Login or Register to Ask a Question and Join Our Community


Solaris

ssh issue

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris ssh issue
# 8  
Old 03-04-2010
I can't access the server remotely now because ssh is not accepting connections .
But a workmate said he sshed locally and it works very well.
I'll make sure by myself later when i have access to the server's console .
i am assure the issue is not with putty because i tried multiple fresh putty exes downloaded directly from the offical site on multiple machines
also i tried to ssh from a solaris host with no luck .
the output of
Code:
svcs | grep ssh

is as the following
Code:
online         11:58:23 svc:/network/ssh:default

the code snippet is sent to me when i and workmate tried to solve the problem
# 9  
Old 03-04-2010
Quote:
Originally Posted by h@foorsa.biz
i tried to ssh from a solaris host with no luck .
From that other Solaris host, run:
Code:
ssh -vvv server

and post the output.

You might also enable temporarily telnet an see if local an remote access work with this simpler protocol:
Code:
svcadm enable -t telnet

# 10  
Old 03-04-2010
i sshed from the other solaris host
with the following command
Code:
ssh -vvv user@xxx.xxx.xxx.xxx -p 8080

please note : ssh listening port is set to 8080

the following output came out then a promport for password

Code:
-bash-3.00$ ssh -vvv user@xxx.xxx.xxx.xxx -p 8080
Sun_SSH_1.1.2, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 8080.
debug1: Connection established.
debug1: identity file /export/home/user/.ssh/identity type -1
debug1: identity file /export/home/user/.ssh/id_rsa type -1
debug1: identity file /export/home/user/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.2
debug1: match: Sun_SSH_1.1.2 pat Sun_SSH_1.1.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.2
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug3: kex_reset_dispatch -- should we dispatch_set(KEXINIT) here? 0 && !0
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: ar-SA,he,he-IL,i-default
debug2: kex_parse_kexinit: ar-SA,he,he-IL,i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: ar-SA,he,he-IL,i-default
debug1: Peer sent proposed langtags, stoc: ar-SA,he,he-IL,i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 133/256
debug1: bits set: 1617/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /export/home/user/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 3
debug1: Host 'xxx.xxx.xxx.xxx' is known and matches the RSA host key.
debug1: Found key in /export/home/user/.ssh/known_hosts:3
debug1: bits set: 1579/3191
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug3: kex_reset_dispatch -- should we dispatch_set(KEXINIT) here? 0 && !0
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug3: aes-128-ctr NID found
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug3: aes-128-ctr NID found
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug2: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug3: start over, passed a different list gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /export/home/user/.ssh/identity
debug3: no such identity: /export/home/user/.ssh/identity
debug1: Trying private key: /export/home/user/.ssh/id_rsa
debug3: no such identity: /export/home/user/.ssh/id_rsa
debug1: Trying private key: /export/home/user/.ssh/id_dsa
debug3: no such identity: /export/home/user/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

i supplied an incorrect password for testing the output came out as follows

Code:
Password:
debug3: packet_send2: adding 32 (len 17 padlen 15 extra_pad 64)
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

and again a prompet to re enter password

Code:
Password:
debug3: packet_send2: adding 32 (len 17 padlen 15 extra_pad 64)
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:


after fewer tries for some reason the the server now accepts connection from solaris host within same subnet i tried putty on a machine on same subnet with no luck
what other procedures should i take to fix the problem
Last edited by h@foorsa.biz; 03-04-2010 at 07:58 AM..
# 11  
Old 03-04-2010
So it works as expected. Supplying an incorrect password doesn't log you in. You previously wrote "also i tried to ssh from a solaris host with no luck ." Please clarify.
# 12  
Old 03-04-2010
Quote:
Originally Posted by jlliagre
So it works as expected. Supplying an incorrect password doesn't log you in. You previously wrote "also i tried to ssh from a solaris host with no luck ." Please clarify.
It wasn't working at all from that solaris host , suddenly for unknown reason it's working from that solaris host , but the problem still exist it doesn't accept connections from putty from hosts on same subnet it's also not accepting connections remotely .
are there any other procedures should i take to fix the problem
thanks
# 13  
Old 03-04-2010
Please find a Solaris host where the problem shows up and run again the verbose ssh command.
# 14  
Old 03-04-2010
i sshed from a remote solaris host not within same subnet and it accepts connections
i used the following command
Code:
ssh -v user@xxx.xxx.xxx.xxx -p 8080

prompted for the password and i supplied the correct password the login was successful
and the output came as the following
Code:
bash-3.00# ssh -v user@xxx.xxx.xxx.xxx -p 8080
Sun_SSH_1.1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 8080.
debug1: Connection established.
debug1: identity file /.ssh/identity type -1
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.2
debug1: match: Sun_SSH_1.1.2 pat Sun_SSH_1.1*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.1
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: Peer sent proposed langtags, ctos: ar-SA,he,he-IL,i-default
debug1: Peer sent proposed langtags, stoc: ar-SA,he,he-IL,i-default
debug1: We proposed langtags, ctos: i-default
debug1: We proposed langtags, stoc: i-default
debug1: Negotiated lang: i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: Remote: Negotiated main locale: C
debug1: Remote: Negotiated messages locale: C
debug1: dh_gen_key: priv key bits set: 143/256
debug1: bits set: 1648/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'xxx.xxx.xxx.xxx' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:4
debug1: bits set: 1570/3191
debug1: ssh_rsa_verify: signature correct
debug1: newkeys: mode 1
debug1: set_newkeys: setting new keys for 'out' mode
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: set_newkeys: setting new keys for 'in' mode
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: Next authentication method: gssapi-with-mic
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/identity
debug1: Trying private key: /.ssh/id_rsa
debug1: Trying private key: /.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Authentication succeeded (keyboard-interactive)
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: channel request 0: env
debug1: channel request 0: pty-req
debug1: channel request 0: shell
debug1: fd 4 setting TCP_NODELAY
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: Remote: Channel 0 set: LANG=C
Last login: Fri Mar  5 01:27:57 2010 from xxx.xxx.xxx.xxx
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
-bash-3.00$

connecting from a remote or local windows host with putty fails .
strange isn't it
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Ssh issue

Hi All, I am trying to connect between two system , I am facing the issue with -SSH-t-l userid systemname exit ( this is the syntax) It suppose to ask for password , but it throws the error as mentioned below Error is received disconnect from system and remote login for the... (1 Reply)
Discussion started by: sudhainit
1 Replies

2. UNIX for Beginners Questions & Answers

Issue with SSH key

Hello All , I am trying to set up the keys to login seamless on to two diff environment server(s). i used to have it couple of years back , but somehow never worked and didn`t concentte much , but when i want to setup again . facing a challange while copying the id_rsa.pubfile to... (4 Replies)
Discussion started by: radha254
4 Replies

3. Solaris

SSH issue

Hi guys. I just installed Solaris 10 and want to enable ssh on it So that i can remotely use it from another location. I read a post on this forum an it was written that SSH is enabled by default. I did a ps -ef | grep ssh and nothing showed up meaning that it isnt running. I even tried... (11 Replies)
Discussion started by: Junaid Subhani
11 Replies

4. Fedora

ssh issue

Hello, I have two computers at my desk, let's call them A and B. I have some tasks that can only be performed on one of them and some on the other, so I need to be able to ssh from one to the other and vice versa to transfer files, etc. A can ssh to B without problem: I even copied the public key... (6 Replies)
Discussion started by: Leo_Boon
6 Replies

5. UNIX for Advanced & Expert Users

ssh issue

Hi I have a annoying situation here . Our non prod server connect to informatica to run the work flow. But since yest some jobs are getting failed due ssh to informatica server been unsuccessfull. please look into this. successful log for job fiusdcacct_ios_price_venld: SSH... (2 Replies)
Discussion started by: ptappeta
2 Replies

6. Solaris

SSH issue

Facing a SSH issue while creating passwordless login. unix> ./create_ssh In the program, you will be asked and providing 1. SSH private key filename (twice) 2. key passcode (twice) Enter private key filename: id_ss81dev ld.so.1: ssh-keygen: fatal: relocation... (5 Replies)
Discussion started by: flinders1323
5 Replies

7. Shell Programming and Scripting

SSH issue

I want to run a program on remote server by using unauthenticated ssh. It works when I ssh from command line however, it does not work when I try to invoke ssh script with other application. Any clue? (6 Replies)
Discussion started by: sam101
6 Replies

8. Solaris

SSH/Firewall issue

I am a complete UNIX neophyte with the unenviable task of trying to pseudo manage two SUN boxes with an unknown past. I was not responsible for setting them up, anything that was done on them previously, and have no means of figuring out anything that was done to them. So far I have changed the... (4 Replies)
Discussion started by: tawnos42
4 Replies

9. UNIX for Advanced & Expert Users

An issue with SSH

Hey Guys! I got two PCs at my place. In the beginning, one of my PCs had RHEL3( say PC1 ) and one had RHEL4 ( say PC2 ). I was able to ssh from PC1 to PC2 and vice-versa. But recently I've upgraded PC1 from RHEL3 to RHEL4. Now when i am trying to ssh from PC2 to PC1, it is not allowing... (1 Reply)
Discussion started by: chakri.penguin
1 Replies

10. UNIX for Advanced & Expert Users

ssh issue

Im using the default ssh program on a solaris 9 system to connect to another server. When connecting to the other host it make me type my password in 3 to 4 times before letting me in. Is anyone familar with this? (4 Replies)
Discussion started by: meyersp
4 Replies
Login or Register to Ask a Question