https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856217#M482307 <P>First, read the syslog of the system that disallows passwordless login. If there is a file permission problem, the message should tell which file/directory has permissions sshd does not like. Usually, the problem is that there are too much permissions: if another user could overwrite the authorized_keys file, then sshd won't trust the file and disallows key-based authentication.</P><P>&nbsp;</P><P>Check all of these things:</P><UL><LI>the sshd_config file (/opt/ssh/etc/sshd_config): it may contain non-default options that disallow logging as root</LI><LI>ownership and permissions of the /.ssh/authorized_keys file (should be owned by root and writable <STRONG>only</STRONG> by root, i.e. -rw-r--r-- is the maximum useable permissions)</LI><LI>ownership and permissions of the /.ssh directory (should be accessible by root only, i.e. permissions drwx------)</LI><LI>ownership and permissions of the / directory (run "ll -d /"): it should not be writeable by anyone other than root. Sometimes a typo in a chmod command may cause accidental changes to the permissions of the root directory. The correct permissions are drwxr-xr-x, owner root, group root.</LI></UL> Mon, 05 Nov 2012 14:46:29 GMT Matti_Kurkela 2012-11-05T14:46:29Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856109#M482305 <P>Hi,</P><P>&nbsp;</P><P>I have four HP11.11 boxes in the UK that are using ssh connection to a box in Germany. Three of them can connect using root and not needing a password for the other end but one of them seems to want to have a password. The release of ssh is:</P><P>&nbsp;</P><P>OpenSSH_4.7p1+sftpfilecontrol-v1.2-hpn12v17, OpenSSL 0.9.7m 23 Feb 2007<BR />HP-UX Secure Shell-A.04.70.009, HP-UX Secure Shell version</P><P>&nbsp;</P><P>The following is the correct connection on three servers:</P><P>&nbsp;</P><P># ssh <A href="mailto:user-id@other-server" target="_blank">user-id@other-server</A> uptime</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; USE AND ACCESS TO THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS ONLY!</P><P><BR />Authentication successful.<BR />&nbsp;12:37pm&nbsp; up 29 days,&nbsp; 7:09,&nbsp; 1 user,&nbsp; load average: 0.08, 0.08, 0.09</P><P>&nbsp;</P><P>The following is the incorrect connection on one server:</P><P>&nbsp;</P><P># ssh&nbsp;<A href="mailto:user-id@other-server" target="_blank">user-id@other-server</A> uptime</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; USE AND ACCESS TO THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS ONLY!</P><P><BR />user-id's password:</P><P>&nbsp;</P><P>What is different between the three servers that work and the one that doesn't.</P><P>&nbsp;</P><P>Hope someone can help.</P><P>&nbsp;</P><P>Kind Regards - Mark P.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 05 Nov 2012 12:53:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856109#M482305 Mark Parsons 2012-11-05T12:53:47Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856163#M482306 <P>Hi,</P><P>&nbsp;</P><P>the 4th server seems tot to be authorized to access the german server.</P><P>What about the ~/.ssh/authorizes_keys of the destination user on the german server.</P><P>You even might have a serverwide authentification in place. Loot kbeneath /etc</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 05 Nov 2012 13:39:28 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856163#M482306 Ralf Seefeldt 2012-11-05T13:39:28Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856217#M482307 <P>First, read the syslog of the system that disallows passwordless login. If there is a file permission problem, the message should tell which file/directory has permissions sshd does not like. Usually, the problem is that there are too much permissions: if another user could overwrite the authorized_keys file, then sshd won't trust the file and disallows key-based authentication.</P><P>&nbsp;</P><P>Check all of these things:</P><UL><LI>the sshd_config file (/opt/ssh/etc/sshd_config): it may contain non-default options that disallow logging as root</LI><LI>ownership and permissions of the /.ssh/authorized_keys file (should be owned by root and writable <STRONG>only</STRONG> by root, i.e. -rw-r--r-- is the maximum useable permissions)</LI><LI>ownership and permissions of the /.ssh directory (should be accessible by root only, i.e. permissions drwx------)</LI><LI>ownership and permissions of the / directory (run "ll -d /"): it should not be writeable by anyone other than root. Sometimes a typo in a chmod command may cause accidental changes to the permissions of the root directory. The correct permissions are drwxr-xr-x, owner root, group root.</LI></UL> Mon, 05 Nov 2012 14:46:29 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856217#M482307 Matti_Kurkela 2012-11-05T14:46:29Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856593#M482313 <P>Have you tried ssh -vvv to see if the debug info help you tell where the bad and good ones diverge?</P> Mon, 05 Nov 2012 21:01:27 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-hp11-11/m-p/5856593#M482313 Dennis Handly 2012-11-05T21:01:27Z