Operating System - HP-UX
1748177 Members
4311 Online
108758 Solutions
New Discussion юеВ

Re: How to ssh auto login from AIX to HP-UX

 
Dennis Handly
Acclaimed Contributor

Re: How to ssh auto login from AIX to HP-UX

>ll -d /home/EAIUsr/.ssh
>drwxrwxrwx 2 EAIUsr users 8192 Jun 20 13:55 /home/EAIUsr/.ssh

Ack! You need to change the permissions to: 700
See these threads:
http://h30499.www3.hp.com/t5/Security/Differences-between-SSH-versions-on-HP-UX-11iv2/m-p/5166366#M18225

http://h30499.www3.hp.com/t5/System-Administration/Unable-To-Perform-A-quot-Passwordless-quot-SSH-Login-To-A-Server/m-p/4779408

Attapol123
Occasional Advisor

Re: How to ssh auto login from AIX to HP-UX

oh! it work .after change permision.
Thank you for all.

So,I will be applied to other machines.

Attapol123
Occasional Advisor

Re: How to ssh auto login from AIX to HP-UX

HI. GUY

I'm doing more host .
I check /home/user premision directory 755.
I check $HOME/.ssh premision 700.
I check $HOME/.ssh/authorized_keys premision 600.
I clear file $HOME/.ssh/known_hosts 0 byte.

But,I test ssh AIX to HP-ux it ask password.


[EAIUsr@seacap01 /home/EAIUsr ]#ssh -vv sesynsr1
OpenSSH_4.1p1, OpenSSL 0.9.7l 28 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Failed dlopen: /usr/krb5/lib/libkrb5.a(libkrb5.a.so): 0509-022 Cannot load module /usr/krb5/lib/libkrb5.a(libkrb5.a.so).
0509-026 System error: A file or directory in the path name does not exist.

debug1: Error loading Kerberos, disabling Kerberos auth.
debug2: ssh_connect: needpriv 0
debug1: Connecting to sesynsr1 [10.153.2.52] port 22.
debug1: Connection established.
debug1: identity file /home/EAIUsr/.ssh/identity type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/EAIUsr/.ssh/id_rsa type 1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/EAIUsr/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14
debug1: match: OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.1
debug2: fd 4 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 127/256
debug2: bits set: 513/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'sesynsr1' is known and matches the RSA host key.
debug1: Found key in /home/EAIUsr/.ssh/known_hosts:25
debug2: bits set: 507/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/EAIUsr/.ssh/identity (0)
debug2: key: /home/EAIUsr/.ssh/id_rsa (20034298)
debug2: key: /home/EAIUsr/.ssh/id_dsa (200342b8)
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/EAIUsr/.ssh/identity
debug1: Offering public key: /home/EAIUsr/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Offering public key: /home/EAIUsr/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

So,I check syslog it has detail below.


Jun 20 17:01:03 sesynsr1 su: + 0 atech-EAIUsr
Jun 20 17:02:01 sesynsr1 sshd[6937]: error: key_read: uudecode AAAAB3NzaC1yc2EAAAABIwAAAIEAuF0GswKIh0d0n12Fe1gMFhBA1OZKtlRep2naF8+EcZC84fYl5ybMB95fZYEuX48KXAZIGzzbqQ7cFMhQ/03Xw9QZ
fZ/G9M+zhBlOVm7M1AR/nUkR3c89UY+K4egPDAY9tEfi9bv25JBQKoo\n failed
Jun 20 17:02:25 sesynsr1 sshd[6937]: error: PAM: Authentication failed for EAIUsr from seacap01
Jun 20 17:03:16 sesynsr1 sshd[6962]: error: key_read: uudecode AAAAB3NzaC1yc2EAAAABIwAAAIEAuF0GswKIh0d0n12Fe1gMFhBA1OZKtlRep2naF8+EcZC84fYl5ybMB95fZYEuX48KXAZIGzzbqQ7cFMhQ/03Xw9QZ
fZ/G9M+zhBlOVm7M1AR/nUkR3c89UY+K4egPDAY9tEfi9bv25JBQKoo\n failed
Jun 20 17:03:22 sesynsr1 sshd[6962]: Accepted keyboard-interactive/pam for EAIUsr from 10.153.2.28 port 61354 ssh2
Jun 20 17:04:24 sesynsr1 su: + 0 atech-EAIUsr
Jun 20 17:05:27 sesynsr1 sshd[7139]: error: key_read: uudecode AAAAB3NzaC1yc2EAAAABIwAAAIEAuF0GswKIh0d0n12Fe1gMFhBA1OZKtlRep2naF8+EcZC84fYl5ybMB95fZYEuX48KXAZIGzzbqQ7cFMhQ/03Xw9QZ
fZ/G9M+zhBlOVm7M1AR/nUkR3c89UY+K4egPDAY9tEfi9bv25JBQKoo\n failed
Jun 20 17:06:28 sesynsr1 sshd[7226]: error: key_read: uudecode AAAAB3NzaC1yc2EAAAABIwAAAIEAuF0GswKIh0d0n12Fe1gMFhBA1OZKtlRep2naF8+EcZC84fYl5ybMB95fZYEuX48KXAZIGzzbqQ7cFMhQ/03Xw9QZ
fZ/G9M+zhBlOVm7M1AR/nUkR3c89UY+K4egPDAY9tEfi9bv25JBQKoo\n failed
Jun 20 17:19:20 sesynsr1 sshd[8577]: error: key_read: uudecode AAAAB3NzaC1yc2EAAAABIwAAAIEAuF0GswKIh0d0n12Fe1gMFhBA1OZKtlRep2naF8+EcZC84fYl5ybMB95fZYEuX48KXAZIGzzbqQ7cFMhQ/03Xw9QZ
fZ/G9M+zhBlOVm7M1AR/nUkR3c89UY+K4egPDAY9tEfi9bv25JBQKoo\n failed
Jun 20 17:19:31 sesynsr1 sshd[8582]: error: key_read: uudecode AAAAB3NzaC1yc2EAAAABIwAAAIEAuF0GswKIh0d0n12Fe1gMFhBA1OZKtlRep2naF8+EcZC84fYl5ybMB95fZYEuX48KXAZIGzzbqQ7cFMhQ/03Xw9QZ
fZ/G9M+zhBlOVm7M1AR/nUkR3c89UY+K4egPDAY9tEfi9bv25JBQKoo\n failed


What happen? Please help me again.