[OpenIndiana-discuss] ssh root login

Serge Fonville serge.fonville at gmail.com
Sat Jan 12 23:08:33 UTC 2013


Hi,

Are you able to start SSHD in debug mode?

Perhaps that will provide the relevant information.

Kind regards/met vriendelijke groet,

Serge Fonville

http://www.sergefonville.nl

Convince Microsoft!
They need to add TRUNCATE PARTITION in SQL Server
https://connect.microsoft.com/SQLServer/feedback/details/417926/truncate-partition-of-partitioned-table


2013/1/13 Bob Friesenhahn <bfriesen at simple.dallas.tx.us>

> I am trying to accomplish ssh root login with a forced command via an
> entry in /root/.ssh/authorized_keys.  This is to support my home-made
> backup system.  The strategy is already working for Solaris 10, Apple OS X,
> Linux, and FreeBSD hosts.  However, it is failing for OpenIndiana and I am
> having difficulty determining why.
>
> I have this in /etc/ssh/sshd_config:
>
> # Are root logins permitted using sshd.
> # Note that sshd uses pam_authenticate(3PAM) so the root (or any other)
> user
> # maybe denied access by a PAM module regardless of this setting.
> # Valid options are yes, without-password, no.
> PermitRootLogin yes
>
> Besides, 'yes', I also tried 'forced-commands-only'.  I even tried
> temporarily editing /etc/default/login and commenting out the CONSOLE
> entry.  Each time I do 'svcadm refresh svc:/network/ssh:default' and
> observe that a refresh entry does appear in '/var/svc/log/network-ssh:**
> default.log'.
>
> I am not able to successfully ssh in as 'root' using root's pass-phrase or
> password.  I am not able to invoke the forced command using the private key.
>
> This is what I see on the ssh client side:
>
> debug1: Next authentication method: publickey
> debug1: Trying public key: /.ssh/id_dsa_rsync
> debug2: we sent a publickey packet, wait for reply
> debug1: Remote: Forced command: /usr/bin/rsync --server --daemon
> --config=/root/.ssh/rsync.conf .
> debug1: Remote: Pty allocation disabled.
> debug1: Remote: Port forwarding disabled.
> debug1: Remote: X11 forwarding disabled.
> debug1: Remote: Agent forwarding disabled.
> debug1: Server accepts key: pkalg ssh-dss blen 530 lastkey 80a9c50 hint 0
> debug2: input_userauth_pk_ok: fp 23:58:6a:f1:77:62:aa:1b:6c:4b:**
> 25:65:7e:64:1a:9e
> debug1: read PEM private key done: type DSA
> debug1: Remote: Forced command: /usr/bin/rsync --server --daemon
> --config=/root/.ssh/rsync.conf .
>
> It is seeing my forced command but it is silently rejecting the key. I am
> not able to find any log file information on the server side
> (/var/adm/messages) which would provide a hint of why the key is rejected.
>
> Setting LogLevel to debug has no apparent effect and sshd does little
> logging to /var/adm/messages.  In other ssh implementations I see many log
> messages.
>
> Any ideas?
>
> Bob
> --
> Bob Friesenhahn
> bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/**
> users/bfriesen/ <http://www.simplesystems.org/users/bfriesen/>
> GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/
>
> ______________________________**_________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss@**openindiana.org<OpenIndiana-discuss at openindiana.org>
> http://openindiana.org/**mailman/listinfo/openindiana-**discuss<http://openindiana.org/mailman/listinfo/openindiana-discuss>
>


More information about the OpenIndiana-discuss mailing list