HPE Community
Operating System - HP-UX
1825803 Members
2700 Online
109687 Solutions
New Discussion

ssh problem

 
SOLVED
Go to solution
Avi Liani
Occasional Contributor

‎01-13-2005 01:02 AM

‎01-13-2005 01:02 AM

ssh problem

Hi,

I just installed openssh3.9p1 depot on HP-UX box Ver 11.11

whene i try to bring the demon up i get the result :
Privilege separation user sshd dose not exist
EXIT CODE:255

can someone help me pleas ?
avili
0 Kudos
Reply
5 REPLIES 5
Fred Ruffet
Honored Contributor

‎01-13-2005 01:06 AM

‎01-13-2005 01:06 AM

Solution

Re: ssh problem

when UsePrivilegeSeparation is set to yes in sshd_config file, sshd will try to run as a user called sshd. If you did not create this user, it won't work.
Solutions :
. Create user sshd
. Set UsePrivilegeSeparation to no

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
Reply
Avi Liani
Occasional Contributor

‎01-13-2005 01:18 AM

‎01-13-2005 01:18 AM

Re: ssh problem

thenks,

that work fine, but now when i tride to open session white : ssh

i asking for password.

how can i run ssh whith out asking for password ?
avili
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎01-13-2005 01:22 AM

‎01-13-2005 01:22 AM

Re: ssh problem

I am attaching a document on proper setup of password free ssh access between machines. You cat copy the key files using any utility you wish, X is not required. Besides that, the document is solid and works very well.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎01-13-2005 01:40 AM

‎01-13-2005 01:40 AM

Re: ssh problem

If you haven't changed the default sshd_config file (which contains sensible default settings) then public key authorization will work.
You just need to create a private/public pair of RSA keys, and distribute the public keys to a file called authorized_keys in a subdirectory .ssh beneath the home directory of users on all hosts where you wish to log in.
Not to be asked for a passphrase you either have to create those keys with an empty passphrase (or revoke an existing one from an existing pair), or you need to start up an ssh-agent.
Usually the first method is a baerable compromise as far as security is concerned.
You can create the keys by ssh-keygen.
e.g.
Login as the account you connect from.
Then you could issue (find out the path of ssh-keygen if it's not in your PATH) something like

ssh-keygen -t rsa -b 1024 -N "" -f $HOME/.ssh/id_rsa

to generate an RSA key pair
(see manpage of ssh-kegen for details)

You can repeat this for other crypto systems like DSA, or RSA1 if you connect to protocol 1 servers.

The most "dangerous" part is the appending of your public key (denoted by the suffix .pub) to the aforemetioned authorized_keys file
(caveat "man-in-the-middle")
But usually ssh and remote cat \>\> will suffice if you know you can trust the route between client and server.
Madness, thy name is system administration
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎01-13-2005 02:48 AM

‎01-13-2005 02:48 AM

Re: ssh problem

Hi,

Try this link to setup ssh without password between different version of ssh/sshd.

http://bumblebee.lcs.mit.edu/ssh2/

Hope this helps.

Regds
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.