Login or Register to Ask a Question and Join Our Community


Solaris

Unable to login password less authentication

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Unable to login password less authentication
# 1  
Old 11-03-2011
Network Unable to login password less authentication
Hi,

I am facing strange problem in solaris 10.

My requirement is that on server A using user test, any user which is created on Server B will be able to login wihtout password (ssh) from Server A

All the users which are on Server B are able able to login from Server A using test user.

But I am facing problem for single user which is not able to login without password.

I have done all the changes regarding authorized_keys, authorized_keys2.

I have copied the id_rsa.pub and ranamed as authorized_keys , or if due to ssh version , i have renamed as authorized_keys2,


But issue is same.


Please suggest.
# 2  
Old 11-03-2011
Can you post the output of
Code:
ssh -v test@systemA

?
# 3  
Old 11-04-2011
Hi,

Below is output of ssh -v command.
Code:
SH Version Sun_SSH_1.0.1, protocol versions 1.5/2.0.
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: getuid 148 geteuid 148 anon 1
debug1: Connecting to 192.192.191.192 [192.192.192.192] port 22.

Last edited by Scott; 11-04-2011 at 08:25 AM.. Reason: Code tags
# 4  
Old 11-04-2011
Is that the entire output?
# 5  
Old 11-04-2011
Try -v -v
# 6  
Old 11-08-2011
today I am getting below output
bash-2.05$ ssh -v test@192.192.192.192
SSH Version Sun_SSH_1.0.1, protocol versions 1.5/2.0.
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: getuid 148 geteuid 148 anon 1
debug1: Connecting to 192.192.192.192 [192.192.192.192] port 22.
debug1: Connection established.
debug1: identity file /export/home/ora10gdb/.ssh/identity type 3
debug1: Bad RSA1 key file /export/home/ora10gdb/.ssh/id_rsa.
debug1: identity file /export/home/ora10gdb/.ssh/id_rsa type 3
debug1: identity file /export/home/ora10gdb/.ssh/id_dsa type 3
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1
debug1: no match: Sun_SSH_1.1
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.0.1
debug1: sent kexinit: diffie-hellman-group1-sha1
debug1: sent kexinit: ssh-rsa,ssh-dss
debug1: sent kexinit: aes128-cbc,blowfish-cbc,3des-cbc,rijndael128-cbc
debug1: sent kexinit: aes128-cbc,blowfish-cbc,3des-cbc,rijndael128-cbc
debug1: sent kexinit: hmac-sha1,hmac-md5
debug1: sent kexinit: hmac-sha1,hmac-md5
debug1: sent kexinit: none
debug1: sent kexinit: none
debug1: sent kexinit:
debug1: sent kexinit:
debug1: send KEXINIT
debug1: done
debug1: wait KEXINIT
debug1: got kexinit: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-gro up-exchange-sha1,diffie-hellman-group1-sha1
debug1: got kexinit: ssh-rsa,ssh-dss
debug1: got kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug1: got kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug1: got kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: none,zlib
debug1: got kexinit: none,zlib
debug1: got kexinit: en_CA.UTF-8,es_MX.UTF-8,en_CA,en_CA.ISO8859-1,en_US,en_US.I SO8859-1,en_US.ISO8859-15,en_US.ISO8859-15@euro,es,es_MX,es_MX.ISO8859-1,fr,fr_C A,fr_CA.ISO8859-1,C,POSIX,fr_CA.UTF-8
debug1: got kexinit: en_CA.UTF-8,es_MX.UTF-8,en_CA,en_CA.ISO8859-1,en_US,en_US.I SO8859-1,en_US.ISO8859-15,en_US.ISO8859-15@euro,es,es_MX,es_MX.ISO8859-1,fr,fr_C A,fr_CA.ISO8859-1,C,POSIX,fr_CA.UTF-8
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: server->client unable to decide common locale
debug1: kex: server->client aes128-cbc hmac-sha1 none
debug1: kex: client->server unable to decide common locale
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug1: Sending SSH2_MSG_KEXDH_INIT.
debug1: bits set: 506/1024
debug1: Wait SSH2_MSG_KEXDH_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host '192.192.192.192' is known and matches the RSA host key.
debug1: Found key in /export/home/ora10gdb/.ssh/known_hosts:4
debug1: bits set: 536/1024
debug1: ssh_rsa_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: GOT SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: gssapi-keyex,gssapi-with-mic,publicke y,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: key does not exist: /export/home/ora10gdb/.ssh/identity
debug1: try pubkey: /export/home/ora10gdb/.ssh/id_rsa
debug1: read SSH2 private key done: name rsa w/o comment success 1
debug1: authentications that can continue: gssapi-keyex,gssapi-with-mic,publicke y,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: key does not exist: /export/home/ora10gdb/.ssh/id_dsa
debug1: next auth method to try is password
test@192.192.192.192's password:
# 7  
Old 11-08-2011
It's telling you what's wrong: None of the key files are in any of the places it's looking. Move the keys from wherever you put them to the places it wants.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Cannot login to SMB Server/Authentication denied

Hello, I have problems seting up SMB server in Solaris 11.3. I had SMB working previously on Solaris 11 (updated to 11.3), but a bad harddisk crash forced me to install Solaris again from scratch and I cannot get it working properly. I have imported the previous zfs pool with share.smb set... (7 Replies)
Discussion started by: Zorken
7 Replies

2. Shell Programming and Scripting

Passwordless Authentication and Anonymous login

Hi, I am in the process FTPing some of my report files from my production server to another FTP server through batch/Shell Script. This is working fine with the password less authentication. Once i place all my report files in the ftp server the end users need to download ... (3 Replies)
Discussion started by: Showdown
3 Replies

3. Programming

Unable to use libcurl to access a site requiring client authentication

I’m using the below snipped for setting the certificate and key for client authentication. curl_easy_setopt(curl,CURLOPT_SSLCERT,"clientCert.pem"); curl_easy_setopt(curl,CURLOPT_SSLCERTPASSWD,"changeit"); curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM"); ... (2 Replies)
Discussion started by: old_as_a_fossil
2 Replies

4. Shell Programming and Scripting

Password-less RSA Authentication not working

Hello Friends, I know this issue has been raised many times and hence I tried every resolution provided in the forum before I posted this issue again. My Password-less RSA authentication was working fine for quite some time. Whenever the remote server password used to change I used to re-do... (5 Replies)
Discussion started by: mehimadri
5 Replies

5. Solaris

can't bypass password authentication

I can able to SFTP from my web server unix to apps server unix end. but the other way from APPS server to Web server is still asking me the password. I have done same procedure both side. still i am having same problem. Any one help on this. thanks, regards (3 Replies)
Discussion started by: vijill
3 Replies

6. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

7. Solaris

Enhanced Password Authentication

Hello; I am moving a customer from Solaris 2.6 to Solaris 2.8. The customer has requested the following two requirements also be implemented: 1. Lock a user account out for X number of days after 3 unsuccessful login attempts. 2. No reuse of the last 5-10 passwords. Also referred to... (1 Reply)
Discussion started by: rambo15
1 Replies

8. UNIX for Dummies Questions & Answers

Login Authentication Prob SCO 504

I have a problem on a SCO Unix504 box where no user with a setr password is allowed to login. When you enter a username with-out a password and press enter you are allowed to login, when using a name with a password it skips the password entry line and gives the message Incorrect password. This... (0 Replies)
Discussion started by: jant
0 Replies

9. Cybersecurity

Password Authentication

I would like to know how to validate an unix password from shell script (If is possible) Thanks very much ;) (3 Replies)
Discussion started by: juan_o_morillo
3 Replies
Login or Register to Ask a Question