01-28-2011
If your user is only going to be using SFTP and not require access to your box via SSH, you can set their "shell" to "/usr/sbin/sftp-server". The /usr/sbin/sftp-server is part of the SSH fileset included with AIX I believe. I've done this for quite a few users who will never login via SSH, they are just allowed to upload code. It even supports SSH key authentication. It isn't a big deal but it makes your box better secured.
Also, if you do decide to use it, make sure "/usr/sbin/sftp-server" is included on the "shells = ..." line in your /etc/security/login.cfg file, otherwise, it won't work.
10 More Discussions You Might Find Interesting
1. AIX
I did successful yestday as Porter's doc:
1. Create private/pub key on AIX:
$ssh-keygen -t identity
2. Get my private key from the AIX server, found in $HOME/.ssh/identity
Put that on Windows box.
I use WinSCP to transfer private key from AIX to Windows
3. Run puttygen.exe and... (8 Replies)
Discussion started by: rainbow_bean
8 Replies
2. Shell Programming and Scripting
Hi Folks,
I am writing a shell script that can logon to remote machine automatically. But, I am facing one problem. I am using "ssh" command in script and while login into remote machine it asks for passowrd and it stops for STDIN input for password. I want my script to supply password... (2 Replies)
Discussion started by: gydave
2 Replies
3. AIX
While trying to upgrade ssh from v4.7 to v5.0 on AIX 5.3 TL9, I end up with the following error.
Has anyone come across this?
Note: openssl has been upgraded to 0.9.8.840 before this upgrade
Bala (0 Replies)
Discussion started by: balaji_prk
0 Replies
4. UNIX for Advanced & Expert Users
Hi All,
When i try to do ssh from a linux to solaris box its throughing "Connection closed by remote host". Please not that this error is not occuring every time i do ssh, it occurs at random timing( Mostly ssh is successful) - unfortunately my script which is doing ssh is falling at this time... (4 Replies)
Discussion started by: pkumar7
4 Replies
5. Shell Programming and Scripting
Hi All,
I have working (Perl) code to combine 2 input files into a single output file using the join function that works to a point, but has the following limitations:
1. I am restrained to 2 input files only.
2. Only the "matched" fields are written out to the "matched" output file and... (1 Reply)
Discussion started by: Katabatic
1 Replies
6. Shell Programming and Scripting
hello,
iam able to ssh to a linux server from a linux server called "machine1" using the private/public key method, so I dont need to enter any password when I run my script but iam not able to ssh from machine1 to a UNIX server, access is denied.
note that I am using an application id which is... (6 Replies)
Discussion started by: wydadi
6 Replies
7. HP-UX
Greetings!
I am trying to perform a passwordless SSH login from a HPUX 11.31 client to a HPUX 11.31 server. Whenever I do a "ssh -l root serverA" from the client, I am prompted for a password. Giving the password, I am able to successfully login. However I am trying to accomplish a... (9 Replies)
Discussion started by: Rob Sandifer
9 Replies
8. Shell Programming and Scripting
I need a shell script using expect to login to couple of remote servers and read "crontab -l -u <username>" & "cat /etc/rc.local" & "df -h" and able to create output into a file saved locally with hostname.crontab & hostname.rc.local & disk.status. I can supply a file as list of hostname or IP... (4 Replies)
Discussion started by: jaipsharma
4 Replies
9. AIX
Hi Guys,
When using plink ( plink -ssh $IP) to connect to an AIX box, the password is correct, but always after input the password and click enter I got "access denied", then I am promted for password again, this time no matter what password I give, correct or bad, after I re-click enter, as... (2 Replies)
Discussion started by: kensview
2 Replies
10. UNIX for Advanced & Expert Users
I have a user account configuration with ssh public/private key that works on multiple servers centos and rhel. One server (Server F) that is not working in centos 6.8. When i ssh into server f I get prompted for a password. I have verified the config and it all is good. I put sshd into debug... (8 Replies)
Discussion started by: bash_in_my_head
8 Replies
LEARN ABOUT LINUX
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
August 31, 2010 BSD