Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Weird SSH issue
Top Forums UNIX for Advanced & Expert Users Weird SSH issue Post 57668 by RTM on Thursday 4th of November 2004 12:54:58 PM
Old 11-04-2004
Can you get in with the user account with telnet, rlogin, and/or ftp? Can you su - user as root?

Check that the user account is okay by looking at it in /etc/passwd - insure it has a valid shell.

ssh to the server as root, then ssh to the same server as user - there may be error messages that you aren't seeing due to the window closing.

Check /var/adm/messages for any errors.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

weird domain issue.

OK so i have a virtual server where i store files. one day i tied to login and i couldn't connect to my sevrer so i logged into my ssh and checked to see if the process was running. proftp was not. I then tried to start it manually and got the error below. Now the domain listed there is not mine... (2 Replies)
Discussion started by: thirddegreekris
2 Replies

2. UNIX for Advanced & Expert Users

Weird Awk issue

Hi All, a bit of a weird one here. I'm trying to pass a variable into an awk command, and I keep getting an error. I have the line nawk -F"," -v red=$random_variable '{print $red}' $w_dir/$file_name > $w_dir/${column_name} that keeps failing with the error nawk: can't open file {print... (17 Replies)
Discussion started by: Khoomfire
17 Replies

3. HP-UX

Weird Issue with crontab.

Hello all, Normally I'm pretty comfortable with crontab, changing and updating (done it many-a-time). But in the last two days I've been pulling my hair out over the following... Details of OS: HP-UX mdirect B.11.23 U ia64 2587410573 unlimited-user license Issue: Execute a script (very... (3 Replies)
Discussion started by: Cameron
3 Replies

4. Shell Programming and Scripting

weird issue about h, g, x in SED

I have a file called merge2.t: Hi Hello how are you. </Endtag> <New> I am fine.</New> This is a test. freelong how Here is the SED: sed -n ' /<\/Endtag>/ !{ H } /<\/Endtag>/ { x p } (4 Replies)
Discussion started by: freelong
4 Replies

5. Shell Programming and Scripting

Report filtering - Weird issue and interesting - UrgentPlease

Hi, Could any one help me to extract data from a report. I would like to get the two lines which are just below the separations I have a report like this -------------------------------------------------------------------------- Pid Command Inuse Pin Pgsp Virtual... (2 Replies)
Discussion started by: ajilesh
2 Replies

6. UNIX for Advanced & Expert Users

Weird SUID issue

Hi, I am setting up SUID permissions on a binary. It gets set for most of the users, however, 1 in 10 users is unable to set these. For those who works: > chmod 6555 Test > ls -l Test -r-sr-sr-x 1 A B 5524 Nov 15 14:53 Test For those where it doesn't work: > chmod 6555 Test... (14 Replies)
Discussion started by: vibhor_agarwali
14 Replies

7. Shell Programming and Scripting

Weird tail output over ssh

Hello; Am trying to correct the formatting of tail output over ssh. Using the following code: echo "" > $FILE for BOX in $SERVERS do echo "Processing on $BOX" |tee -a $FILE echo "===============================" >> $FILE sudo ssh $BOX 'TERMINAL="vt100" /usr/bin/sh -s' <... (2 Replies)
Discussion started by: delphys
2 Replies

8. AIX

Weird nfs issue after TL upgrade

We recently upgraded 2 of our AIX 6.1 servers from TL4 to TL5. Both servers are on the same p7 780 frame, installed at the same time from the same image. Both servers are mounting the same nfs share after reboot what worked perfectly fine until the upgrade. Since the patching, one of the two... (5 Replies)
Discussion started by: zxmaus
5 Replies

9. Shell Programming and Scripting

weird equal variable issue

I run this #!/bin/bash cron=$(ps aux | grep crond | grep -v grep | grep -o crond| uniq) echo "cron :$cron:" if ; then echo "OK: crond service running fine on `hostname`" exit 2 else echo "CRITICAL: crond service not running on `hostname`" exit 0... (2 Replies)
Discussion started by: anil510
2 Replies

10. Shell Programming and Scripting

Weird issue in converting XLSX to TXT

Hi Guys, I have used Perl scripting to convert XLSX file to TXT file using Perl module Spreadsheet::XLSX. I processed one XLSX file having one column and 65k rows of data . Strangely ,It is merging data for every 2047 row and I could see data in TXT file as Ex: Suppose in XLSX file ,if... (2 Replies)
Discussion started by: Rajk459
2 Replies

LEARN ABOUT PLAN9

krb5_auth_rules

krb5_auth_rules(5)					Standards, Environments, and Macros					krb5_auth_rules(5)

NAME

       krb5_auth_rules - Overview of Kerberos V5 authorization

DESCRIPTION

       When  a	user  uses  kerberized	versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
       claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user  is  "who
       he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
       is permitted to access the Solaris user account that the client wants to access.

       Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file  should
       contain	a  Kerberos  principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
       the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.

       If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)).  If the  originating
       user's  Kerberos  V5  identity  is  in  the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
       client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
       the originating user is denied access.

       For  example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
       appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database  (see  passwd(4))  with  uid  23154,  then
       access to account jdb-user is granted.  Of course, normally, the target account name in this example would be jdb and not jdb-user.

       Finally,  if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
       be granted access to the account if and only if all of the following are true:

	 o  The user part of the authenticated principal name is the same as the target account name specified by the client.

	 o  The realm part of the client and server are the same.

	 o  The target account name exists on the server.

       For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM,  then  even	if
       jdb  is	a  valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
       differ.

FILES

       ~/.k5login      Per user-account authorization file.

       /etc/passwd     System account file. This information may also be in a directory service. See passwd(4).

ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)

NOTES

       To avoid security problems, the ~/.k5login file must be owned by the remote user.

SunOS 5.10							    13 Apr 2004 						krb5_auth_rules(5)
All times are GMT -4. The time now is 02:08 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy