Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sshd (openssh) on SunOS without root privileges
Operating Systems Solaris sshd (openssh) on SunOS without root privileges Post 302175393 by sayeo on Thursday 13th of March 2008 07:36:51 PM
Old 03-13-2008
OK, I think I'm getting somewhere....

I changed the ports in ssh_config and sshd_config to 10003 from 22. Then sshd -de gave me:

debug1: sshd version OpenSSH_4.7p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: setgroups() failed: Not owner
debug1: rexec_argv[0]='/home/shay/a/yeo/local/sbin/sshd'
debug1: rexec_argv[1]='-de'
debug1: Bind to port 10003 on ::.
Server listening on :: port 10003.
debug1: Bind to port 10003 on 0.0.0.0.
Server listening on 0.0.0.0 port 10003

then I did
user@destination$ ssh -R 10000:localhost:10003 middleuser@middle
from my home machine (destination)

then I did
user@remote$ ssh destinationuser@middle -p 10000
from a remote machine, and on the terminal which I ran sshd -de, this appears:
debug1: fd 6 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 11
debug1: sshd version OpenSSH_4.7p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: setgroups() failed: Not owner
debug1: inetd sockets after dupping: 4, 4
Connection from 128.210.10.101 port 39851
debug1: Client protocol version 2.0; client software version OpenSSH_4.6
debug1: match: OpenSSH_4.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user yeo service ssh-connection method none
debug1: attempt 0 failures 0
Failed none for yeo from 128.210.10.101 port 39851 ssh2
debug1: userauth-request for user yeo service ssh-connection method keyboard-interactive
debug1: attempt 1 failures 1
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=yeo devs=
debug1: kbdint_alloc: devices ''
Failed keyboard-interactive for yeo from 128.210.10.101 port 39851 ssh2
debug1: userauth-request for user yeo service ssh-connection method password
debug1: attempt 2 failures 2
Could not get shadow information for yeo
Failed password for yeo from 128.210.10.101 port 39851 ssh2

It seems I'm almost there except my server doesn't recognize the username that's SSHing in........
Oh, and the solaris running is version 10. Thanks for your help so far!
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Root privileges &Sudoer

Hi guys... how can a root assign a user all or most of the root privileges? is sudoer comand enough 4 this? thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies

2. Programming

root privileges

Hi I have make a program that needs root privleges but any user can try to run it, so what I want it is, when any user tries( other than root ) to run the program, an input prompt would open to enter root password ( if user knows ) and program will run ( otherwise exit ), and after completing... (21 Replies)
Discussion started by: sumsin
21 Replies

3. IP Networking

Change the root directory for apache, sshd and ftpd

Helo ! I want to do something and I don't know where to start... I want to make a small web hosting server (just for me and a few friends) and for the sake of learning I'd like to make an account for every user. The thing is that I want everyone to log into the server and to be put in his home... (3 Replies)
Discussion started by: Sergiu-IT
3 Replies

4. Solaris

running sshd server from home directory without root access

Hi, I managed to install openssh from source on my home directory on a server I don't have root access to. I had problems with privilege separation because of permissions initially so I disabled it in sshd_config. But when I run sshd from where I installed it by doing ~/local/sbin/sshd, nothing at... (0 Replies)
Discussion started by: sayeo
0 Replies

5. UNIX for Dummies Questions & Answers

root privileges

Hello, As admin with root rights, to execute any command from another user without password-ask, I do : su - <user> -c "<cmd>" But how can I do to give the same rights to another physical user without using root user ? :confused: I've try to create another user "toor" with the same primary... (4 Replies)
Discussion started by: madmat
4 Replies

6. Linux

grant root privileges to ordinary user

Hi, Is it possible to grant root privileges to an ordinary user? Other than 'sudo', is there some way under Users/Groups configuration? I want ordinary user to be able to mount, umount and use command mt. /Brendan (4 Replies)
Discussion started by: brendan76
4 Replies

7. Shell Programming and Scripting

Privileges like root

My English is no very good. I must make a bash scripting sh create like a backdoor, and when execute the script a user without privileges convert in super user or root, whithout introducing the password. In Spanish: Crear un script que sirva como puerta trasera al sistema, de manera que al... (1 Reply)
Discussion started by: kitievbr
1 Replies

8. Solaris

Gaining root privileges

Hello I am a new (and only) administrator of a Solaris 10 environment. The previous admin gave me a use (say user123) that is supposed to have administrative privileges. Now the problem is, the user does not have this privilege! Here is what i tried so far: $ id uid=109(user123) gid=1(other)... (3 Replies)
Discussion started by: abohmeed
3 Replies

9. HP-UX

User with root privileges in hp ux

hi, i am new in hp ux and i must create a user with root privileges and so i disable ssh connection from root login. thanks.. (6 Replies)
Discussion started by: eliste
6 Replies

10. UNIX for Dummies Questions & Answers

Can you gain root privileges if the suid program does not belong to root?

I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way? I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies

LEARN ABOUT SUNOS

root_archive

root_archive(1M)														  root_archive(1M)

NAME

       root_archive - manage bootable miniroot archives

SYNOPSIS

       /boot/solaris/bin/root_archive  pack  archive root

       /boot/solaris/bin/root_archive  unpack  archive root

       /boot/solaris/bin/root_archive  packmedia  solaris_image root

       /boot/solaris/bin/root_archive  unpackmedia  solaris_image root

       The  root_archive  utility is used to manage bootable miniroot archives and is currently only available on  platforms. The utility can pack
       and unpack boot/root archives in both ufs and hsfs (iso9660) format. It will always generate ufs archives.

       root_archive also uses the lofi file driver to export a file as a block device (see lofi(7D)) and mount to mount or  unmount  file  systems
       and remote resources (see mount(1M)). root_archive requires the same privileges that are needed to run these commands.

SUBCOMMANDS

       The root_archive command has the following subcommands:

       pack archive root

	   Pack from the image found under the root directory to the archive.

       unpack archive root

	   Unpack from the archive to an unpacked image under the root directory.

       packmedia solaris_image root

	   Pack the solaris image to the root directory.

       unpackmedia solaris_image root

	   Unpack the solaris image from the root directory.

       For  packmedia  and  unpackmedia,  other items that do not go into the ramdisk image are copied or uncopied (see cpio(1)) as well. Specifi-
       cally, this includes all the packaging databases needed for pkgadd and the other packaging utilities to succeed which are not used  in  the
       running and hence pruned to conserve memory.

EXAMPLES

       Example 1: Unpacking the Solaris x86 install image

       The following command unpacks the current Solaris image from the root directory:

       # root_archive unpackmedia 
       /export/nv/solarisdvd.nvx_dvd/latest /export/Boot

       Where  /export/nv/solarisdvd.nvx_dvd/latest  represents	a path to a Solaris x86 install image and /export/Boot is a directory that will be
       purged or created, as necessary.

       Example 2: Packing the Solaris x86 install image

       The following command packs the current Solaris image to the root directory:

       # root_archive packmedia 
       /export/nv/solarisdvd.nvx_dvd/latest /export/Boot

       The following exit values are returned:

       0

	   The command completed successfully.

       1

	   The command exited due to an error.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Stable			   |
       +-----------------------------+-----------------------------+

       cpio(1), bootadm(1M), mount(1M), attributes(5), lofi(7D)

								    26 Sep 2005 						  root_archive(1M)
All times are GMT -4. The time now is 07:37 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy