1827479 Members
2445 Online
109965 Solutions
New Discussion

Secure shell problem.

 
SOLVED
Go to solution
Juan Gonzalez_2
Frequent Advisor

Secure shell problem.

I am running secure shell on two HP-UX 11.23 servers. I had a customer create a rsa secure shell key and send it over to me for one of the servers. I added it to the authorize keys files and the customer was able to sftp files over to my server successfully. He then wanted to sftp files over to the other HP-UX server from the same server so what I did was I added the same rsa key that was working on the first server to the second server. The problem now is now when he does a sftp he is asked for a password which on the other server he was not asked. He puts in the users password but it still does not let him in. Help What can be the problem?
13 REPLIES 13
Hemmetter
Esteemed Contributor

Re: Secure shell problem.

Hi juan,

check the ownership/permissions of .ssh (700) and authorized_keys(600) and ~user.
Doublecheck the key in auhtorized_keys for correctness, check for hidden linefeeds ( sometimes copy`n paste breaks single lines into multiple lines )

rgds
HGH
njia_1
Trusted Contributor

Re: Secure shell problem.

Hi

Have you checked the sshd_config file, is RSAAuthentication enable on the other one ?

Is he able to login to the other server by SSH ?

compary the sshd_config file on those two HPUX server you may find the answer

thanks
Michael Selvesteen_2
Trusted Contributor
Solution

Re: Secure shell problem.

Hello,

Try the following

1. Check whether the user is allowed login to the second server

2. Ensure that the Second server supports Publickey authentication

grep -i "PubkeyAuthentication" /opt/ssh/etc/sshd_config

3. Make sure the permissions are correct for key files( Refer /opt/ssh/README.hp )

4. Run the server and client in debug mode for possible hints.
/opt/ssh/sbin/sshd -ddde
/opt/ssh/bin/ssh -vvv

All the best
Juan Gonzalez_2
Frequent Advisor

Re: Secure shell problem.

I compared permissions on the server that works to the server that does not and they are the same. I also compared the the sshd_config files and they are the same also. I checked the rsa key on both servers and they look the same. What can be the problem?
paolo barila
Valued Contributor

Re: Secure shell problem.

User on server #2 has a password set?
$home permissions of user on server #2 are 755 ?
share share share
RAC_1
Honored Contributor

Re: Secure shell problem.

Ask him to check output of follows.

ssh -vvv "other_server"
sshd -ddd - From server he/she connecting to
There is no substitute to HARDWORK
Juan Gonzalez_2
Frequent Advisor

Re: Secure shell problem.

Paolo on both destination servers the users home directory is 755. The one that works and the one that does not work.
Steven E. Protter
Exalted Contributor

Re: Secure shell problem.

Shalom Juan,

I had the same problem with Linux and dsa.

Turns out someone changed the ownership on the /root/ home directory to mysql

Its almost always ownership or permissions.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Juan Gonzalez_2
Frequent Advisor

Re: Secure shell problem.

Steven permissions is not the problem in my case.
On server that it is working on:
drwxr-xr-x 18 oraftp unison 1024 Jan 25 14:42 ftp

Permissions on the server that is asking for a password:
drwxr-xr-x 19 oraftp unison 1024 Feb 14 14:49 ftp

njia_1
Trusted Contributor

Re: Secure shell problem.

Hi

Have you tried to do a sftp between those two HPUX servers ?

Is possible you ask your customer to try scp rather than sftp, just try to see if that works

thanks
paolo barila
Valued Contributor

Re: Secure shell problem.

Does the "normal" login on server #2 with password work?
share share share
Juan Gonzalez_2
Frequent Advisor

Re: Secure shell problem.

The normal login does work. I enabled ftp and the customer was able to ftp to the server. Then I disabled ftp again.
First thing tomorrow I will have the customer try scp because the customer is gone now.
Michael Selvesteen_2
Trusted Contributor

Re: Secure shell problem.

Could you post the output of the following

1. syslog
2. sshd -ddde
3. ssh -vvv