SSH in solaris

i cannot log into my server anymore. i configured ssh and disabled telnet while i use the hyperterminal to connect to the server. now all i get is a message to say the host has reset and a C prompt on which i can't type in any commands please help

Try to be a little more clear than "it doesn't work". If you're logged on using hypterterminal I'd say that you're onto a serial console, and those are not affected when you're changing services like SSH or telnet.
What is a "C prompt" anyway ?

Similar Messages

SSH from solaris 10 to RHEL 5

Hi,
I want to do passwordless ssh from solaris VM to linux server.
Kindly tell me the complete steps.

On the machine attached to the screen in front of you:
<pre>
mkdir -p ~/.ssh
chmod 700 ~/.ssh
rm -f ~/.ssh/id_dsa
ssh-keygen -t dsa -N "" -f ~/.ssh/id_dsa
ssh username@remote_host "mkdir -p .ssh; chmod 700 .ssh"
ssh username@remote_host "echo "$KEY" >> .ssh/authorized_keys; chmod 644 .ssh/authorized_keys"
ssh username@remote_host
(should log you right in without prompting for password)
</pre>

PuTTY / SSH in Solaris 10

When someone tries to login to a SOLARIS 10 server via SSH in PuTTY the details are limited to the following:
login as: testacct
Using keyboard-interactive authentication.
Password:
Using keyboard-interactive authentication.
New Password:
Using keyboard-interactive authentication.
Re-enter new Password:
Access denied
Using keyboard-interactive authentication.
Password:
Using keyboard-interactive authentication.
New Password:
Using keyboard-interactive authentication.
Re-enter new Password:
I don't know if this is a feature of PuTTY or Solaris 10 that is disabled but what I would expect to see above are messages such as:
Warning: Your password has expired, please change it now.
or
The first 8 characters of the password must contain at least 1 numeric or special character(s).
(depending on your /etc/default/passwd)
Where is this information being suppressed? I am looking to enable that extra information so when, for example, "Access Denied" appears, the user has some clue as to why and can take corrective action to properly login.
Thanks.
PS- I ran ssh -vvv user@host and saw that the "extra info" above was being generated, but it's not making it over to the PuTTY client side.
Edited by: dubitancy on Dec 12, 2008 9:37 AM

janp2 wrote:
I hit this issue right now so I'm pasting a part of my reply to another list.
It might help other people:
==
The "Warning: Your password has expired, please change it now." comes in a
separate SSH_MSG_USERAUTH_INFO_REQUEST packet. This packet in general has an
"instructions" field, and some "prompt" fields. SunSSH server sends the warning
in a separate info-request packet, with 0 prompts, and with the warning message
in the instruction field. That's fine according to the spec (rfc 4256):
The num-prompts field may be `0', in which case there will be no
prompt/echo fields in the message, but the client SHOULD still
display the name and instruction fields (as described below).
however, when the number of prompts is 0, putty ignores the instruction field.
SunSSH client does the right thing, OpenSSH client as well. In theory, we could
put the warning message in the next info-request packet together with the "New
Password" prompt but that decision was intentional, we would be really "fixing"
stuff to workaround problems somewhere else.
so, my conclusion is that they should file a bug againt those SSH clients they
use. It's not a problem in the SunSSH server at all.
==
BTW, the putty's file is ssh.c, the instruction field is set on line 7474:
s->cur_prompt->instruction = ...
but add_prompt() function that prints the stuff out is called inside of the
following loop:
for (i = 0; i < s->num_prompts; i++)
so, as we can see, if the number of prompts is 0, we get no instruction
field printed.
Jan.Thank you very much, Jan. That was very helpful - at least now I have confirmation.
Update: I contacted the dev team for PuTTY and they let me know that this bug has been fixed in the latest Development version of PuTTY but there isn't a firm release date planned. Anyway, it'll be fixed in the next release of PuTTY
Edited by: dubitancy on Jan 7, 2010 6:33 AM

Passwordless SSH for Solaris 10 user (not root)

Hi All,
I tried the setup the passwordless ssh for an user between 2 servers but failed.
I follow this guide but only manage to setup for root, but not other users
http://www.sunsolarisadmin.com/solaris-7/ssh-access-without-password-in-sun-solaris/
http://adminschoice.com/how-to-configure-ssh-without-password
Any one tried??

Hello,
I have setup ssh with my accounts so I will try to help you.
1st off your guides look good. 2nd most people disable remote root login, you should too.
I'm guessing you used or where root when you generated the ssh keys. Do the steps again as a normal user.
I use this guide when I have questions about ssh. Maybe this guide will be easier to understand.
http://www.g-loaded.eu/2005/11/10/ssh-with-keys/
I hope this helps.

Ssh and solaris 10

Hi,
since we upgraded to solaris 10, ssh behavior changed. After validating the login, it takes something like 10 seconds for ssh to ask for the password. Has anyone observe such behavior ?

Hi,
yep nslookup failed with my IP adress, it returns "no server could be reached". my /etc/nsswitch.conf only list files (no dns), and /etc/resolv.conf is :
nameserver 127.0.0.1
I've stoped and restarted /etc/init.d/nscd after modification.
Finger find the correct name of the remote computer though.

SSH in Solaris 10 & zones

I have recently seen this problem connecting via ssh
( from an windows box using Secure ssh ( www.ssh.com )
particulary to solaris 10 sparc , ( connection problem to both global and zones )
complaining of a different alogrithm; and not connecting .
I played with choosing different alogrithm options available with secure ssh
but had no success.
ssh session from another solaris box to the solaris 10 box ( both global and zones)
seems to be ok.
anybody having similar problem
or have trouble shooted the same, let me know
thanks
Nil

>
I have recently seen this problem connecting via ssh
( from an windows box using Secure ssh ( www.ssh.com )
particulary to solaris 10 sparc , ( connection
problem to both global and zones )
complaining of a different alogrithm; and not
connecting .Could you please specify what version of S10 you are running? (uname -v)
- jonathan

Ssh in solaris 10

Hi all
I have installed a new Solaris 10 1/06 on sunV480. I am not able to login with ssh in this server, both rlogin and telnet is working.If you have any solution for this please update
Thanks
RPS

svcs -l ssh
fmri svc:/network/ssh:default
name SSH server
enabled true
state offline
next_state none
state_time Thu 03 Aug 2006 06:09:24 PM IST
restarter svc:/system/svc/restarter:default
dependency require_all/none svc:/system/filesystem/local (online)
dependency optional_all/none svc:/system/filesystem/autofs (online)
dependency require_all/none svc:/network/loopback (online)
dependency require_all/none svc:/network/physical (maintenance)
dependency require_all/none svc:/system/cryptosvc (online)
dependency require_all/none svc:/system/utmp (online)
dependency require_all/restart file://localhost/etc/ssh/sshd_config (online)

Ssh -X solaris 9 host fails to set DISPLAY

i'm running Suse 9.1 Pro as my graphis client. x86 doesn't quite work yet on my host.
i'm trying to run smc from my E250 (headless) to my Suse 9.1 desktop.
the E250 is running Solaris 9. when i ssh -X and echo $DISPLAY, DISPLAY is empty.
howerver, i can ssh -X (from suse) to another suse system, DISPLAY is set.
i can also ssh -X (from suse) to my e250 running Solaris 10 and the DISPLAY is set!
i've don't xhost + on all systems.
why is Solaris 9 not working with the ssh -X forwarding setup? what am i missing on the Solaris 9 side? both Solaris 10 and 9 look to be the same in setup.
thanks!

If you use OpenSSH on the server side, X forwarding is turned off in the config by default on the server. Maybe the same with the Solaris OE bundled sshd?

INSTALLING SSH IN SOLARIS 8

Hello,
I�m trying to install openssh in a Solaris 8 machine. I followed these setps:
1.- Install the patch 112438-03 and boot -r
2.- pkgadd -d openssh-4.4p1-sol8-sparc-local
pkgadd -d openssl-0.9.6i-sol8-sparc-local
pkgadd -d zlib-1.2.3-sol8-sparc-local
3.- mkdir /var/empty
chown root:sys /var/empty
chmod 755 /var/empty
groupadd sshd
useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd
4.-modify /usr/local/etc/sshd_config (making reference to /usr/local/libexec/sftp-server)
5.-implement the files /etc/hosts.allow and /etc/hosts.deny
6.- NOW I HAVE TRIED THE FOLLOWING ACCORDING WITH THE INSTRUCTIONS IN INSTALL.openssl document:
$ ./config
PROBLEMS: WHERE IS THE "config" script localted? I get the message "ksh: ./config: not found"
Please, help me! How can I follow from this point. I don`t know from where execute the config script.
thanks

Follow this steps recently i did it in a solaris 8 box
hope this will solve your issue
Ssh installation for Solaris 8
Introduction:
Secure shell (SSH) is a protocol that provides a secure, remote connection to any device with ssh support. SSH is a substitute to Berkeley r-tools like telnet, rlogin, rsh and rcp which are not secure. SSH provides more security to any data that is being transported to the Internet by providing more authentication, encryption and authorization procedures. There are currently two versions of SSH available, SSH Version 1 and SSH Version 2
openssh
openssl (SSL)
prngd (Psuedo Random Generator Daemon)
zlib (Z library)
Installation:
#pkgadd -d openssl-0.9.6c-sol8-sparc-local
The following packages are available:
1 SMCosslc openssl
(sparc) 0.9.6c
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
#pkgadd -d prngd-0.9.23-sol8-sparc-local
The following packages are available:
1 SMCprngd prngd
(sparc) 0.9.23
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
#pkgadd -d zlib-1.1.4-sol8-sparc-local
The following packages are available:
1 SMCzlib zlib
(sparc) 1.1.4
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
#pkgadd -d openssh-3.1p1-sol8-sparc-local
The following packages are available:
1 SMCossh openssh
(sparc) 3.1p1
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Note:- If you are facing any problem like PRNG is not seeded please apply 112438-01 patch and reboot the system and create a symbolic link
ln -s /devices/pseudo/random@0:random /dev/random
ln -s /devices/pseudo/random@0:urandom /dev/urandom
This is because of missing /dev/random
Create SSHD account and directory
# mkdir /var/empty
# chown root:sys /var/empty
# groupadd sshd
# useradd -g sshd -c "SSHD Admin" -d /var/empty �s /bin/false sshd
Startup Scripts:
Create a startup script for the ssh daemon.
/etc/init.d/sshd
#! /bin/sh
# start/stop the secure shell daemon
case "$1" in
'start')
# Start the ssh daemon
if [ -f /usr/local/sbin/sshd ]; then
echo "starting SSHD daemon"
/usr/local/sbin/sshd &
fi
'stop')
# Stop the ssh deamon
PID=`/usr/bin/ps -e -u 0 | /usr/bin/fgrep sshd | /usr/bin/awk '{print $1}'`
if [ ! -z "$PID" ] ; then
/usr/bin/kill ${PID} >/dev/null 2>&1
fi
echo "usage: /etc/init.d/sshd {start|stop}"
esac
Make the script executable and create a startup script on run level 2.
#sh sshd start
#chmod +x /etc/init.d/sshd
#ln �s /etc/init.d/sshd /etc/rc2.d/S99sshd
Create a startup script for the pseudo random generator daemon.
/etc/init.d/prngd
#! /bin/sh
# start/stop the pseudo random generator daemon
case "$1" in
'start')
# Start the ssh daemon
if [ -f /usr/local/bin/prngd ]; then
echo "starting PRNG daemon"
/usr/local/bin/prngd /var/spool/prngd/pool&
fi
'stop')
# Stop the ssh deamon
PID=`/usr/bin/ps -e -u 0 | /usr/bin/fgrep prngd | /usr/bin/awk '{print $1}'`
if [ ! -z "$PID" ] ; then
/usr/bin/kill ${PID} >/dev/null 2>&1
fi
echo "usage: /etc/init.d/prngd {start|stop}"
esac
Make the script executable and create a startup script on run level 2.
#chmod +x /etc/init.d/prngd
#ln �s /etc/init.d/prngd /etc/rc2.d/S99prngd
# /etc/init.d/prngd start
starting PRNG daemon
Info: Random pool not (yet) seeded
Could not bind socket to /var/spool/prngd/pool: No such file or directory
# mkdir -p /var/spool/prngd
#/etc/init.d/prngd start
starting PRNG daemon
# Info: Random pool not (yet) seeded
Next is to start the actual ssh daemon,
# /etc/init.d/sshd start
starting SSHD daemon
Could not load host key: /usr/local/etc/ssh_host_key
Could not load host key: /usr/local/etc/ssh_host_rsa_key
Could not load host key: /usr/local/etc/ssh_host_dsa_key
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
The errors above are due to the fact that we didn't create any key pairs for our ssh server.
Create a public key pair to support the new, DSA-based version 2 protocol
# /usr/local/bin/ssh-keygen -d -f /usr/local/etc/ssh_host_dsa_key -N ""
Generating public/private dsa key pair.
Your identification has been saved in /usr/local/etc/ssh_host_dsa_key.
Your public key has been saved in /usr/local/etc/ssh_host_dsa_key.pub.
The key fingerprint is:
00:91:f5:8a:55:7c:ac:ff:b7:08:1f:ce:23:aa:f2:79 root@solaris8
Create a public key pair to support the old, RSA-based version 1 protocol
# /usr/local/bin/ssh-keygen -b 1024 -f /usr/local/etc/ssh_host_rsa_key -t rsa -N ""
Generating public/private rsa1 key pair.
Your identification has been saved in /usr/local/etc/ssh_host_rsa_key.
Your public key has been saved in /usr/local/etc/ssh_host_rsa_key.pub.
The key fingerprint is:
8e:b0:1d:8a:22:f2:d2:37:1f:92:96:02:e8:74:ca:ea root@solaris8
Edit ssh daemon configuration file /usr/local/etc/sshd_config, enable protocol 2 and 1
Uncomment the line, that says
protocol 2,1
# /etc/init.d//sshd start
starting SSHD daemon
Thnaks
RK

Cannot ssh from solaris to mac (mountain lion)

Everything is built in my Solaris machine, but I get this when I try to slogin to my "mini":
$ slogin mini.local
could not open any host key
ssh_msg_send: write
ssh_keysign: couldn't send request
Coming from the mini I can slogin with no problem to my Solaris ("blade").
Even the versions are very close.
ssh -V
OpenSSH_5.9p1, OpenSSL 0.9.8y 5 Feb 2013
ssh -V
OpenSSH_5.5p1, OpenSSL 1.0.0k 5 Feb 2013
I need help with understanding where the mac mini keeps its host keys (I think).

On your Solaris machine, try ssh -v mini.local.
Also, from MAC OS X Terminal on the Mac mini locally try ssh -v localhost.
Check System Preferences -> Sharing -> Remote Login.

Problem with ufsdump over rsh/ssh with solaris 10

Hi,
I want to do a ufsdump over rsh/ssh between 2 servers running Solaris 10. Here is the command I launch :
localServer:# rsh rmtServer "ufsdump 0f - /var" > /backups/rmtServer
When I execute this command on the command line, everything is working very well. But, when I launch the same command with cron or at, it's not working. Instead, I have a broken pipe, the dump is aborted and the following message appears in /var/cron/log:
"! could not obtain latest contract from popen(3C): No such process Tue May 3 10:27:09 2005"
If I run the same command (cron) on a remote server running Solaris 8, it's working.
The problem seems to come from the redirection of the input in a file on the local server. If I put the redirection on the remote server (rsh rmtServer "ufsdump 0f - /var > /somefs/rmtServer"), it's working.
So, what is the source of the problem ?
Jeff

Yup, that's what I suspected. Cron is not authenticating the user properly. "at" and "cron" use the same scheduling daemon, which is why they both fail.
Sadly, I do not have any Solaris 10 clients to test this, but it's exactly what I had run into before. User logins and cron can be configured to use different authentication mechanisms, and something has happened to cron's authentication. This could be anything from a bad configuration to a corrupted library.
Here are the default cron entries in /etc/pam.conf for Solaris 9. (I know, it's 9. No choice for me at this point.) Do they look this way in Solaris 10? If not, you might want to try.
# cron service (explicit because of non-usage of pam_roles.so.1)
cron account required pam_projects.so.1
cron account required pam_unix_account.so.1

SSH on Solaris 2.5.1

I was looking for a patch for Solaris 2.5.1 to enable SSH ( I could not migrate to Solaris 8 or 9 due to unsuported OS for some applications ).
Did someone know if there is such patch ?

Programs aren't usually installed via patches. 2.5.1 has been out of support for some time now. There is no SSH patch and will be none.
You can compile OpenSSH yourself or download a copy from somewhere that has compiled it for 2.5.1 I'd start with sunfreeware.com.
Darren

Help regarding SSH on solaris 8

Hi Guys,
I have installed SSH package on server as well as clients.
I think I need to these steps next.( We do not have proper docs for SSH)
Login as root on the server.
1) ssh-keygen -b 1024 -t rsa -f /etc/ssh_hosts_key.pub -N " "
Login to root as the user.
2)ssh_keygen -b 1024 -t rsa
Enter the phrase
Basically this create 2 files in dir /home/<user_name>/.ssh. Copy id_rsa.pub as authorised_keys.
Copy this 3 files to the client machine in user directory
Login to client as root.
3) ssh-agent $SHELL
4)ssh-add <pahrase>
Is this correct? (Actually i dont properly know that these commands do)
Just wanted to check before i start expirementing on production boxes.
I am working solaris 2.8 on E6500.
Please help.

Hi
Step1 for just conencting thro ssh
ps -ef|grep ssh (to make sure the daemon is running)
Modify the sshd_config file and make rhe required changes
some of them
PasswordAuthentication
PermitRootLogin
StrictModes
PermitEmptyPasswords
once you make these changees stop and start the sshd daemon,now try to connect from your pc (thro putty or other ssh client tools ,it should connect
step2
password less login (using key exchange)
Generate the key as you have mentioned on system 1
ftp the .pub file over to system 2
go to system 2 do a ssh to the system and terminate (this will create a .ssh directory)
put the .pub from the system 1 here and also create a file called authorized_keys or the other way is cat the *.pub >authrozed_keys
make the same kind of chanegs to the sshd_config file on this system(system 2) and recycle the sshd daemon
Now try ssh from system 1 to 2 it should login with out asking for a password.
Hope this helps
Rgds
Gopih

TECTIA SSH Server & Solaris 10

Hi,
Wondering if anyone has come across this before. I have Tectia ssh server installed on an intel-based SunFire x2100 server running Solaris 10. I have properly configured Tectia server to utilize Radius for authentication. My Radius server is a Windows 2003 server running IAS. Every time I try to log using ssh in I get the following message on /var/adm/sshdlog:
[ID 702911 auth.warning] 720 Keyboard_interactive_radius_auth_error, Username: myuser , Algorithm: radius, "Auth failure. Radius Server returned: 0", Session-Id: 2
The strange thing is that when I look at the Radius logs, my authentication attempts are granted access. Packet traces also show that the Radius server is sending an "accept" packet back to the client.
Any help would be greatly appreciated!!!
-L

and the key thing you're looking for in sshd_config is -
PermitRootLogin yes
if it's set to anything other than yes (like no or without-password), direct interactive root login via ssh won't happen - jeff

Ssh on solaris 10

when i am trying to connect to ssh from putty i get the below errors
login as: root
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:
and it goes on.... I am logging in as root with the root password and it says Access Deniyed..
# chmod 700 .
# chmod 600 *
# ls -la
total 6
drwx------ 2 root root 512 Jan 6 14:19 .
drwxr-xr-x 37 root root 1024 Jan 6 14:18 ..
-rw------- 1 root root 442 Jan 6 14:23 known_hosts
# mkdir identity-test
# cd iden*
# ls
# ssh-keygen -f id_rsa -t rsa
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa.
Your public key has been saved in id_rsa.pub.
The key fingerprint is:
63:e1:20:a7:ad:16:6e:da:f9:27:9d:05:05:49:8f:9a root@unknown
# ls
id_rsa id_rsa.pub
# pwd
/.ssh/identity-test
# ssh [email protected] 'mkdir .ssh'
Password:
Password:
Password:
Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).

This one is working:
vim /etc/ssh/sshd_config
Edit line:
PermitRootLogin yes
:wq
vim /etc/default/login
Comment Line:
CONSOLE=/dev/console
:wq
Restart service:
svcadm restart ssh
http://www.msysc.org/index.php?page=remote-root-login

SSH in solaris

Similar Messages

Maybe you are looking for