pro*C/C++: Release 10.2.0.3.0 - Production on Fri May 9 11:10:54 2008
Copyright (c) 1982, 2005, Oracle. All rights... (0 Replies)
06-29-2014
[/IMG]