HPE Community
Operating System - HP-UX
1752350 Members
6343 Online
108787 Solutions
New Discussion юеВ

Re: ssh - HP11.11

 
Mark Parsons
Valued Contributor

тАО11-05-2012 04:53 AM

тАО11-05-2012 04:53 AM

ssh - HP11.11

Hi,

 

I have four HP11.11 boxes in the UK that are using ssh connection to a box in Germany. Three of them can connect using root and not needing a password for the other end but one of them seems to want to have a password. The release of ssh is:

 

OpenSSH_4.7p1+sftpfilecontrol-v1.2-hpn12v17, OpenSSL 0.9.7m 23 Feb 2007
HP-UX Secure Shell-A.04.70.009, HP-UX Secure Shell version

 

The following is the correct connection on three servers:

 

# ssh user-id@other-server uptime

        USE AND ACCESS TO THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS ONLY!


Authentication successful.
 12:37pm  up 29 days,  7:09,  1 user,  load average: 0.08, 0.08, 0.09

 

The following is the incorrect connection on one server:

 

# ssh user-id@other-server uptime

        USE AND ACCESS TO THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS ONLY!


user-id's password:

 

What is different between the three servers that work and the one that doesn't.

 

Hope someone can help.

 

Kind Regards - Mark P.

 

 

 

0 Kudos
Reply
3 REPLIES 3
Ralf Seefeldt
Valued Contributor

тАО11-05-2012 05:39 AM

тАО11-05-2012 05:39 AM

Re: ssh - HP11.11

Hi,

 

the 4th server seems tot to be authorized to access the german server.

What about the ~/.ssh/authorizes_keys of the destination user on the german server.

You even might have a serverwide authentification in place. Loot kbeneath /etc

 

 

0 Kudos
Reply
Matti_Kurkela
Honored Contributor

тАО11-05-2012 06:46 AM

тАО11-05-2012 06:46 AM

Re: ssh - HP11.11

First, read the syslog of the system that disallows passwordless login. If there is a file permission problem, the message should tell which file/directory has permissions sshd does not like. Usually, the problem is that there are too much permissions: if another user could overwrite the authorized_keys file, then sshd won't trust the file and disallows key-based authentication.

 

Check all of these things:

  • the sshd_config file (/opt/ssh/etc/sshd_config): it may contain non-default options that disallow logging as root
  • ownership and permissions of the /.ssh/authorized_keys file (should be owned by root and writable only by root, i.e. -rw-r--r-- is the maximum useable permissions)
  • ownership and permissions of the /.ssh directory (should be accessible by root only, i.e. permissions drwx------)
  • ownership and permissions of the / directory (run "ll -d /"): it should not be writeable by anyone other than root. Sometimes a typo in a chmod command may cause accidental changes to the permissions of the root directory. The correct permissions are drwxr-xr-x, owner root, group root.
MK
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО11-05-2012 01:01 PM

тАО11-05-2012 01:01 PM

Re: ssh - HP11.11

Have you tried ssh -vvv to see if the debug info help you tell where the bad and good ones diverge?

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.