05-18-2009
Hi Jim,
Thanks for your feedback - I only though my system would be wide open if I'd published the whole keys, but I do stand to be corrected.
My understanding was that it was only Openssh that would use the .ssh directory, whereas the F-Secure version used .ssh2. I did actually remove the .ssh directory completely, and it didn't make any difference regarding connectivity.
The user's home directory is 755, so isn't writable by the world.
I can only assume the issue is on the NT server side, and believe I'll just have to set up the interface with a password built in.
Thanks,
Steve
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi all,
I have got a Solaris machine and I have several user account setup up with the .ssh and authorized_keys file in their home directories.
I have check all the permission and ownership and they are all indentical and belongs to the user ID and group respectively. However one of the... (3 Replies)
Discussion started by: stancwong
3 Replies
2. Shell Programming and Scripting
Hello Guys,
I need your help. I am trying to create a script to change password for multipls servers but having problem when it comes to ssh key authentication. Does anyone have a sample script that will disable ssh key authentication for multiple servers?;) (3 Replies)
Discussion started by: youdexter
3 Replies
3. Shell Programming and Scripting
Hi Team,
we have problem with sftp. Though SA team has setup the keys between 2 server, sftp still prompts for the password. After many attempt to rectify the problem, SA has asked us force the SSH key based authentication by using following command.
sftp2 --indetity="folder/private_key"... (6 Replies)
Discussion started by: ace_friends22
6 Replies
4. Red Hat
Hi All;
I have an issue with password less authentication via ssh ( v2)
I have two servers Server A and Server B, following are the server details
Server A
OS - HP UX B.11.11 U 9000/800
SSH - OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.000, HP-UX... (3 Replies)
Discussion started by: maverick_here
3 Replies
5. Solaris
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Discussion started by: aixlover
1 Replies
6. HP-UX
We are trying to do a key exchange from Sun solaris server to HP UNIX server. Errro we are getting is as below:-
sshd2: connection from "10.13.240.6"
sshd2: auths-pam: PAM subprocess returned packet SSH_PAM_OP_ERROR. (err_num: 32, err_msg: General Commercial Security error)
sshd2: User... (4 Replies)
Discussion started by: sandipmandal
4 Replies
7. UNIX for Advanced & Expert Users
I setup passwordless authentication on a Ubuntu vm by ssh'ing into the localhost. I'm trying to do the same thing on another machine but it's not working. I believe I have the permissions setup properly and keygen'd. Is there a way to disable passwordless authentication? I have permission to... (4 Replies)
Discussion started by: MaindotC
4 Replies
8. Red Hat
Hello,
Need a suggestion to setup private key passwordless authentication. I am not sure this can done or not :wall:
here is the sincerio
I have two servers, sever1 with a user "user1" and servera with usera
here dataflow: usera from servera, will pull/push files to server1 on user1... (2 Replies)
Discussion started by: bobby320
2 Replies
9. UNIX for Advanced & Expert Users
Hi All,
this is the very first time i am going to use SSH authentication. first i login to server@ and under this ..ssh directory of servera i used this following command:
ssh-keygen -t rsa -b 1024
and i had 2 files(bravo_dbtest and bravo_dbtest.pub) created respectively, further i copied the... (13 Replies)
Discussion started by: lovelysethii
13 Replies
10. UNIX for Advanced & Expert Users
hi All,
this issue is regarding ssh key authentication, although i have performed this activity on two separate servers, now i have to configure the same again on 2 more servers. i did everything what i did earlier but this time i am getting some error, and i am unable to understand what exactly... (2 Replies)
Discussion started by: lovelysethii
2 Replies
LEARN ABOUT DEBIAN
authen::tacacsplus
TacacsPlus(3pm) User Contributed Perl Documentation TacacsPlus(3pm)
NAME
Authen::TacacsPlus - Perl extension for authentication using tacacs+ server
SYNOPSIS
use Authen::TacacsPlus;
$tac = new Authen::TacacsPlus(Host=>$server,
Key=>$key,
[Port=>'tacacs'],
[Timeout=>15]);
or
$tac = new Authen::TacacsPlus(
[ Host=>$server1, Key=>$key1, [Port=>'tacacs'], [Timeout=>15] ],
[ Host=>$server2, Key=>$key2, [Port=>'tacacs'], [Timeout=>15] ],
[ Host=>$server3, Key=>$key3, [Port=>'tacacs'], [Timeout=>15] ],
... );
$tac->authen($username,$passwords);
Authen::TacacsPlus::errmsg();
$tac->close();
DESCRIPTION
Authen::TacacsPlus allows you to authenticate using tacacs+ server.
$tac = new Authen::TacacsPlus(Host=>$server,
Key=>$key,
[Port=>'tacacs'],
[Timeout=>15]);
Opens new session with tacacs+ server on host $server, encrypted with key $key. Undefined object is returned if something wrong (check
errmsg()).
With a list of servers the order is relevant. It checks the availability of the Tacacs+ service using the order you defined.
Authen::TacacsPlus::errmsg();
Returns last error message.
$tac->authen($username,$password,$authen_type);
Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason).
$authen_type is an optional argument that specifies what type of authentication to perform. Allowable options are:
Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default) Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP
Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP
ASCII uses Tacacs+ version 0, and will authenticate against the "login" or "global" password on the Tacacs+ server. If no authen_type is
specified, it defaults to this type of authentication.
PAP uses Tacacs+ version 1, and will authenticate against the "pap" or "global" password on the Tacacs+ server.
CHAP uses Tacacs+ version 1, and will authenticate against the "chap" or "global" password on the Tacacs+ server. With CHAP, the password
if formed by the concatenation of
chap id + chap challenge + chap response
There is example code in test.pl
If you use a list of servers you can continue using $tac->authen if one of them goes down or become unreachable.
$tac->close();
Closes session with tacacs+ server.
EXAMPLE
use Authen::TacacsPlus;
$tac = new Authen::TacacsPlus(Host=>'foo.bar.ru',Key=>'9999');
unless ($tac){
print "Error: ",Authen::TacacsPlus::errmsg(),"
";
exit(1);
}
if ($tac->authen('john','johnpass')){
print "Granted
";
} else {
print "Denied: ",Authen::TacacsPlus::errmsg(),"
";
}
$tac->close();
AUTHOR
Mike Shoyher, msh@corbina.net, msh@apache.lexa.ru
Mike McCauley, mikem@open.com.au
BUGS
only authentication is supported
only one session may be active (you have to close one session before opening another one)
SEE ALSO
perl(1).
perl v5.14.2 2012-01-17 TacacsPlus(3pm)