02-05-2007
Quote:
Originally Posted by bucci
hi suntac,
do you know about this error?
/etc/init.d/sshd start
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/usr/local/etc/asari@ovodapp_id_dsa.pub' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /usr/local/etc/asari@ovodapp_id_dsa.pub
Could not load host key: /usr/local/etc/asari@ovodapp_id_dsa.pub
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/usr/local/etc/asari@ovodapp_id_dsa.pub' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /usr/local/etc/asari@ovodapp_id_dsa.pub
Could not load host key: /usr/local/etc/asari@ovodapp_id_dsa.pub
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
please advice
thank you so much
Regards,
bucci
I think that everyone can view and change the file /usr/local/etc/asari@ovodapp_id_dsa.pub you have to change the security settings on the files.
Can you post the ls -la results on the directory?
Regards,
Johan Louwers.
10 More Discussions You Might Find Interesting
1. Solaris
Please help urgently.
I need to setup up some sort of service on a solaris server on a port.
I dont need it do anything special, anything that is sent to this port from an external server should be dump to /dev/null or a flat file..
Can you help urgently? (1 Reply)
Discussion started by: frustrated1
1 Replies
2. Shell Programming and Scripting
Hi,
I logged into h0011awe server. I am executing a script on this server which connects to other 3 hosts (h0022sam, h0033jar, h0044orc). In the script the command are like this
orapmon=`ssh $USR@$host ps -ef|grep -v grep|grep pmon`
I am using secured shell. How to setup that between these... (2 Replies)
Discussion started by: dreams5617
2 Replies
3. Cybersecurity
I have been reading alot and we want to setup a secure ssh main login server that will handle logins for all our other servers. I have found some information but I need a really good rescource.
Can anyone help? (1 Reply)
Discussion started by: chrchcol
1 Replies
4. Solaris
Hi all,
I just bought a new system, but am unable to configure network on it..
am using a nge0 ethernet interface to login.
i've tried all i knew but not of the webpages seem to open.
Here is what i've done..
ifconfig nge0 plumb
ifconfig -a
(nge0) was being displayed as up and running.
... (23 Replies)
Discussion started by: wrapster
23 Replies
5. Red Hat
I setup the keys between 2 servers, but my user account has no password specified for it (never set one up on the account for security reasons). When I try to SSH to the server, SSH prompts for a password that doesn't exist (so I can never connect successfully).
Note: 'passwd -d Rynok' removes... (3 Replies)
Discussion started by: Rynok
3 Replies
6. AIX
Hi all,
I have N number of AIX hosts, where I need to login frequently and do some routine tasks (run some scripts). I need to setup ssh public/private key, so I can auto-login via a master (wrapper) script and run each script in each server.
I am trying to setup/generate ssh keys, but am... (6 Replies)
Discussion started by: haroon_a
6 Replies
7. AIX
Hi there,
I would like to setup an ssh connection between the aix and the mainframes server. I would like to setup a script such that it wont ask the password every time when i try to connect the mainframes server from my unix box. If you guys provide the sample script that would really... (2 Replies)
Discussion started by: overnight
2 Replies
8. Shell Programming and Scripting
Hi Guys!!
I am trying to get around the complex situation, i have a task to complete, Like to setup the remote SSH key automatically by providing the root login details, ip and ssh port once to the script input and once its tested and accepted the next ssh should be password less,
script... (0 Replies)
Discussion started by: SilvesterJ
0 Replies
9. Solaris
HI Community.
I was trying to create ssh password less authentication for one user called night and it's not working for me.
These are the steps I followed:-
I have logged into the server and issued ssh-ketgen -t rsabash-3.2$ ssh-keygen -t rsa
Generating public/private rsa key pair.... (4 Replies)
Discussion started by: bentech4u
4 Replies
10. UNIX for Dummies Questions & Answers
Hi guys,
I'm new to unix. I'm creating a small script which should fetch the server space details from different servers and it as a mail.
Right now my script is working perfectly. But i have a problem in deploying it.
I'm using the command ssh user@host 'df -h /app/directory'
We are... (1 Reply)
Discussion started by: santhosh.kptm
1 Replies
LEARN ABOUT OPENSOLARIS
ssh-add
ssh-add(1) User Commands ssh-add(1)
NAME
ssh-add - add RSA or DSA identities to the authentication agent
SYNOPSIS
ssh-add [-lLdDxX] [-t life] [ file ]...
DESCRIPTION
The ssh-add utility adds RSA or DSA identities to the authentication agent, ssh-agent(1). When run without arguments, it attempts to add
all of the files $HOME/.ssh/identity (RSA v1), $HOME/.ssh/id_rsa (RSA v2), and $HOME/.ssh/id_dsa (DSA v2) that exist. If more than one of
the private keys exists, an attempt to decrypt each with the same passphrase will be made before reprompting for a different passphrase.
The passphrase is read from the user's tty or by running the program defined in SSH_ASKPASS (see below).
The authentication agent must be running.
OPTIONS
The following options are supported:
-d Instead of adding the identity, this option removes the identity from the agent.
-D Deletes all identities from the agent.
-l Lists fingerprints of all identities currently represented by the agent.
-L Lists public key parameters of all identities currently represented by the agent.
-t life Sets a maximum lifetime when adding identities to an agent. The lifetime may be specified in seconds or in a time format speci-
fied in sshd(1M).
-x Locks the agent with a password.
-X Unlocks the agent.
ENVIRONMENT VARIABLES
DISPLAY If ssh-add needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If
SSH_ASKPASS ssh-add does not have a terminal associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the program spec-
ified by SSH_ASKPASS and open an X11 window to read the passphrase. This is particularly useful when calling ssh-add from
a .Xsession or related script.
SSH_AUTH_SOCK Identifies the path of a unix-domain socket used to communicate with the agent.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 An error occurred.
FILES
These files should not be readable by anyone but the user. Notice that ssh-add ignores a file if it is accessible by others. It is possible
to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file.
If these files are stored on a network file system it is assumed that either the protection provided in the file themselves or the trans-
port layer of the network file system provides sufficient protection for the site policy. If this is not the case, then it is recommended
the key files are stored on removable media or locally on the relevant hosts.
Recommended names for the DSA and RSA key files:
$HOME/.ssh/identity Contains the RSA authentication identity of the user for protocol version 1.
$HOME/.ssh/identity.pub Contains the public part of the RSA authentication identity of the user for protocol version 1.
$HOME/.ssh/id_dsa Contains the private DSA authentication identity of the user.
$HOME/.ssh/id_dsa.pub Contains the public part of the DSA authentication identity of the user.
$HOME/.ssh/id_rsa Contains the private RSA authentication identity of the user.
$HOME/.ssh/id_rsa.pub Contains the public part of the RSA authentication identity of the user.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
ssh(1), ssh-agent(1), ssh-keygen(1), sshd(1M), attributes(5)
SunOS 5.11 9 Jan 2004 ssh-add(1)