Configuring SSH(Secure Shell) in solaris 10

Similar Messages

• Secure shell in a whole root zone

  Hello,
  I have two whole root zones running on my Solaris 10 server along with the global zone. I am able to secure shell in to the global zone, but not the whole root zones. Secure shell does not appear to be running in the whole root zones. I've tried svcadm restart ssh in the whole root zones,but no luck. What do I need to do to get secure shell working on the whole root zones?

  to create the necessary keys -
  # ssh-keygen -b 1024 -t rsa1 -f /etc/ssh/ssh_host_key -N ""
  # ssh-keygen -b 1024 -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
  # ssh-keygen -b 1024 -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""-- Nick

• Ssh & nautilus (eg. ssh://user1@remote_server:~/ ) on solaris

  excerpt from : http://en.jakilinux.org/apps/ssh-tricks/
  "Nautilus and Konqueror are the SCP-capable file managers as well. Entering ssh://user1@remote_server:~/ in the URI field results in a secure shell connection to the remote system. The files can be then copied just as they were available locally."
  not so in solaris 10 x86? is there anyway to achieve this or can somebody recommend a nice program for this.
  thanks

  found out what needs to be done: change ssh to sftp
  sftp://user1@remote_server:~/

• Not able to configure SSH

  Hi,
  I'm using 1841 router.My question is I'm not able to configure SSH in this router ,Any IOS problem?
  Sh version
  Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.4(1c), RELEASE SO
  FTWARE (fc1)

  Hi Karthick
  You are currently running IP BASE Feature Set ios on your router you need to upgrade the same to Advanced Security Services or SP Services Feature set to have SSH support in your router..
  http://www.cisco.com/en/US/products/sw/iosswrel/ps5460/index.html
  regds

• Configuring ssh for kerberos

  Hi ,
  I am using solaris 4.8 as my ssh server , Mac OS x 10.5 as ssh client and Mac OS X server as my KDC. I am newbie in solaris. I have successfully configured password less ssh with the help of GSSAPI authentication for ssh server on mac machine. But I am not getting any pointers for configuring ssh server in solaries for password less authenitcation using kerberos authentication.
  For Mac and linux we can enable GSSAPI authentication in sshd_config file but can we do simillar thing in solaris also ?
  Any pointers will be very helpful.

  Are your client Mac Pros bound to your OD master?
  Are you logging-in to the clients with OD accounts?
  If both answers are yes, then type this in a Terminal window after logging-in to a client workstation with your OD account:
  *kinit username*
  (where 'username' is your OD username, you must be logged-in to the client with an OD account, then hit Return)
  You should see this:
  *Password for [email protected]:* (OD password goes here)
  hit Return. then enter this next bit:
  klist
  and you should see something like this:
  *Default principal: [email protected]*
  *Valid starting Expires Service principal*
  *03/15/08 17:40:28 03/16/08 03:40:34 krbtgt/[email protected] Renew until 03/16/08 17:40:28*
  then enter:
  *ssh servsername.psc.edu* (hit Return)
  you should see your ssh banner (if configured) or just the standard 'Welcome to Darwin!' message.
  More info can be found in the man files for klist and kinit.

• Testing weblogic server with jdk1.4b3 -- how to configure login security manager?

  Hi got the error I include when trying to start weblogic server sp1 with new jdk1.4b3.
  Since it seems just an error of authentication, I'm wondering if it is possible
  to give a correct login configuration.
  It's just a test to see if we can use jdk1.4 for our next project with Bea Weblogic.
  Thanks,
  pakkio
  D:\bea\wlserver6.0\config\mydomain>notepad startWebLogic.cmd
  D:\bea\wlserver6.0>set PATH=.\bin;d:\apps\Oracle\Ora81\bin;C:\Programmi\Oracle\j
  re\1.1.7\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;d:\apps\Ora
  cle\Ora81\orb\bin;d:\apps\SSH
  D:\bea\wlserver6.0>set CLASSPATH=d:\bea\wlserver6.0.;D:\bea\wlser
  ver6.0\config\mydomain\applications\DefaultWebApp_myserver\WEB-INF\classes\lib\mail.jar;D:\bea\wlserver6.0\config\mydomain\applications\DefaultWebApp_myserver\W
  EB-INF\lib\jasper.jar;.\lib\weblogic_sp.jar;.\lib\weblogic.jar
  La sintassi del nome del file, della directory o del volume è incorretta.
  D:\bea\wlserver6.0>"D:\apps\jdk14b3\bin\java" -hotspot -ms64m -mx64m -classpath
  d:\bea\wlserver6.0\ext\crack.jar;.;D:\bea\wlserver6.0\config\mydomain\applicatio
  ns\DefaultWebApp_myserver\WEB-INF\classes\lib\mail.jar;D:\bea\wlserver6.0\config
  \mydomain\applications\DefaultWebApp_myserver\WEB-INF\lib\jasper.jar;.\lib\weblo
  gic_sp.jar;.\lib\weblogic.jar -Dweblogic.Domain=mydomain -Dweblogic.Name=myserve
  r "-Dbea.home=D:\bea" weblogic.Server
  java.lang.SecurityException: Impossibile trovare una configurazione di login
  at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:99)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstruct
  orAccessorImpl.java:42)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingC
  onstructorAccessorImpl.java:30)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:277)
  at java.lang.Class.newInstance0(Class.java:301)
  at java.lang.Class.newInstance(Class.java:254)
  at javax.security.auth.login.Configuration$3.run(Configuration.java:223)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.security.auth.login.Configuration.getConfiguration(Configuratio
  n.java:217)
  at javax.security.auth.login.LoginContext$1.run(LoginContext.java:172)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.security.auth.login.LoginContext.init(LoginContext.java:169)
  at javax.security.auth.login.LoginContext.<init>(LoginContext.java:395)
  at weblogic.security.internal.ServerAuthenticate.main(ServerAuthenticate
  .java:80)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:167)
  at weblogic.Server.main(Server.java:35)
  Caused by: java.io.IOException: Impossibile trovare una configurazione di login
  at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:208)
  at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:97)
  ... 16 more

  Did you find any solution? We have the same problem: If we define a realm in weblogic-application.xml
  <security>
  <!--
  This element names a security realm that will be used by the
  application. If no specified, then the system default realm will be
  used
  -->
  <realm-name>dmzrealm</realm-name>
  </security>
  then the following exception is logged even if there is a dmzrealm in our Weblogic configuration:
  weblogic.security.service.InvalidParameterException: [Security:090396]Security Realm dmzrealm does not exist
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.getSecurityServiceInternal(CommonSecurityServiceManagerDelegateImpl.java:279)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.getSecurityService(CommonSecurityServiceManagerDelegateImpl.java:225)
  at weblogic.security.service.SecurityServiceManager.getSecurityService(SecurityServiceManager.java:188)
  at weblogic.application.internal.flow.SecurityRoleFlow.initSecurityService(SecurityRoleFlow.java:133)
  at weblogic.application.internal.flow.SecurityRoleFlow.prepare(SecurityRoleFlow.java:79)
  Truncated. see log file for complete stacktrace

• Secure Shell Program in OSX?

  I'm making the switch to OSX and know that the OS has a built in secure shell type program...can anyone tell me about it and how to get to it?

  If you're familiar with UNIX or Linux-type systems, the terminal Application described by Shaddow will be very useful to you, as you can run everything you might need from the command-line.
  It should be installed by default in your Applications->Utilities folder.
  If you're coming from Windows, you're probably familiar with programs like "PUtty", where you can enter all the values you need in a Windows-y window and a shell pops up on the desktop.
  "ssh" is a program commonly used from the command line, but you may want to check out "scp" as well.
  If you're feeling adventurous and want to know all about using secure shell, open up a terminal window and type "man ssh<enter>" or "man scp<enter>".

• Configure ssh between two hosts as a ROOT user

  Hi Experts,
  I have tried several times to configure ssh between two hosts but didn't get success. Can some please help me to configure ssh as a root.
  I have freshly installed two solaris 10 VM's.
  Thanks~
  Edited by: user12108503 on Jun 3, 2013 1:28 PM

  Hi,
  I have changed the config file and still getting exactly same error message.
  /etc/ssh/ssh_config: line 32: Bad configuration option: PermitRootLogin
  /etc/ssh/ssh_config: terminating, 1 bad configuration options
  Please help.
  Thanks~

• Cisco 3845 Router, SSH, Secure HTTP & CS-MARS

  Hello,
  I have a 3845 router (Version 12.3(11r)T2, RELEASE SOFTWARE (fc1)) which I have configured SSH access through vty. Th e problem is that SSH access fails when I try to connect to it using Putty. It also fails to connect using ip http secure-server both from a browser & through CS-MARS (IOS IPS). All user names exist and are working fine with telnet.
  Does IOS 12.3 have issues with SSH * secure http?
  I get this error in MARS:
  "Error in INIT GET. Check the username/password"

  Hi -
  I searched all open/closed TAC cases for you with that error message - I found 1 similar case.
  Here's the results of their case:
  "we managed to fix the issue it was ip http authentication enable command (change to accept local usernames/passwords)."
  Can you review this and see if you need to tell SSH and HTTPs to use the local database?
  Please let us know.
  thxs
  peter

• Configuring Database Security Store is failing

  Guys,
  I am trying to configure Database Security Store while installing 11gR2 (OIM, OAM, SOA) and wlst.sh script is failing. Here is the format I am giving.
  $MW_HOME/oracle_common/common/bin/wlst.sh $ORACLE_HOME/common/tools/configureSecurityStore.py -d $IAM_DOMAIN_LOCATION -m create -c IAM -p $ORA_PASS
  Here is the error message i am getting.
  Problem invoking WLST - Traceback (innermost last):
  File "/apps/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py ", line 15, in ?
  ImportError: no module named security
  Please let me know how to resolve this issue.
  PS: I created a new domain with 7002 for OIM, OAM & SOA as 7001 is being used by OID domain. And trying to run the above command with 7002 domain name and getting this error.

  This is a bug.
  Run a search for wlst.sh in your environment and call the wlst.sh from oracle_common/common/bin not from wl_server/common/bin.
  You can look for this (Doc ID 1493576.1) in Oracle support.
  Thanks,
  Ram

• How to install and configure oracle secure backup(osb-10.4.0.3.0_linux.x64) in linux

  Hello,
  We are planning to install and configure Oracle Secure Backup Version 10.4 in Linux server. I had searched documents and i have not find any relevant steps to install and configure in OEL 6.2.
  Can anyone please suggest me how to install and configure OSB.
  Regards,
  Anil

  Hi
  Installing OSB on Oracle Linux is just the same as installing on any other supported linux and is described in Installation and Configuration guide. Just stick with the directories and procedure described in install guide and you should be fine.
  For media server choose a physical host due to performance considerations. I think it is mentioned in docs somewhere.
  Regards,
  Mitja

• T61p - Please wait while Windows configures Client Security Password - Manager

  My T61p system is fully updated, however I continue to get "Please with while windows configures Client Security Password - Manager." and then the computer trys to install
  css_manager_vista_tpm.exe
  over and over again.
  What is the problem here and how can I solve?
  How can I contact Lenovo-Thinkpad to assist?
  The problem has reoccured even after I did a system restore to an earlier date.
  It seems to initiate when I first boot up and then open up "Pictures"
  Please help.
  Thanks

  Well, I take everything back. After removing all password entries and re-installing/rebooting, it worked for a while. But now it is doing it all over again. I tried to call techincal support, but they then said I would have to pay for software support and they only support hardware, and to re-install the OS. Great, jeez, I couldn't have tried that myself, and that is so simple and takes no time at all (detecing sarcasm yet?)
  I do a lot of work for large corporations that are watching the IBM=>Lenovo takeover very closely to see if they are going to drop Thinkpads altogether and go with another laptop vendor. This type of weak support does not bode well. The person I was on the phone with was rude, hard to understand, and even told me there was no place to escalate the call to.
  There is no replacement for customer support. It is sad to see no Lenovo involvement in this forum, and don't make the mistake of thinking this is an isolated problem at this time. It is growing.
  Though Thinkpads are great Laptops, Toshiba used to have the market, but their support or should I say lack of it led to their downfall and position of leadership loss.
  It will be no different if Lenovo continues to act like a machine churner.

• How to configure java.security file to run j2ee programs

  Hi,
  I am using Sun one application server to run my j2ee programs.
  plz tell me how to configure java.security file inside my appserver so that i can run my servlet program that is using jsse API to create SSL sockets.
  I am not able to follow whats there in java.security file.Kindly tell how to configure it.
  Waiting for ur replies!
  Thanks,
  Akshatha

  Hi,
  I am using Sun one application server to run my j2ee programs.
  plz tell me how to configure java.security file inside my appserver so that i can run my servlet program that is using jsse API to create SSL sockets.
  I am not able to follow whats there in java.security file.Kindly tell how to configure it.
  Waiting for ur replies!
  Thanks,
  Akshatha

• Failed to get configuration from secure gateway. Contact your system administrator.

  I have an ASA 5515 running 9.1(1).
  One of my customers is attempting to connect with AnyConnect 3.1.02040 and after authenticating, he gets the message
  Failed to get configuration from secure gateway. Contact your system administrator.
  I have about 100 other customers who have not had this issue and can connect fine.
  Since it appears to be localized to his PC, he's uninstalled and reinstall the client, but to no avail. He's using Windows 7 Pro.
  On the ASA, while he is attempting to connect, I see this:
  15:48:04|302014|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Teardown TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 to identity:<<<ASA IP>>>/443 duration 0:00:00 bytes 8241 TCP Reset-I
  14:48:04|725007|<<<REMOTE IP>>>|51032|||SSL session with client outside:<<<REMOTE IP>>>/51032 terminated.
  14:48:04|113039|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> AnyConnect parent session started.
  14:48:04|734001|||||DAP: User etpdeir, Addr <<<REMOTE IP>>>, Connection AnyConnect: The following DAP records were selected for this connection: DfltAccessPolicy
  14:48:04|113008|||||AAA transaction status ACCEPT : user = etpdeir
  14:48:04|113019|||||Group = ibmdtsc, Username = etpdeir, IP = 124.128.162.43, Session disconnected. Session Type: AnyConnect-Parent, Duration: 0h:41m:41s, Bytes xmt: 885580, Bytes rcv: 1343, Reason: Connection Preempted
  14:48:04|716002|||||Group <GroupPolicy_AnyConnect> User <etpdeir> IP <<<<REMOTE IP>>>> WebVPN session terminated: Connection Preempted.
  14:48:04|113009|||||AAA retrieved default group policy (GroupPolicy_AnyConnect) for user = etpdeir
  14:48:04|113004|||||AAA user authentication Successful : server =  172.29.128.126 : user = etpdeir
  14:48:04|725002|<<<REMOTE IP>>>|51032|||Device completed SSL handshake with client outside:<<<REMOTE IP>>>/51032
  14:48:03|725001|<<<REMOTE IP>>>|51032|||Starting SSL handshake with client outside:<<<REMOTE IP>>>/51032 for TLSv1 session.
  15:48:03|302013|<<<REMOTE IP>>>|51032|<<<ASA IP>>>|443|Built inbound TCP connection 495403 for outside:<<<REMOTE IP>>>/51032 (<<<REMOTE IP>>>/51032) to identity:<<<ASA IP>>>/443 (<<<ASA IP>>>/443)
  Any ideas?

  i had this problem.  for me the cause had to do with internet explorer TLS settings.
  in IE8 go to tools, internet options, advanced and under security I had to make sure Use TLS 1.0 was checked (only Use SSL 3.0 and Use TLS 1.1 were checked.  I left them checked.).

• How  to configure the network on Sun Solaris 8

  The Sun workstation is a license server, and Window NT workstation need to access the license file that located in the sun workstation.
  Now the Window NT workstation cannot connect with the sun solaris, and I guess that I need to configure the network on Sun Solaris 8.
  Could you please tell me how to do that step by step?
  If there is the system tool like the window system to configure the network easily and quickly.
  I appreciate it.
  Mark

  If your sun system is working then probably it has network configured already .You can check it by the following command on the sun.
  ifconfig -a
  Generally applications asks where license server is located and you need to give the ip-address or host name only . Application docs will give more detail about it.
  You can get ip-address from ifconfig comand above.
  Hemant Sharma
  http://www.adminschoice.com