Login or Register to Ask a Question and Join Our Community


AIX

OpenSSH always ask for password

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX OpenSSH always ask for password
# 8  
Old 05-26-2010
This is strange. I just noticed that i have as well in config file .ssh/authorized_keys and those keys are being read from .ssh/authorized_keys2 Smilie and its working.

EDIT: Just found that if you leave commented out this line "#AuthorizedKeysFile" in /etc/ssh/ssd_config file, ssh will look for both authorized_keys or authorized_keys2 in .ssh/ file

---------- Post updated at 10:40 AM ---------- Previous update was at 10:35 AM ----------

And I can see this line in your first output

Code:
debug1: After function load_identity_file

I don't know what is that but I don't have it in my output's.

Found something about that function: "When using publickey authentication, the private key is loaded from an
IdentityFile using ssh2connect.c's load_identity_file() function. A
stat(2) is used to ensure that the file exists, and then the key is
loaded. "



---------- Post updated at 10:55 AM ---------- Previous update was at 10:40 AM ----------

And what about your permissions ?

Code:
-rw-r--r--    1 root     system         1000 May 26 12:27 authorized_keys2

Last edited by phobus; 05-26-2010 at 08:28 AM..
# 9  
Old 05-26-2010
It seems, that the permissions are right too:

Code:
-rw-r--r---    1 root     system         1112 Jan 12 2009  authorized_keys2

In which format is you authorized_keys2?
My is in ssh-dss (first words in file). But I think, that is not relevant.
# 10  
Old 05-26-2010
This:

Code:
[lpar_a07:root:/home/root/.ssh:] cat authorized_keys2

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQE= root@*****
ssh-dss AAAAB3NzaC1kc3MAAA= root@*****

# 11  
Old 05-27-2010
Ok, Iīve only one entry, but I think thats ok.
Iīm very confused and have no idea what I should do! Smilie

---------- Post updated 27th May 2010 at 07:08 AM ---------- Previous update was 26th May 2010 at 03:38 PM ----------

New day, new idea! :-)

Now I have enabaled debug mode of the sshd on the destination-host.
When I try to connect, the following Error occurred:

Code:
   debug1: trying public key file //.ssh/authorized_keys
  debug1: fd 5 clearing O_NONBLOCK
  Authentication refused: bad ownership or modes for file /
  debug1: restore_uid: 0/0
  debug1: temporarily_use_uid: 0/0 (e=0/0)
  debug1: trying public key file //.ssh/authorized_keys2
  debug1: fd 5 clearing O_NONBLOCK
  Authentication refused: bad ownership or modes for file /

But I donīt know what is wrong in the permissions of / !?
Iīm confused, that the keyfile is searched in //.ssh/authorized_keys2
Why are there two slashes (//)?

# 12  
Old 05-27-2010
But what permissions and ownership do you have on / ?

---------- Post updated at 06:49 AM ---------- Previous update was at 06:39 AM ----------

I just read on another forum , there was one guy he got the same problem like you but on his /home/user directory. He had on that directory write permissions for group. After he removed it it worked.

---------- Post updated at 06:53 AM ---------- Previous update was at 06:49 AM ----------

Or you can try put/change this setting in your /etc/ssh/sshd_config file

Code:
StrictMode No

This is what it does :
StrictModes yes
The option StrictModes specifies whether ssh should check user's permissions in their home directory and rhosts files before accepting login. This option must always be set to yes because sometimes users may accidentally leave their directory or files world-writable.
# 13  
Old 05-27-2010
MySQL
Problem solved!

The problem was, that root was not owner of / !!

Code:
drwxr-xr-x   43 3211     system         4096 May 27 08:48 .

Why the hell is not clear but I change it to root and now it works fine!

@phobus: Thank you for your support. I think without you I never found the error. THANKS a lot!

Bye,
Heiko
# 14  
Old 05-27-2010
I am glad you solved it , and you are welcome Smilie .
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

2. Red Hat

How to make a Password-Less Login from Windows to Linux using OpenSSH?

I installed the OpenSSH on my Windows Machine. I want to connect to the remote Linux machine without typing password. I followed the bellow instructions but the SSH needs password to establish the connection yet. Open CMD and run: ssh-keygen -t rsa (The public and private keys are generated in... (1 Reply)
Discussion started by: manoj.solaris
1 Replies

3. Red Hat

Openssh 6.8

Hi im using redhat enterprise linux 7 im trying to update to the latest openssh version 6.8 i ran the command yum update openssh and this upgraded only to version 6.6 how can i update to the latest version 6.8? thanks! (5 Replies)
Discussion started by: guy3145
5 Replies

4. UNIX for Advanced & Expert Users

openssh 5.3 needs password vs. 4.3 using private keys

Hello, I just installed a bran new Centos 6.2 including openssh 5.3. On older servers I installed older Linux including openssh 4.3, I am using keygen with private/public keys to log root on all servers (in a LAN) without typing password each time. To do this, of course, I have my local... (4 Replies)
Discussion started by: epoins
4 Replies

5. UNIX for Advanced & Expert Users

Password Aging with Openssh 5.2 SFTP Subsystem Jail

All, I enabled PAM and aged a password, but when I login it asks me for the current password then says password unchanged after entering the current password. Is this a bug? My security dept is going to want me to enable password aging and I'm stuck! Any help on what the issu is? ... (6 Replies)
Discussion started by: markdjones82
6 Replies

6. UNIX Desktop Questions & Answers

OpenSSH

Hello, I downloaded Cygwin to practice on my coursework from home. I was told to download the OpenSSH from Cygwin website so that I can access my files from home. However, the file saves itself with a cgi extension and I have no idea as to what I am supposed to do next. I found info on some... (1 Reply)
Discussion started by: feliks0
1 Replies

7. Solaris

PAM, Solaris, Openssh and Forcing a password change

Here's the issue. Currently when I run passwd -f "username" on any account, when I try to login with said account I don't get prompted to change my password I just keep getting prompted to input a password. (Of course this works just fine with telnet)Is there something i need to add to... (7 Replies)
Discussion started by: woodson2
7 Replies

8. Solaris

password less login from openssh to SSH Secure Shell 3.0.1 Sun solaris 7

Hi, I would like to login from a Sun server running ssh: Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f to ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6 How can I achieve this? Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies

9. UNIX for Advanced & Expert Users

OpenSSH and password aging

Vesion 3.8.1 of OpenSSH has been compiled on a Solaris 8 host. I am having difficulties in enabling password aging to work from reading /etc/default/passwd and /etc/shadow. # passwd -f < user-id > works satisfactorily however once a password ages through due course from the settings in... (1 Reply)
Discussion started by: raylen
1 Replies

10. UNIX for Dummies Questions & Answers

OpenSSH

Help! SSH is returning the following error message: OpenSSL version mismatch. Built against 90581f, you have 90602f How can I correct this? (21 Replies)
Discussion started by: chenly
21 Replies
Login or Register to Ask a Question