[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 939
  • Last Modified:

setting ssh2 autologin on solaris 7

Hi,
I am trying to set up automated login from a solaris 7 machine to a linux machine. The solaris has ssh2 installed while the linux has ssh1 installed.

I generated the key pair on the solaris machine using the command ssh-keygen -b 1024  -P '' -t dsa.

and these are the contents of /.ssh2

hostkeys           id_dsa_1024_a      id_dsa_1024_a.pub  random_seed.

Before proceeding with autologin with the linux machine, i would want to test the autologin with the host machine itself. In ssh1 i had to copy the public key to the authorized_keys file. But this does not work in ssh2. How do i go about it.

Thanks.
0
wfaleiro
Asked:
wfaleiro
  • 6
  • 4
2 Solutions
 
pshattuckCommented:
Which SSH are you using on Solaris 7???

Generate a rsa key on the solaris box (SSH1 does not support DSA , if I remeber correctly)

ssh-keygen -b 102 -P"" -t rsa

cp the id_rsa.pub key to the linux box .. in the user's .ssh directory

make sure the user owns the .ssh directory

make sure the .ssh directory has the permissions of 700

cp id_rsa.pub key to these 3 files (since I dont know which SSH you are using) .. authorized_keys, authorized_kets2 and indentity

make sure the permissions for all the files is 600

now go back to the solaris box and login as the user with the generated key

do a ssh -v <user>@<linux box>

if it woks then you will see a lot od messages showing the SSH protoacls talking and the end result should be a prompt
0
 
pshattuckCommented:
authorized_kets2 = authorized_keys2
0
 
wfaleiroAuthor Commented:
Hi
I am using ssh2. it does not generate a rsa key pair. The keys it generates are
   id_dsa_1024_a      id_dsa_1024_a.pub

I copied the id_dsa_1024_a.pub into authorized_keys2 file in the .ssh folder of the user i am trying to connect. But it still asks me for password.

Thanks.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
pshattuckCommented:
is the .ssh directory on the linux box owned by the user?

is the permissions to the .ssh director 700?

try cp authorized_keys2 identity

are the file in the .ssh directory owned by the user?

are the permissions for the files in the .ssh directory 600?

what is the output on the solaris box when as the user you do a

ssh -v <user>@<linux box>

without answering these questions, it make sit very hard to solve your problem

0
 
wfaleiroAuthor Commented:
# ssh -v root@192.168.87.33
warning: Development-time debugging not compiled in.
warning: To enable, configure with --enable-debug and recompile.
debug: Unable to open /etc/ssh2/ssh2_config
debug: hostname is '192.168.87.33'.
debug: Unable to open //.ssh2/ssh2_config
warning: Development-time debugging not compiled in.
warning: To enable, configure with --enable-debug and recompile.
debug: connecting to 192.168.87.33...
debug: entering event loop
debug: ssh_client_wrap: creating transport protocol
debug: Ssh2Client/sshclient.c:1097/ssh_client_wrap: creating userauth protocol
debug: Remote version: SSH-1.99-OpenSSH_3.4p1
debug: Ssh2Client/sshclient.c:399/keycheck_key_match: Host key found from databa
se.
debug: Unable to open //.ssh2/identification
debug: Ssh2AuthClient/sshauthc.c:309/ssh_authc_completion_proc: Method 'publicke
y' disabled.
debug: Ssh2AuthPasswdClient/authc-passwd.c:82/ssh_client_auth_passwd: Starting p
assword query...
root's password:
0
 
wfaleiroAuthor Commented:
Can I force the ssh2 on solaris machine  to run as ssh1. Since linux has ssh1 installed.
0
 
pshattuckCommented:
Can I force the ssh2 on solaris machine  to run as ssh1. Since linux has ssh1 installed.

yes you can .. in the sshd_config & ssh_config files .. just set the protocol to 1


By the errors I see, the compile looks incomplete but try renaiming the key on the linux box from authorized_keys to identification ..

Also you are logging in as root. You're sshd_config on the boxes might have the "PermitRootLogin" variable turned off.

Root is a bad account to test with when doing remote access
0
 
wfaleiroAuthor Commented:
i created a test user on linux machine generated the dsa key and copied it to authorized_keys2 in the /home/user/.ssh folder. if is ssh user@linuxmachine from the linux machine it  logs me automatically without any password. I guess its the way ssh from solaris tries to connect to ssh on linux thats creating the problem.
0
 
stefan73Commented:
Hi wfaleiro,
> debug: Ssh2AuthClient/sshauthc.c:309/ssh_authc_completion_proc: Method 'publicke
> y' disabled.
That's the source of your problem. Your SSH client has public key authentification disabled. Configure it for public key and recompile it.

Cheers!

Stefan
0
 
wfaleiroAuthor Commented:
Hi Stefan,

my remote host is linux. i created a  new account on the linux host and tried autologin with ssh from teh same host. this time i copied the .pub key into authorized_keys2. it worked fine.
 i just want to know  whether the
> debug: Ssh2AuthClient/sshauthc.c:309/ssh_authc_completion_proc: Method 'publicke
> y' disabled.


error i am getting is on the client end. Because i can autologin to the host from the same machine via ssh and autologin. Does loggin from a different machine make any difference. I guess not because it will try to contact the same port.

Thanks.
0
 
wfaleiroAuthor Commented:
I guess the problem lies on the solaris client.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now