Simpler Navigation coming for Servers and Operating Systems
Coming soon: a much simpler Servers and Operating Systems section of the Community. We will combine many of the older boards, and you won't have to click through so many levels to get at the information you need. If you are looking for an older board and do not find it, check the consolidated boards, as the posts are still there.
Operating System - Tru64 Unix
cancel
Showing results for 
Search instead for 
Did you mean: 

Tru64 - root cannot connect after install OpenSSH

Rafael Mori
Advisor

Tru64 - root cannot connect after install OpenSSH

After install OpenSSH_5.1p1 and login with root, the error ocurred:

STEP 1
./configure -with-zlib=/opt/TWWfsw/zlib11/include without -with-pam

STEP 2
make

STEP 3
make tests

STEP 4
make install

STEP 5 - Overwrite HP SSH to OpenSSH
/sbin/init.d/sshd stop
mv /sbin/init.d/sshd /sbin/init.d/sshd.old_20090217
ln -s /usr/local/sbin/sshd /sbin/init.d/sshd
/sbin/init.d/sshd -f /usr/local/etc/sshd_config
mv /usr/bin/ssh /usr/bin/ssh.old_20090217
ln -s /usr/local/bin/ssh /usr/bin/ssh

STEP 6 - Login with root
login as: root
Sent username "root"
root@10.20.140.9's password:
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for root.
New password:
Retype new password:

After change the password, the screen closed and cannot logon.
The test with other user logon normally (not superuser).

12 REPLIES
Rafael Mori
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

CORRECT
STEP 1
./configure -with-zlib=/opt/TWWfsw/zlib11/include
Steven Schweda
Honored Contributor

Re: Tru64 - root cannot connect after install OpenSSH

> STEP 6 - Login with root
> login as: root

Actual command? (Executed where?)

> [...] the screen closed [...]

What screen? You may know what you're doing,
but we non-psychics can't see it.
Mikej_2
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

Have you checked you have PermitRootLogin yes
in sshd_config ?
Rafael Mori
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

Mikej, my file /usr/local/etc/sshd_config:
PermitRootLogin yes
PasswordAuthentication yes
ChallengeResponseAuthentication yes
UsePrivilegeSeparation no

Steven, if you cannot help me or other people... not interfere, ok?!
Steven Schweda
Honored Contributor

Re: Tru64 - root cannot connect after install OpenSSH

> Steven, if you cannot help me or other
> people... not interfere, ok?!

Don't worry. With no useful information, I
won't be able to interfere much.
Rafael Mori
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

Debug connection SSH...

# ssh -v 10.20.140.9
OpenSSH_5.1p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to 10.20.140.9 [10.20.140.9] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/1
debug1: identity file /.ssh/identity type -1
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.20.140.9' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/identity
debug1: Trying private key: /.ssh/id_rsa
debug1: Trying private key: /.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
root@10.20.140.9's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for root.

New password:
Retype new password:
Hashed database not in use, only /etc/passwd text file updated.

debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to 10.20.140.9 closed.
Transferred: sent 2320, received 2760 bytes, in 5.7 seconds
Bytes per second: sent 405.1, received 481.9
debug1: Exit status 0

Any idea?
Robert Walker_8
Valued Contributor

Re: Tru64 - root cannot connect after install OpenSSH

Gday,

My suspicion would be that your sshd_config file has an option which disallows root access - such as PermitRootLogin or something.

We normally dont allow root to ssh directly - unless for specific file transfer (but tend to create accounts for that too).

We usually ssh into unprivilged account and then su or sudo into root. This was it is logged in a team environment.

Robert.
Rafael Mori
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

Robert, the option "PermitRootLogin" is set to "yes"...
If the option "PermitRootLogin" is set do "no", after input name "root" the screen generate message "access denied" and cannot appear line to input password.
Mikej_2
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

Hi,

You don't have securettys file access deny remote root login ?

http://nixdoc.net/man-pages/Tru64/securettys.4.html

I don't think so, since Tru64 seems to ask for password change.
It asks for password every time you login and change it ?
Strange !!!

If you can, you should try to connect on the local server.
Or try to connect with telnet.

Maybe your root account has a wrong login shell, home, ... or other settings.
You can put wonderful limitations to accounts on Tru64.
Rafael Mori
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

Mikej,

My file /etc/securettys:
#/dev/console
#local:0
#:0
ptys
This configuration permit remote root login?

If the input for a new password, the password changed, but cannot continue logon.
Yes, every time...

Telnet cannot ocurre the same problem.
Mikej_2
Advisor

Re: Tru64 - root cannot connect after install OpenSSH

Rafael,

Yes securettys permit root login if it exists and contains ptys line.

But I'm surprised that you say root telnet login works. Since I think the problem comes from the root account itself. But I may be wrong.

This post talks about root password expiry :
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=974620&admit=109447626+1235331455241+28353475

Can you try this command to suppress password lifetime expiry of root :

usermod -x passwd_lifetime=0 root

It could help.
Otherwise, try to connect with Tru64 ssh.
And with Openssh 5.0 .
It seems that Openssh 5.1 has changed the way it handles password expiry on Tru64 in Openssh 5.1 p1 :
http://www.openssh.com/txt/release-5.1
<-
* Added support password expiry on Tru64 SIA systems. (bz#1241)


If I were you, I would let /sbin/sshd and /bin/ssh be Tru64 SSH.
And start /usr/local/sbin/sshd on startup.
So when you upgrade your system, /usr/local is not concerned and OpenSSH still works.

--
Michael
Thomas Quinot
Occasional Visitor

Re: Tru64 - root cannot connect after install OpenSSH

Try rebuilding with --without-osfsia.
See https://bugzilla.mindrot.org/show_bug.cgi?id=1656