HPE Community
Operating System - HP-UX
1837086 Members
2630 Online
110112 Solutions
New Discussion

Re: shh works for non root user, but not telnet

 
Brad Marshall_2
Frequent Advisor

‎06-09-2006 01:45 AM

‎06-09-2006 01:45 AM

shh works for non root user, but not telnet

Hi
I can log in with virtually any user via telnet or ssh. One user (sap unix user) only works via ssh. I cant figure out what is different about this user. HP-UX 11.11
c-shell.

Comes back with Login incorrect

thanks
0 Kudos
Reply
6 REPLIES 6
Darrel Louis
Honored Contributor

‎06-09-2006 02:00 AM

‎06-09-2006 02:00 AM

Re: shh works for non root user, but not telnet

Brad,

Check if the password for the user isn't expired.

Darrel
0 Kudos
Reply
Carles Viaplana
Valued Contributor

‎06-09-2006 02:02 AM

‎06-09-2006 02:02 AM

Re: shh works for non root user, but not telnet

Maybe...

- Destination system doesn't listen telnet port
- Only sap unix user has ssh public key distribuited to destination server.

I hope it helps you.
Regards,

Carles
0 Kudos
Reply
Brad Marshall_2
Frequent Advisor

‎06-09-2006 02:07 AM

‎06-09-2006 02:07 AM

Re: shh works for non root user, but not telnet

With my ssh I actually type the password in, so the password is okay.

I can log in with other users via telnet no problem, so I have to assume telnet is listening.
0 Kudos
Reply
Jeff_Traigle
Honored Contributor

‎06-09-2006 02:12 AM

‎06-09-2006 02:12 AM

Re: shh works for non root user, but not telnet

By default, SSH does not use login(1) to authenticate. (Controlled by UseLogin parameter in sshd_config.) There are numerous reasons login(1) would reject authentication, which are listed in the man page under SECURITY FEATURES.

SECURITY FEATURES
On a trusted system, login prohibits a user from logging in if any of
the following is true:

+ The password for the account has expired and the user cannot
successfully change the password.

+ The password lifetime for the account has passed.

+ The time between the last login and the current time exceeds the
time allowed for login intervals.

+ The administrative lock on the account has been set.

+ The maximum number of unsuccessful login attempts for the account
has been exceeded.

+ The maximum number of unsuccessful login attempts for the
terminal has been exceeded.

+ The administrative lock on the terminal has been set.

+ The terminal has an authorized user list and the user is not on
it.

+ The terminal has time of day restrictions and the current time is
not within the allowable period.
--
Jeff Traigle
0 Kudos
Reply
Brad Marshall_2
Frequent Advisor

‎06-09-2006 03:19 AM

‎06-09-2006 03:19 AM

Re: shh works for non root user, but not telnet

Checked the security checks as noted above and cant find any issues. Not sure how to check locks on terminals etc, but I would think a different tty gets picked up each time.

Nothing in the syslog.

The password was changed 2 days ago and made no difference with this problem.

At this point I can log in if ssh is clicked on my emulator and I enter userid and password. If i click telnet the login does not work after entering userid and the right password.
0 Kudos
Reply
Jeff_Traigle
Honored Contributor

‎06-09-2006 03:32 AM

‎06-09-2006 03:32 AM

Re: shh works for non root user, but not telnet

See devassign(4) about terminal access restrictions for users and ttys(4) for information about terminal control database.
--
Jeff Traigle
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.