SSH & SOLARIS
I am in vm (puTTy) would like to ssh solaris server how can I do that
THANKS TO ALL
I already have puTTy installed, and SSH , but how to get to solaris
thank you
Similar Messages
-
Sun ssh does not recognize client configuration option
Running strings on /usr/bin/ssh, Solaris 10 10/09 (and earlier) shows OpenSSH_3.8, among other things. OpenSSH FAQ says that the client config (.ssh/config file) option ServerAliveInterval was introduced in version 3.8, but that option throws an error from Sun ssh. Works on Mac OS X, and Ubuntu.
What is the OpenSSH version that the Solaris 10 Sun ssh is based on, and does anyone know why this option doesn't work? It's a handy option, too.
DaveWell, just because its based on the named OpenSSH version, it doesn't mean it has all its features. I can imagine that somehow Sun syncs all bugs, but not necessarily all features (at least not automatically).
A reason for this is that the SunSSH is quite different in terms of privilege seperation, auditing, PAM and GSS.
Anyway, the feature you requested is actually implemented in OpenSolaris:
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6268400
.. but its not (yet?) backported to Solaris 10.
.7/M. -
I have configuered my solaris 8 box to be a client to a linux(rh62) nis server.
ypcat/ypwhich/getent works fine but still users can't authenticate using telnet/ftp.
I tried to paste a password from the linux password file to the solaris password file and it worked just fine.
nsswitch.conf was also checked and it looks fine.
Any ideas?
Yoav.azru0512 wrote:
As the subject says, I have a solaris as a nis client which is bouned to a linux nis server.
The problem is I cannot ssh to solaris with a nis account.You should see if this is because the account is invalid/missing or if it's just a failure of the password.
While on the Solaris box, what do you get for
'getent passwd <account>' ?
I have read a lot related discussions. It seems the cause is that Linux use md5 encryption
and Solaris use des encryption. Most of them suggested let linux use des rather than md5.
I don't think it is the best solution. I tried to change the password encryption in Solaris.
I followed the instruction suggested by the link:
http://www.vmunix.com/mark/blog/archives/2005/10/31/changing-default-password-encryption-in-solaris/
That only changes the default encoding (what gets saved). That has no effect on being able to use an existing password. If the encoding method is supported by Solaris, it should be able to use the password immediately.
But it still failed to ssh solaris with a nis account. Do I miss something?"failed" encompasses a lot of possibilities. Is it even finding a valid account?
Darren -
When someone tries to login to a SOLARIS 10 server via SSH in PuTTY the details are limited to the following:
login as: testacct
Using keyboard-interactive authentication.
Password:
Using keyboard-interactive authentication.
New Password:
Using keyboard-interactive authentication.
Re-enter new Password:
Access denied
Using keyboard-interactive authentication.
Password:
Using keyboard-interactive authentication.
New Password:
Using keyboard-interactive authentication.
Re-enter new Password:
I don't know if this is a feature of PuTTY or Solaris 10 that is disabled but what I would expect to see above are messages such as:
Warning: Your password has expired, please change it now.
or
The first 8 characters of the password must contain at least 1 numeric or special character(s).
(depending on your /etc/default/passwd)
Where is this information being suppressed? I am looking to enable that extra information so when, for example, "Access Denied" appears, the user has some clue as to why and can take corrective action to properly login.
Thanks.
PS- I ran ssh -vvv user@host and saw that the "extra info" above was being generated, but it's not making it over to the PuTTY client side.
Edited by: dubitancy on Dec 12, 2008 9:37 AMjanp2 wrote:
I hit this issue right now so I'm pasting a part of my reply to another list.
It might help other people:
==
The "Warning: Your password has expired, please change it now." comes in a
separate SSH_MSG_USERAUTH_INFO_REQUEST packet. This packet in general has an
"instructions" field, and some "prompt" fields. SunSSH server sends the warning
in a separate info-request packet, with 0 prompts, and with the warning message
in the instruction field. That's fine according to the spec (rfc 4256):
The num-prompts field may be `0', in which case there will be no
prompt/echo fields in the message, but the client SHOULD still
display the name and instruction fields (as described below).
however, when the number of prompts is 0, putty ignores the instruction field.
SunSSH client does the right thing, OpenSSH client as well. In theory, we could
put the warning message in the next info-request packet together with the "New
Password" prompt but that decision was intentional, we would be really "fixing"
stuff to workaround problems somewhere else.
so, my conclusion is that they should file a bug againt those SSH clients they
use. It's not a problem in the SunSSH server at all.
==
BTW, the putty's file is ssh.c, the instruction field is set on line 7474:
s->cur_prompt->instruction = ...
but add_prompt() function that prints the stuff out is called inside of the
following loop:
for (i = 0; i < s->num_prompts; i++)
so, as we can see, if the number of prompts is 0, we get no instruction
field printed.
Jan.Thank you very much, Jan. That was very helpful - at least now I have confirmation.
Update: I contacted the dev team for PuTTY and they let me know that this bug has been fixed in the latest Development version of PuTTY but there isn't a firm release date planned. Anyway, it'll be fixed in the next release of PuTTY
Edited by: dubitancy on Jan 7, 2010 6:33 AM -
Solaris 9 remote login (ssh) drops connection
Hello All,
I wonder if you can help me...
Let me give you some set-up details before I ask you the question.
I have Ultra-60 at home with Solaris 9 and recommended patch cluster installed. The machine is connected to a Linksys WAG54G ADSL router/modem through RJ45 ethernet cable. The router also has windows XP machine connected through RJ45 ethernet cable. I also have another windows XP machine that connects to the router over wireless connection.
I have opened up required ports on the router/port forwarding so that I can access the services remotely. I was first using default ports for http and ssh, but have now changed them to different ports - to be a bit more secure.
I have created a domain name through dyndns.org.
I have ssh running on the solaris 9 machine and has all the remote commands (rlogin, rsh, telnet) commented out in the /etc/inetd.conf and hence are not running on the machine.
I have a UK ADSL servise provider called Pipex.
Now lets get to the problem:
The whole purpose of the above set-up is that I want to access sun machine from work. The whole set-up works perfectly well - for a little while and then something strange happens. At work, when I connect to the sun machine, everything works fine and when I leave the session idle for 15-20 minutes (could be less time), the connection drops and then I can not connect to the machine for good couple of hours. When I say connection drops, I do not mean that system displays a logout message or something - There is no response from the server - pressing of return key does not do anything and eventually I get a message on windows pop up that connection is disconnected. If I try to retry, the client tries for a while and then says that connection timed out. Same thing happens if I use the IP address � I use the right IP address as someone at home checks the router to confirms the correct IP address. This eliminates problem with domain name.
I have tried everything and can not work out what is causing this problem - the machine has all the 9_recommended patches. To narrow the problem down, I set up apache server on the sun machine. Today, when the connection dropped, I tried to connecting to the apache server and it failed - 'page can not be displayed' message on the internet explorer. However, after couple of minutes, I managed to get to the website but still can not get login prompt through ssh client.
What does that mean? Does it mean that server is playing up, or is it the sshd or is there any time out option in solaris 9... the strange thing is that I can access the web page - though it was not accessible at start when connection to ssh dropped out.
Could it be the router? The linksys do not come with a rule based firewall... so there is nothing that states that disconnects after some inactivity. The port forwarding is working as I do get to login to the server and to the web server. It can not be changing the default port numbers as the problem was there when there were standard ports being used.
It is not the link at my office as my friend, in a different company gets the same problem on my machine � connects to it and after some in-activity, the connection drops and then he can not login for a long time.
It can not be the ADSL link as people at home can use the internet without any problem and they can access the sun machine locally.
It can not be the windows machines connected to the router as problem is there when windows machines are switched off � don�t know if windows would cause this, but just wanted to eliminate anything that I could think of.
One strange think that I did see yesterday was that, when I managed to login the last command showed that I was logged in throughout the time � the time when I could not logged in . The error message in the /var/adm/messages stated something like socket error and connection reset by peer or something � can not give you exact message right now as I can not login to the machine. The time on the message was couple of couple of minutes before I managed to login again and that time was the same as the time showed in last command is my logout time.
Does anyone know what is causing all this problem? Any pointers or help will be appreciated. If there is any place else that you think I can get the answer, please kindly let me know.Thanks...
A few new developments....
- I opened 2 sessions to the server, left one with no activity and in the other session, I ran iostat 1... The session with no activity got dropped and iostat one carried on... When the session dropped, I managed to login straight away... so no delay of couple of hours. May be because iostat was still running?
- I now have an ftp server running on windows and I can access it even when connection drops out... right now I have no access to sun... but ftp server is running fine.
- I enable remote router access and I can access that as well...
- I enabled telnet and I can not access the sun with telnet either.
So, its either solaris 9 or the router.
Tomorrow, I will connect an another sun machine and then see if connection to both is dropped or just one. If it is to both then it must be router as the way ssh, telnet work is different to the way ftp work - as someone told me this today... so if other sun machine is not accessable then its not sol9 but router. The other machine has Sol 2.5.1 running.
Some one said that it could be that router is running out of translation table entries - but with so few connections? Or it could be that when there is no activity, router thinks that connection should be dropped - there is no open in the router setup which states that... Or Solaris has some timeout feature?
More later.
Kind Regards
Ahmerin -
Passwordless SSH for Solaris 10 user (not root)
Hi All,
I tried the setup the passwordless ssh for an user between 2 servers but failed.
I follow this guide but only manage to setup for root, but not other users
http://www.sunsolarisadmin.com/solaris-7/ssh-access-without-password-in-sun-solaris/
http://adminschoice.com/how-to-configure-ssh-without-password
Any one tried??Hello,
I have setup ssh with my accounts so I will try to help you.
1st off your guides look good. 2nd most people disable remote root login, you should too.
I'm guessing you used or where root when you generated the ssh keys. Do the steps again as a normal user.
I use this guide when I have questions about ssh. Maybe this guide will be easier to understand.
http://www.g-loaded.eu/2005/11/10/ssh-with-keys/
I hope this helps. -
Hi,
I want to do passwordless ssh from solaris VM to linux server.
Kindly tell me the complete steps.On the machine attached to the screen in front of you:
<pre>
mkdir -p ~/.ssh
chmod 700 ~/.ssh
rm -f ~/.ssh/id_dsa
ssh-keygen -t dsa -N "" -f ~/.ssh/id_dsa
ssh username@remote_host "mkdir -p .ssh; chmod 700 .ssh"
ssh username@remote_host "echo "$KEY" >> .ssh/authorized_keys; chmod 644 .ssh/authorized_keys"
ssh username@remote_host
(should log you right in without prompting for password)
</pre> -
Hi,
since we upgraded to solaris 10, ssh behavior changed. After validating the login, it takes something like 10 seconds for ssh to ask for the password. Has anyone observe such behavior ?Hi,
yep nslookup failed with my IP adress, it returns "no server could be reached". my /etc/nsswitch.conf only list files (no dns), and /etc/resolv.conf is :
nameserver 127.0.0.1
I've stoped and restarted /etc/init.d/nscd after modification.
Finger find the correct name of the remote computer though. -
Ssh and compression in solaris 10
Hi All
Installed OpenSSH on solaris 10 box. Hoped that ssh will work the same as rsh. I have scripts which use rsh and are having problems using ssh. Also I have a problem with compression. This is not related to ssh (I think )
I compress binary file and try to extract it on a different node as follows
cat <compressed file> | rsh(/ssh) -n <node> "uncompress|cpio -idm..."
this spits out stdin: not in compressed format.
However if I ftp the file to <node> and do the above command and without the rsh/(ssh), it works fine.
Has any one seen these pecularities. Appreciate your help and inputs
RegardsYour command looks okay to me.
Any chance that on <node> you have a .profile/.login/.cshrc or something that is spewing data to output? That might confuse the uncompress.
In other words, if you do this....
# echo "Test message" > /tmp/msg
# cat /tmp/msg | ssh node "cat - > /tmp/msg"
# ssh node
node# cat /tmp/msg
What do you get? Ignore the compression part for now and investigate if data is being transported properly.
Darren -
I have recently seen this problem connecting via ssh
( from an windows box using Secure ssh ( www.ssh.com )
particulary to solaris 10 sparc , ( connection problem to both global and zones )
complaining of a different alogrithm; and not connecting .
I played with choosing different alogrithm options available with secure ssh
but had no success.
ssh session from another solaris box to the solaris 10 box ( both global and zones)
seems to be ok.
anybody having similar problem
or have trouble shooted the same, let me know
thanks
Nil>
I have recently seen this problem connecting via ssh
( from an windows box using Secure ssh ( www.ssh.com )
particulary to solaris 10 sparc , ( connection
problem to both global and zones )
complaining of a different alogrithm; and not
connecting .Could you please specify what version of S10 you are running? (uname -v)
- jonathan -
Hi all
I have installed a new Solaris 10 1/06 on sunV480. I am not able to login with ssh in this server, both rlogin and telnet is working.If you have any solution for this please update
Thanks
RPSsvcs -l ssh
fmri svc:/network/ssh:default
name SSH server
enabled true
state offline
next_state none
state_time Thu 03 Aug 2006 06:09:24 PM IST
restarter svc:/system/svc/restarter:default
dependency require_all/none svc:/system/filesystem/local (online)
dependency optional_all/none svc:/system/filesystem/autofs (online)
dependency require_all/none svc:/network/loopback (online)
dependency require_all/none svc:/network/physical (maintenance)
dependency require_all/none svc:/system/cryptosvc (online)
dependency require_all/none svc:/system/utmp (online)
dependency require_all/restart file://localhost/etc/ssh/sshd_config (online) -
SSH Differences between Solaris 9 and Solaris 10
I use public key authentication when connecting via SSH but have noticed a difference between Solaris 9 and Solaris 10 and wondered if it's an environment setup issue. I keep my keys in $HOME/.ssh
When connecting from Solaris 9 I can provide an identity file without a path regardless of the directory that I'm in e.g.
ssh -i my_identity_file user@hostnameThe above works even if I'm not in the $HOME/.ssh directory. But when using the same from Solaris 10 I get the following error:
Warning: Identity file my_identity_file does not exist.If I run the command from $HOME/.ssh on Solaris 10 it connects fine, and if I pass in the path like so it works fine:
ssh -i $HOME/.ssh/my_identity_file user@hostnameIs there a setting specific to SSH somewhere as I can't see anything in my environment that's different between the two systems. There's certainly no entry in $PATH that points to $HOME/.ssh. How could I get SSH to work on Solaris 10 by just providing the identity file name and not the full path
Regards
RichIt's not explicitly defined in /etc/ssh/ssh_config, so I'm assuming it would be using the default which is ~/.ssh/id_dsa.
But surely that's irrelevant if I'm using the -i switch to provide the identity file?
Remember the problem here is that I have to provide a full path to the identity file, whereas before just the filename would do.
Rich -
Configuring SSH(Secure Shell) in solaris 10
Hi ,
I need help to configure ssh ( secure shell ) on Solaris 10.
I tried the following steps
On the Local Machine
a) Generated public and private key using key-gen
The private key is stored in
$HOME/.ssh/id_rsa
The public key is stored in
$HOME/.ssh/id_rsa.pub
b)I started the ssh-agent and executed ssh-add
On Remote Machine
c) I copied the public key generated in local machine from
$HOME/.ssh/id_rsa.pub
to
$HOME/.ssh/authorized_keys
d)I tried execute this command from local host to remote host
ssh $REMOTE_MACHINE
I got the following error
bash-3.00# ssh $REMOTE_MACHINE
The authenticity of host '$REMOTE_MACHINE' can't be established.
RSA key fingerprint is 45:7d:4a:37:1a:0a:9a:45:d4:d2:4c:b4:2b:f2:6e:99.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '$REMOTE_MACHINE' (RSA) to the list of known hosts.
Password:
Password:
Password:
Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
Can anybody give me the appropriate steps or give link to the appropriate web page.
Thanks in advance
MahanteshHi ,
1) Can any one tell me how to generate Public and Private keys.
2) From Windows Box using Putty able to do SSH to any Server at same time is possible for any server to server with out copy public and private keys etc.
3) How to configure SFTP.
4) How to restrict users or machines from SSH and SFTP. -
Installation Solaris 10 with JumpStart (ssh)
Hello,
I want to install Solaris 10 with a server JumpStart.
But i want only actived the ssh mod (for security).
How do you write that in the jumpstart script ?
What is the command line ?
Anybody can help me, please ?
Thank you :)
Message was edited by:
MarcorelI have seen this too over the years and it ultimately comes down to something innate:
Here are a few suggestions:
1. Try and use interface ce0.
2. Check default route on both jumpstart server and client.
3. The arp cache may need to be flushed on the Jumpstart server.
4. Use snoop and see what happens during the actual RARPing phase between the server and host.
5. Switch the order in the sysid config file as indicated below:
system_locale=en_US
name_service=none
network_interface=ce2
{hostname=donau1 ip_address=10.50.57.24 netmask=255.255.252.0 protocol_ipv6=no default_route=10.50.56.1}
security_policy=none
terminal=vt100
timezone="MET"
timeserver=10.50.57.214
nfs4_domain=dynamic
root_password=*****************
Please note I blanked your root password. Let me know if this helps. -
Error when creating ssh keys for Oracle RAC on Solaris 10
I'm in the process of configuring 2 node oracle cluster running on Sun cluster 3.2 /solaris 10 OS.
I have followed this oracle guide to when creating keys (oracle document No =B14205-01)
But im having problem when executing this step
bash-3.00$ scp authorized_keys tsavo-east:/oracle/.ssh/
ssh: connect to host tsavo-east port 22: Connection timed out
lost connection
bash-3.00$
Please advise
Thanks
Francis MwangiRobert Thanks alot for your reply. have a look of what i found out
ps -ef | grep sshd
root 4270 4267 0 16:22:46 ? 0:00 /usr/lib/ssh/sshd
root 759 1 0 Nov 09 ? 0:00 /usr/lib/ssh/sshd
root 4267 759 0 16:22:41 ? 0:00 /usr/lib/ssh/sshd
root 4372 4311 0 18:56:52 pts/3 0:00 grep sshd
===================================
netstat -a | grep ssh
*.ssh *.* 0 0 49152 0 LISTEN
tsavo-west.ssh 10.30.210.213.2241 63668 51 49640 0 ESTABLISHED
*.ssh *.* 49152 0 LISTEN
6002b4aec88 stream-ord 6002b5a0740 00000000 /tmp/ssh-mgPl3398/agent.3398
==============================
telnet tsavo-west 22
Trying 10.20.3.151...
Connected to tsavo-west.
Escape character is '^]'.
SSH-2.0-Sun_SSH_1.1.1
#has hanged here for the last 10 minutes
Thanks please what can you conclude from above; also from the console monitoring both nodes
i saw messages that end with
LINK-3-UPDOWN: Interface Dot11Radio0 , Changed state to up
#another line here
LINK-3-UPDOWN: Interface Dot11Radio0 , Changed state to down
#another line here
LINK-3-UPDOWN: Interface Dot11Radio0 , Changed state to up
this happens on both nodes
Any idea
did i use the right document. have other steps that works (anyway not sure if this error are related to the stepsfor configuring ssh)
Please help if you can ....
Maybe you are looking for
-
How to display the total of a particular xml element page wise
Hello friends, My requirement is like I need to display an xml element Margin along with the other elements..Now I want the sum of margin element for each page... how do I do it in the rtf template.. and the end user views it in pdf form... thanks in
-
Oracle Upgrade to 9i for BO 5i
I'm preparing for an Oracle upgrade from 8.1.6 to 9.2 and a unix server migration via Oracle Export / Import. Potentially going on to 10g at a later point. Will importing the BO user and re-pointing users to the new database be sufficient to upgrade
-
Hi. Can someone please let me know if we can convert .afp files into either XML/PDF files? [Background: Currently, we have the data in .afp file format. We use some third party tool to convert .afp file into a static pdf. The data is not available in
-
Is there a Muse programme for producing single page web mail shots
Hi, I'm loving Muse and now I would like to produce a web page mail-shot all nicely laid out with photos etcetra. Is there such a programme?
-
Deauthrozie computer and move itunes
My PCs processor burnt out. I need to deauthrozie the computer (so as not to use one of my 10). I've also purchased a macbook. Is there any way to transfer my itunes to the new systems? I can access my HD info from another PC, but don't know how to