HPE Community
Operating System - HP-UX
1821584 Members
3522 Online
109633 Solutions
New Discussion

logging in to an SSH server with a domain user account...

 
Christophe Heereman
Occasional Advisor

‎07-29-2004 03:15 AM

‎07-29-2004 03:15 AM

logging in to an SSH server with a domain user account...

Hi,

I have installed SIM 4.1 and all its options, including the OpenSSH server. I want to use an SSH client to connect to this server. When I fill in a local account (known by the system on which the OpenSSH server is installed) at the prompt, I'm able to login. When I run "mkpasswd -l" at the server, I see a list of the local accounts known to the SSH server. But how can I login to the OpenSSH server with a domain user account (more specifically, a domain user account which is administrator at the SSH server AND at the client side)? I have added the account at the SSH server with "mkpasswd -d -u login domain >> passwd" (with the passwd-dir as the working dir ofcourse). When I look with mkpasswd at the known domain accounts after that, I see that account appearing. But when I try to login, the following message appears:
"setgid: Invalid argument"
and then the window closes immediately after the appearance of this message...

Can someone explain to me what I've done wrong and how to make it possible to login to the OpenSSH server with a domain user account? Thanks!!!

Mr. P
0 Kudos
Reply
1 REPLY 1
Steven E. Protter
Exalted Contributor

‎07-29-2004 03:37 AM

‎07-29-2004 03:37 AM

Re: logging in to an SSH server with a domain user account...

Two ways that I know.

1) Create accounts for your domain/user on every box they need to log onto. Set their password manually the same as the domain password. The obvious problem here is password control and maintenance.

2) Set up an LDAP server on the network and handle all authentication, including domain authentication there. Set up the individual hp-ux boxes with the ldap-ux client, follow the configuration steps and go through the integration steps which vary based on weather the ldap server is hp-ux,linux or windows active directory.

Step 2 leads to a one login for the entire organization situation, which is desireable to many.

Once the hp-ux and ssh boxes are integrated into the ldap environment one login should work for all, even ssh.

In ssh, you can also exchange public keys. I'm attaching a doc on that. The X steps can be done with cat commands.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.