HPE Community
Operating System - HP-UX
1828582 Members
2077 Online
109982 Solutions
New Discussion

Can not login to Secure Shell

 
Thai Duong
New Member

‎05-11-2005 12:13 AM

‎05-11-2005 12:13 AM

Can not login to Secure Shell

Hi guys,

I'm a Linux guy just happened to be an administrator fox a HP-UX server in my network.

The first thing I want to do is to change the remote shell method from the default (insecure) telnet to ssh with HP Secure Shell. I used the default setting in /opt/ssh/etc/sshd_config. Unfortunately, anytime I tried to ssh into my server, it always returns "Wait for login exit:...". In /var/adm/syslog/syslog.log, there was some lines:

May 11 18:48:45 SVR sshd[4426]: Could not reverse map address 192.168.100.20.
May 11 18:48:48 SVR sshd[4426]: Accepted keyboard-interactive for [remove] from 192.168.100.20 port 35230 ssh2

We can see that ssh ACCEPTED my connection. I tried another non-root account, the result was the same. I can telnet to my server with these accounts without any problem.

Even when I reconfiged ssh to use the Publickey authentication, I still could not use ssh.

Please help.
-T
0 Kudos
Reply
7 REPLIES 7
Lee Harris_5
Valued Contributor

‎05-11-2005 12:20 AM

‎05-11-2005 12:20 AM

Re: Can not login to Secure Shell

Hi,

This sounds like a name resolution issue. I think your HP server running SSHD must be able to resolve your client IP address to a hostname before it will give you access.

You can either try adding your dns server to /etc/resolv.conf or add an entry in the hosts file.

Hope that helps.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎05-11-2005 12:33 AM

‎05-11-2005 12:33 AM

Re: Can not login to Secure Shell

It sounds like your ssh configuration requires valid reverse DNS records. I don't know how to configure it that way, but that is what it appears to be.

Its not very common to provide reverse lookup data for internal networks.

Two solutions:

1) Change Secure Shell (openssh) configuration to standard and not require reverse dns records
2) Provide reverse dns database on your dns server.

It could also simply be a hostname resolution issue solved with proper dns database entries or /etc/host records.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Gerald Taylor
Frequent Advisor

‎05-11-2005 12:34 AM

‎05-11-2005 12:34 AM

Re: Can not login to Secure Shell

I think I had this problem and the fix was to increase ServerKeyBits in the sshd_config. Increase from 768 to 1024. Also check permission on your ssh related directories.

Gerald
0 Kudos
Reply
Oliver Stoklossa
Frequent Advisor

‎05-11-2005 12:34 AM

‎05-11-2005 12:34 AM

Re: Can not login to Secure Shell

Maybe you could try to connect to the machine with parameter -v (ssh -v )
The output might be helpful.

But probably the resolv.conf/host hint is helpful enough :)
0 Kudos
Reply
Denver Osborn
Honored Contributor

‎05-11-2005 01:01 AM

‎05-11-2005 01:01 AM

Re: Can not login to Secure Shell

If this system does not use or have access to DNS, then you'll want to set "UseDNS no" in the sshd_config and restart sshd.

-denver
0 Kudos
Reply
Thai Duong
New Member

‎05-11-2005 01:09 AM

‎05-11-2005 01:09 AM

Re: Can not login to Secure Shell

Unbelieveable, you guys reply so fast, I have thought I can not get any anwser until tomorrow.

The problem is solved, when I run ssh -v, it reported that I use X11Forwarding yes which conflict with UseLogin yes, so I commented out UseLogin yes and everything just works like a charm.

Thx you guys all!

-T

PS: Where can I find documentation about HP-UX system administration?
0 Kudos
Reply
Denver Osborn
Honored Contributor

‎05-11-2005 01:18 AM

‎05-11-2005 01:18 AM

Re: Can not login to Secure Shell

hp-ux manuals are available online at

http://docs.hp.com

An "HP Certified" book, even if you're not planning on getting certified, would also come in handy.

-denver
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.