1748219 Members
4269 Online
108759 Solutions
New Discussion юеВ

Re: SSH

 
Barakati
Frequent Advisor

SSH

Dears,

I am trying to use PuTTY client to access one of HP servers, anyway the connection to the server has been made, but when the password entered it gave access denied !!!

I use root to login and I am sure 100% from the password...

does SSH required other than root's password? is there any file should be edit??

regards,

*see the attachment
4 REPLIES 4
Avinash20
Honored Contributor

Re: SSH

Edit /opt/ssh/etc/sshd_config

Change the line:
PermitRootLogin no
to:
PermitRootLogin yes

Then stop and restart SSH.

# /sbin/init.d/secsh stop

# /sbin/init.d/secsh start

You will then be allowed to ssh as root.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Avinash20
Honored Contributor

Re: SSH

For much better security, however, you should set this parameter to "no" and always log in as a non-privileged user.
You can always su to root, if needed.

Best of luck!!
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Johnson Punniyalingam
Honored Contributor

Re: SSH

Hi,

SSH ,
====

If you are using ssh, It could be security settings,
(Direct Login as root)is not allowed

You need first login as normal user and su to root)

Example:-

Login :- user1
Passord:- XXXXXXX
#su -
Password :- XXXX

Thanks,
Johnson
Problems are common to all, but attitude makes the difference
Doug O'Leary
Honored Contributor

Re: SSH

Hey;

I agree with Avinash and Johnson on the direct password authentication to root. That's a bad idea as passwords are single factor authentication and have inherent problems.

You can provide direct access to root securely through public key authentication (pka). This authentication mechanism is two factor authentication so it tends to be more secure than is one factor authentication.

Those factors are:

1. Something you know (passwords)
2. Something you have (secure ID token)
3. Something you are (biometrics)

PKA is two factor authentication because you have the private key counterpart to the public key and know the passphrase to it.

I've written a white paper on this topic for a couple of clients. I'll have to see about sanitizing it for general use and posting.

You can configure root authentication to allow pka only by setting

PermitRootLogin without-password

Hope that helps.

Doug O'Leary

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html