Operating System - HP-UX
1745796 Members
3795 Online
108722 Solutions
New Discussion

only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

 
SOLVED
Go to solution
NavyYard
Valued Contributor

only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

Hi All.

 

I have a HP-UX 11.31 server on a trusted base.

 

I can login into this server via iLo into the sever but I can not log into it via ssh, ftp or telnet.

 

/etc/default/security file is similar to other servers which allow ssh/ftp/telnet in.

 

Any ideas?

 

Thanks

12 REPLIES 12
donna hofmeister
Trusted Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

have you checked your free space?  what about a tail of syslog?

Dennis Handly
Acclaimed Contributor

Re: only console login allowed into the HP-UX server, can not ssh or telnet into it

>but I can not log into it via ssh, ftp or telnet.

 

What errors do you get?  Do all users fail to login?

Bill Hassell
Honored Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

Without error messages like "connection refused" or timeout, it is not easy to troubleshoot.  However, with the MP port working and you can login, HP-UX is just fine and your networking is down. Start with /var/adm/syslog/syslog.log. Do you see networking errors? What does lanscan report?

 

If you have just one LAN port defined such as lan0, what does lanadmin- g 0 show?



Bill Hassell, sysadmin
NavyYard
Valued Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

When I try to login, I get the following error:

 

Aug 29 14:11:31 Server sshd[27796]: Failed password for begi from 192.168.50.15 port 40917 ssh2
Aug 29 14:11:36 Server sshd[27827]: SSH: Server;Ltype: Authname;Remote: 192.168.50.15-22887;Name: begi [preauth]
Aug 29 14:11:46 Server sshd[27827]: Failed password for begi from 192.168.50.15 port 22887 ssh2
Aug 29 14:11:50 Server sshd[27827]: Connection closed by 192.168.50.15 [preauth]

 

I changed my password a few times but it does not let me in. Any advice.

 

Thanks

NavyYard
Valued Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

Hi!

 

I can login to other servers from this server but can not login into it from other servers.

 

Thanks

NavyYard
Valued Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

syslog.log output:

 

Aug 29 14:53:39 srvr sshd[29917]: SSH: Server;Ltype: Version;Remote: 192.168.50.15-56478;Protocol: 2.0;Client: OpenSSH_6.2p1+sftpfilecontrol-v1.3-hpn13v12
Aug 29 14:53:39 srvr sshd[29917]: SSH: Server;Ltype: Kex;Remote: 192.168.50.15-56478;Enc: aes128-ctr;MAC: hmac-md5;Comp: none [preauth]
Aug 29 14:53:40 srvr sshd[29917]: SSH: Server;Ltype: Authname;Remote: 192.168.50.15-56478;Name: begi [preauth]
Aug 29 14:53:51 srvr sshd[29917]: Failed password for begi from 192.168.50.15 port 56478 ssh2
Aug 29 14:54:02 srvvr sshd[29917]: Connection closed by 192.168.50.15 [preauth]

NavyYard
Valued Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

Hi!

 

Hi!.  Here is it:

# lanadmin -g 0

                      LAN INTERFACE STATUS DISPLAY
                       Thu, Aug 29,2013  12:57:03

PPA Number                      = 0
Description                     = lan0 HP 10GBase-KR Release CUP3_IOCXGBE_B.11.31.1109
Type (value)                    = ethernet-csmacd(6)
MTU Size                        = 1500
Speed                           = 1000000000
Station Address                 = 0xd4c9ef062798
Administration Status (value)   = up(1)
Operation Status (value)        = up(1)
Last Change                     = 288
Inbound Octets                  = 12201770
Inbound Unicast Packets         = 0
Inbound Non-Unicast Packets     = 71449
Inbound Discards                = 0
Inbound Errors                  = 0
Inbound Unknown Protocols       = 71449
Outbound Octets                 = 0
Outbound Unicast Packets        = 0
Outbound Non-Unicast Packets    = 0
Outbound Discards               = 0
Outbound Errors                 = 0
Outbound Queue Length           = 0
Specific                        = 655367

Ethernet-like Statistics Group

Index                           = 1
Alignment Errors                = 0
FCS Errors                      = 0
Single Collision Frames         = 0
Multiple Collision Frames       = 0
Deferred Transmissions          = 0
Late Collisions                 = 0
Excessive Collisions            = 0
Internal MAC Transmit Errors    = 0
Carrier Sense Errors            = 0
Frames Too Long                 = 0
Internal MAC Receive Errors     = 0

 

Thanks

Matti_Kurkela
Honored Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?

The error messages in the log seems to indicate a password authentication failure.

 

Did you use the console to change your password? Did your password include characters "@" or "#"?

 

If you used either of those characters on the console, your password may not be set to what you think it is: for historical reasons, HP-UX console can sometimes have very ancient default settings. In that situation, "#" acts as you would normally expect the backspace key to act. And the "@" character causes the system to ignore what you've entered on the command line or prompt so far, and start afresh.

 

Some old versions of the commercial SSH server also used to have this behavior on SSH sessions too.

 

Unless you've applied the necessary configuration change to avoid this problem system-wide, you might want to avoid these characters in your passwords. And as a HP-UX sysadmin, you should be aware of this behavior as you might still see it in some situations - like when booting a system to single user mode.

 

 

Also, if your system has only recently been converted to trusted mode, it may have been that only the first 8 characters of your (original) password had been stored. In the traditional (= non-trusted and non-shadow) mode, this can go unnoticed, since the password checking function will likewise truncate their input to 8 characters. But after switching to trusted mode, this truncation behaviour goes away - and if your password contains more than 8 characters, it will no longer match the stored password from the traditional mode, which only contains the first 8 characters.

 

Fortunately, the workaround for this problem is easy: try typing only the first 8 characters of your password to log in, then make sure the trusted mode is configured to accept longer passwords, and change your password once. After that, only the long form should be accepted.

MK
Emil Velez_2
Trusted Contributor

Re: only console login allowed into the hp-ux server, can not ssh or telnet into it, aby ideas?t

try adding another user and logging in with that user

lookk for a file /etc/securetty. that could precent root from logging in

also check /etc/opt/ssh/sshd_config. it could prevent root from logging in

Emil Velez
Instructor Storage, Servers, HP-UX and Partner Courses
Hewlett Packard Enterprise Education Services
Ask me about training on StoreServ (3PAR) StoreOnce, StoreEasy, StoreAll, StoreVirtual, HP-UX, ServiceGuard and HPE Partner Ready Certification Training

internet: Linkedin: http://www.linkedin.com/in/emilvelez

HPE Master ASE Server Solutions Architect V3
HPE Master ASE Storage Solutions Architect V2
HP UNIX Certified (ASE HPUX 11iv3 Administration V1)
Certified HPE Instructor
HPE Product Certified - OneView [2016]
HP Sales Certified -Servers, Converged Systems and Services [2015]
HPE Product Certified - Converged Solutions [2017]