Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH: internal working but external not working
Operating Systems Solaris SSH: internal working but external not working Post 302627185 by aixlover on Friday 20th of April 2012 09:51:40 AM
Old 04-20-2012
SSH: internal working but external not working
Hi, This is a strange issue: We have an sftp server. Users can ssh to it from internal LAN without any issue, but they can not ssh to it externally via firewall. Here is what I got:

Quote:
$ ssh -v sshuser@198.111.10.98
OpenSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to 198.111.10.98 [198.111.10.98] port 22.
debug1: Connection established.
debug1: identity file /Users/sshuser/.ssh/identity type -1
debug1: identity file /Users/sshuser/.ssh/id_rsa type 1
debug1: identity file /Users/sshuser/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version 3.2.9.1 SSH Secure Shell (non-commercial)
debug1: no match: 3.2.9.1 SSH Secure Shell (non-commercial)
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host '198.111.10.98' is known and matches the DSA host key.
debug1: Found key in /Users/sshuser/.ssh/known_hosts:25
debug1: ssh_dss_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/sshuser/.ssh/identity
debug1: Offering public key: /Users/sshuser/.ssh/id_rsa
debug1: Authentications that can continue: password
debug1: Next authentication method: password
sshuser@198.111.10.98's password:
debug1: Authentications that can continue: password
Permission denied, please try again.
sshuser@198.111.10.98's password:
debug1: Authentications that can continue: password
Permission denied, please try again.
sshuser@198.111.10.98's password:
debug1: Authentications that can continue:
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/sshuser/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
debug1: Next authentication method: password
debug1: No more authentication methods to try.
Permission denied ().
OS is Solaris 9. No hosts.allow and hosts.deny files.

Quote:
sshserver# uname -a
SunOS psftp 5.9 Generic_118558-13 sun4u sparc SUNW,UltraAX-i2

sshserver# ls -l /etc/host*
-rw-r--r-- 1 root root 6 Jul 16 2004 /etc/hostname.eri0
-rw-r--r-- 1 root other 7 Jul 16 2004 /etc/hostname.eri1
lrwxrwxrwx 1 root root 12 Apr 6 2004 /etc/hosts -> ./inet/hosts
Please help. Thank you in advance!
 

8 More Discussions You Might Find Interesting

1. HP-UX

External DVD-ROM drive issue whether it is working or not? on HP rp7400

Please help me > How to diag the external DVD-ROM drive issue whether it is working or not? on HP 9000 server rp7400 I needed to install HP 11i v1 using external DVD-ROM drive on HP 9000 server rp7400. While boot in CO> “search” command is not showing DVD-ROM device only showing all disks >... (0 Replies)
Discussion started by: tpuser
0 Replies

2. UNIX for Advanced & Expert Users

external DVD-ROM drive issue whether it is working or not?on HP rp74000

old clunker - rp74000 How to diag the external DVD-ROM drives issue whether it is working or not? on HP 9000 server rp7400 Please help me > I needed to install HP 11i v1 using external DVD-ROM drive on HP 9000 server rp7400. While boot in CO> “search” command is not showing DVD-ROM device... (1 Reply)
Discussion started by: tpuser
1 Replies

3. AIX

ssh is not working !

Guy's I have AIX 6.1 SSH in it is not working but is up and Active ..... server1/etc>lssrc -s sshd Subsystem Group PID Status sshd ssh 450686 active from my PC can I login by SSH but SSH from Server1 to Server2 is not accepting it's giving me this message server1/etc>ssh sever2... (4 Replies)
Discussion started by: ITHelper
4 Replies

4. HP-UX

ssh to server is not working

When we ssh -i private key user@ip we get the password prompt. The sending servers public key is in the receiving server. We have blown away the known_hosts file on the sending server and restarted the ssh connection. We don't know what else to do. Any other suggestions? (15 Replies)
Discussion started by: jastanle84
15 Replies

5. Shell Programming and Scripting

sed internal working

Hi Experts Say I have a huge text file. I want to add a header line to the file. We can get it done in many ways. One is using a temporary file, other way say using 'sed -i' which edits the file in-place. sed is always recommended for better performance. My question is: Internally sed also might... (6 Replies)
Discussion started by: guruprasadpr
6 Replies

6. UNIX for Dummies Questions & Answers

SSH tunnel working for ssh but not for sshfs

I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible. my actions: work-machine$ ssh -L 1234:tar-machine:22 hop-machine work-machine$ ssh -p 1234 user@127.0.0.1 - shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies

7. Red Hat

SSH not working

Hi, I have a server running RHEL 6.0. While logging in through root ,I can login.But if I try to login through "integ" user,I am unable to login. /var/log/secure messages::: May 20 15:25:23 punsyncserv su: pam_unix(su-l:session): session opened for user integ by root(uid=0) May 20 15:29:44... (4 Replies)
Discussion started by: nowornever
4 Replies

8. AIX

Ssh to the same host is not working

I am trying to ssh the same host where I am logged in.It's asking for the password. Please assist me with the troubleshooting steps for this. Best regards, Vishal (4 Replies)
Discussion started by: Vishal_dba
4 Replies

LEARN ABOUT MINIX

ssh-keysign

ssh-keysign(1M) 														   ssh-keysign(1M)

NAME

       ssh-keysign - ssh helper program for host-based authentication

SYNOPSIS

       ssh-keysign

       ssh-keysign  is	used  by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
       with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the  name  of  the
       client user.

       ssh-keysign  is	disabled  by  default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
       basedAuthentication to yes.

       ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based  authen-
       tication.

       /etc/ssh/ssh_config

	   Controls whether ssh-keysign is enabled.

       /etc/ssh/ssh_host_dsa_key
       /etc/ssh/ssh_host_rsa_key

	   These  files  contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
	   only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must  be  set-uid  root  if	host-based
	   authentication is used.

       ssh-keysign will not sign host-based authentication data under the following conditions:

	 o  If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
	    den in users' ~/.ssh/ssh_config files.

	 o  If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of  the  client  where  ssh-keysign	is
	    invoked and the name of the user invoking ssh-keysign.

       In  spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
       as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

       ssh(1), sshd(1M), ssh_config(4), attributes(5)

AUTHORS

       Markus Friedl, markus@openbsd.org

HISTORY

       ssh-keysign first appeared in Ox 3.2.

								    9 Jun 2004							   ssh-keysign(1M)
All times are GMT -4. The time now is 09:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy