Solved

Setting up hostbased authenication using Openssh 3.8.1p1 on Solaris 8

Posted on 2004-10-18
3
481 Views
Last Modified: 2013-12-16
What is the procedure for setting hostbased authentication using Openssh 3.8.1p1 on Solaris 8
0
Comment
Question by:s5ulds2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 21

Expert Comment

by:tfewster
ID: 12339845
0
 

Author Comment

by:s5ulds2
ID: 12340876
Connection still fails, I've pasted the output from sshd -p 2222 -ddd on the server side.

s5ulds@dmplus01:sudo-sh# ./sshd -p 2222 -dd
debug2: read_server_config: filename /usr/SYSADM/openssh/sshd_config
debug1: sshd version OpenSSH_3.8.1p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222.
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug1: Server will not fork when running in debugging mode.
Connection from 172.21.98.209 port 2662
debug1: Client protocol version 2.0; client software version OpenSSH_3.8.1p1
debug1: match: OpenSSH_3.8.1p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
debug2: Network child is on pid 9703
debug1: permanently_set_uid: 27/27
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro
up1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-c
tr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-c
tr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-gro
up1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-c
tr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-c
tr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open
ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug2: monitor_read: 0 used once, disabling now
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug2: dh_gen_key: priv key bits set: 128/256
debug2: bits set: 535/1024
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug2: bits set: 502/1024
debug2: monitor_read: 4 used once, disabling now
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user root service ssh-connection method none
debug1: attempt 0 failures 0
debug2: monitor_read: 6 used once, disabling now
debug2: input_userauth_request: setting up authctxt for root
debug2: input_userauth_request: try method none
debug1: PAM: initializing for "root"
Failed none for root from 172.21.98.209 port 2662 ssh2
debug1: userauth-request for user root service ssh-connection method hostbased
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method hostbased
debug1: userauth_hostbased: cuser root chost ishan. pkalg ssh-dss slen 55
debug1: PAM: setting PAM_RHOST to "ishan"
debug1: PAM: setting PAM_TTY to "ssh"
debug2: monitor_read: 45 used once, disabling now
debug2: monitor_read: 3 used once, disabling now
debug2: userauth_hostbased: chost ishan. resolvedname ishan ipaddr 172.21.98.209
debug2: auth_rhosts2: clientuser root hostname ishan. ipaddr ishan.
debug1: temporarily_use_uid: 0/1 (e=0/1)
debug1: restore_uid: 0/1
debug1: temporarily_use_uid: 0/1 (e=0/1)
debug1: restore_uid: 0/1
debug2: userauth_hostbased: authenticated 0
Failed hostbased for root from 172.21.98.209 port 2662 ssh2
debug1: userauth-request for user root service ssh-connection method hostbased
debug1: attempt 2 failures 2
debug2: input_userauth_request: try method hostbased
debug1: userauth_hostbased: cuser root chost ishan. pkalg ssh-rsa slen 143
debug2: userauth_hostbased: chost ishan. resolvedname ishan ipaddr 172.21.98.209
debug2: auth_rhosts2: clientuser root hostname ishan. ipaddr ishan.
debug1: temporarily_use_uid: 0/1 (e=0/1)
debug1: restore_uid: 0/1
debug1: temporarily_use_uid: 0/1 (e=0/1)
debug1: restore_uid: 0/1
debug2: userauth_hostbased: authenticated 0
Failed hostbased for root from 172.21.98.209 port 2662 ssh2
debug1: userauth-request for user root service ssh-connection method keyboard-in
teractive
debug1: attempt 3 failures 3
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=root devs=
debug1: kbdint_alloc: devices 'pam'
debug2: auth2_challenge_start: devices pam
debug2: kbdint_next_device: devices <empty>
debug1: auth2_challenge_start: trying authentication method 'pam'
Postponed keyboard-interactive for root from 172.21.98.209 port 2662 ssh2
0
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 12343627
For secure shell server (sshd), check the sshd_config file (Sun freeware default location
/usr/local/etc). For secure shell client, check ssh_config file.

The default port is 22, is you want to use port other than 22, you MUST make all your
server and client to use the same port to avoid any drama.

Please check your installation against my installation procedures:
http:Q_20415815.html

PS: please ignore the version number of the packages, you need the latest version
     of them.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Restore XenServer VM with only dd image of LVM snapshot 3 268
aix tls version 6 640
problem creating new luks volume on new VM disk 5 126
Solaris acount issues 44 74
Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question