HPE Community
Server Management - Systems Insight Manager
1833162 Members
3934 Online
110051 Solutions
New Discussion

OpenSSH problem

 
SOLVED
Go to solution
PierreParis
Advisor

‎11-18-2004 03:42 AM

‎11-18-2004 03:42 AM

OpenSSH problem

I am troubleshooting OpenSSH on HP-SIM v4.1 running on server A (Windows 2K3). From this server, I cannot do anything through SSH (mxagentconfig fails all the time, I cannot run a simple tool like "dir" on the server A itself,...) Each time I got an authentication error message.
I have setup a server B (Windows 2K3) with HP-SIM 4.1 and OpenSSH. On server B, everything is working perfectly.
From server B, I can even run the tool "dir" on server A through OpenSSH. I was also able to run mxagentconfig to push the server B's CMS public key to server A.

So what is wrong on server A that avoids it to start openSSH requests ?

Many thanks for your help
0 Kudos
Reply
4 REPLIES 4
Aravindh Rajaram
Honored Contributor

‎11-18-2004 04:02 AM

‎11-18-2004 04:02 AM

Re: OpenSSH problem

On Server A did you install HPSIM with any other account other than the default administrator account? If yes, then you'll have to do the workaround.
0 Kudos
Reply
PierreParis
Advisor

‎11-18-2004 08:27 PM

‎11-18-2004 08:27 PM

Re: OpenSSH problem

Yes, at very first installation I did it with another account (a domain wide administrator account). Then I uninstalled OpenSSH and reinstalled it using the standard local Administrator account of server A. Still not working.
Then I read the SSH whitePaper and implemented the public keys as described. Still not working.
Which workaround are you speaking of ? The one described in the SSH WhitePaper ?
0 Kudos
Reply
Rob Kuehfus
Advisor

‎11-21-2004 05:53 AM

‎11-21-2004 05:53 AM

Solution

Re: OpenSSH problem

Try this and make sure you complete all steps.

Problem: Windows 2003 does not allow the Local System account to have the privileges it needs to run the SSH service. Solution: Configure the service to run as a real administrative user.

1. Stop the OpenSSH Server service:
2. Go to Start Menu ô Control Panel ô Administrative Tools ô Services to bring up the services window. Find the service labeled OpenSSH Server and stop it.
3. Change the Log On As user: a. In the same window, right-click OpenSSH Server service and select Properties. b. Select the Log On tab. c. Click the This account radio button, and enter .\Administrator. Enter Administratorâ s password and click OK.
16
4. Set file permissions: a. Bring up a file explorer window by right-clicking the start menu button, and selecting Explore. Navigate to C:\Program Files\OpenSSH\var\log. Delete any files you find in that directory. b. Navigate to C:\Program Files\OpenSSH\etc and select the files ssh_host_dsa_key, ssh_host_key, and ssh_host_rsa_key by holding down Ctrl and left-clicking on them. Then right-click on one of the files, select Properties, Security tab. Click Advanced. Select the Owner tab. Click Other Users or Groups and change the owner to Administrators.
5. Set user privileges: Select Start Menu ô Control Panel ô Administrative Tools ô Local Security Policy to bring up the security policy window. Find the Policies for Create a Token Object and Replace a Process Level Token. Add Administrator to this group by double-clicking the appropriate privilege, Click Add User or Group, enter Administrator in the Enter the Object Names to Select box, and click Check Names to verify the entry. Then click OK. 6. Start the OpenSSH Server service: Go to Start Menu ô Control Panel ô Administrative Tools ô Services to bring up the services window. Find the service labeled OpenSSH Server and start it. At this point, the service Log On As user is set to Administrator, and Administrator has been granted Create a Token Object and Replace a Process Level Token privileges. Go back to the Services window and start the service. 7. Reinstall Systems Insight Manager SSH keys: Now OpenSSH is properly configured to work under Windows 2003. In order to get command line and custom tasks to work in HP Systems Insight Manager, you will have to re-run mxagentconfig for Administrator if HP Systems Insight Manager was installed by someone other than Administrator. To do this, open a command window and run â mxagentconfig â a â u Administrator â p -n .â Alternately, run â mxagentconfigâ from the c
Reply
Eric Hunter_1
Occasional Advisor

‎05-18-2005 11:56 AM

‎05-18-2005 11:56 AM

Re: OpenSSH problem

Thank you Rob! Totaly solved my problem with OpenSSH. If I could give you 10 points I would.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.