HPE Community
Operating System - HP-UX
1855728 Members
5820 Online
104103 Solutions
New Discussion

Re: my server is no long attached to the NIS service

 
SOLVED
Go to solution
Darrel Louis
Honored Contributor

‎02-07-2006 02:13 AM

‎02-07-2006 02:13 AM

Re: my server is no long attached to the NIS service

Praveen,

Yes it is v v v

Darrel
0 Kudos
Reply
praveen..
Super Advisor

‎02-07-2006 02:13 AM

‎02-07-2006 02:13 AM

Re: my server is no long attached to the NIS service

hi friends,

please help me to solve this issue.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎02-07-2006 02:30 AM

‎02-07-2006 02:30 AM

Re: my server is no long attached to the NIS service

dsvsi:YoCQinUg3pfcg,B.HR:36004:1:praveen:/dhome/dsvsi:/usr/bin/ksh

This passwd has aging in effect but since this is week 'PR' that is 8 weeks since the last password change, 'B' indicates that the password is valid for 13 weeks so that 5 weeks remain on his passwd. This passwd is still valid. I assume that all of the ypcats are being done on the ssh client to which you are trying to connect. The next thing I would do is to make sure that you have no passwd entry for dsvsi on this client. If there is one that one wins.

I refuse to help any more until you do what I asked earlier. Take the passwd entry you got from ypcat and use it to create a local passwd entry and see if your problems disappear. Make sure that you put it in the passwd file before any of the '+' entries.
Also, does the client have any '+' entries? If the passwd file is missing the '+' entries or /etc/nsswitch.conf is configured incorrectly then even if NIS is running on thge client the the passwd substitution is not going to occur. You need to take it one step at a time. That's why you should make a local entry. If it now works and does not work when you remove it, you now have a known starting point.

If it ain't broke, I can fix that.
0 Kudos
Reply
praveen..
Super Advisor

‎02-07-2006 04:00 AM

‎02-07-2006 04:00 AM

Re: my server is no long attached to the NIS service

I am able to connect using :
# ssh -vvv warbler
OpenSSH_3.7, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003
HP-UX_Secure_Shell-A.03.71.006.%ic71N, HP_UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting to warbler [170.118.8.21] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.7
debug1: match: OpenSSH_3.7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7
debug3: RNG is ready, skipping seeding
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 123/256
debug2: bits set: 1547/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 5
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 5
debug1: Host 'warbler' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug2: bits set: 1661/3191
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa (00000000)
debug2: key: /root/.ssh/id_dsa (00000000)
debug3: input_userauth_banner
Acceptable Use Policy

The use of this information system is limited to authorized users and subject
to monitoring at all times. Your use constitutes express consent to such
monitoring and that your use is not subject to any expectation of privacy.
If monitoring reveals possible evidence of criminal activity, this evidence
and related information, including identification information about the user,
may be provided to law enforcement officials. All communications may be
disclosed to law enforcement or third parties without consent or notice.
Further, appropriate disciplinary action may be taken for violations of
company policy or unauthorized use, including without limitation, revocation
of the access privileges and termination of employment.

debug1: Authentications that can continue: publickey,gssapi,password,keyboard-interactive
debug3: start over, passed a different list publickey,gssapi,password,keyboard-interactive
debug3: preferred gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi
debug1: Next authentication method: gssapi
debug2: we sent a gssapi packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi,password,keyboard-interactive
debug2: we sent a gssapi packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:


please suggest
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.