HPE Community
Operating System - HP-UX
1838560 Members
3108 Online
110127 Solutions
New Discussion

shadow password

 
benseghir_1
Advisor

‎11-08-2005 02:27 AM

‎11-08-2005 02:27 AM

shadow password


hello,

i had installed ShadowPassword, i activate it with pwconv commande, when i try connecting to my server using telnet, the connection is done and when i try to connect to my server using ssh, i have the followings errors in my syslog :
error: PAM: No account present for user
error: PAM: No account present for user
sshd[7470]: Failed password for hassiba from 10.5.4.160 port 4282 ssh2

please can you help me

thanks in advance
0 Kudos
Reply
8 REPLIES 8
Steven E. Protter
Exalted Contributor

‎11-08-2005 02:32 AM

‎11-08-2005 02:32 AM

Re: shadow password

Check /etc/opt/ssh/sshd_config and ssh_config for abnormal entries.

PAM configuration can be preventing this as well.

swlist -l product | grep -i pam

swverify \*

Make sure pam is correctly installed.

swlist -l product | grep -i secure
# to get openssh/ssh version which may be helpful.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Zeev Schultz
Honored Contributor

‎11-08-2005 02:43 AM

‎11-08-2005 02:43 AM

Re: shadow password

1) what appears on "passwd" line in /etc/nsswitch.conf?

2) what version of hp SSH (or OpenSSH) is this?
Since shadow passwords are supported from 3.50...

3) what happens with telnet - messages from syslog?
So computers don't think yet. At least not chess computers. - Seymour Cray
0 Kudos
Reply
Sยภเl Kย๓คг
Respected Contributor

‎11-08-2005 09:57 AM

‎11-08-2005 09:57 AM

Re: shadow password

Hi,
I think this is because of the version of the SSH package u are using. What's the version of the ssh, use A.03.50 or above versions.
Regards,
Sunil
Your imagination is the preview of your life's coming attractions
0 Kudos
Reply
benseghir_1
Advisor

‎11-08-2005 09:01 PM

‎11-08-2005 09:01 PM

Re: shadow password

dear all,

i have :

swverify ----> pam is correctly installed

swlist -l product | grep pam :

PHCO_27064 1.0 libpam cumulative patch
PHCO_33215 1.0 libpam_unix cumulative patch

Secure_Shell A.03.71.000 HP-UX SecureShell
openssl A.00.09.07-d.002 Secure Network Communications Protocol


ShadowPW B.11.11.03 HP-UX 11.11
ShadowPassword Enablement Product

nsswitch.conf:

passwd : files
shadow : files
group : file

telnet connection is not logged in syslog.

thanks for your help
0 Kudos
Reply
Arunvijai_4
Honored Contributor

‎11-08-2005 09:06 PM

‎11-08-2005 09:06 PM

Re: shadow password

Latest version of Secure shell is A.04.10.004/005 based on OpenSSH 4.1p1. You can download and install it from
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎11-08-2005 09:13 PM

‎11-08-2005 09:13 PM

Re: shadow password

could you check the permissions of the /etc/nsswitch.conf file ?

444 bin bin /etc/nsswitch.conf
0 Kudos
Reply
Zeev Schultz
Honored Contributor

‎11-08-2005 10:11 PM

‎11-08-2005 10:11 PM

Re: shadow password

ok.ssh version looks ok. but lets stick to general problem - authentication / account.you say that telnet connection dies? does it happen for root or any user? have you tried to restore back /etc/passwd and problem remained? have you tried some other kind of connection like rlogin or ftp and did it work? when you connect from the console things are ok? no /etc/securetty file ?
So computers don't think yet. At least not chess computers. - Seymour Cray
0 Kudos
Reply
benseghir_1
Advisor

‎11-09-2005 01:02 AM

‎11-09-2005 01:02 AM

Re: shadow password

Dear all,

thanks you for your help, all was fine nsswitch.conf, sshd_conf, versions of the software,telnet and ftp connection was fine only ssh connection desn't work, after conversion, i restart the SSH service and it was the good solution.

thanks a lot for your help

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.