[OpenIndiana-discuss] ssh root login
Bob Friesenhahn
bfriesen at simple.dallas.tx.us
Sat Jan 12 23:36:47 UTC 2013
On Sun, 13 Jan 2013, Serge Fonville wrote:
> Hi,
>
> Are you able to start SSHD in debug mode?
This is the pertinent bit I see from the output of 'sshd -d -p 1234':
debug2: user_key_allowed: check options: 'command="/usr/bin/rsync --server --da...
debug1: matching key found: file /root/.ssh/authorized_keys, line 3
Found matching DSA key:
23:58:6a:f1:77:62:aa:1b:6c:4b:25:65:7e:64:1a:9e
debug1: restore_uid: 0/0
debug1: ssh_dss_verify: signature correct
debug2: Starting PAM service sshd-pubkey for method publickey
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
Failed publickey for root from XX.XXX.XXX.XXX port 45090 ssh2
The description in /etc/ssh/sshd_config does say:
# Are logins to accounts with empty passwords allowed.
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
# to pam_authenticate(3PAM).
PermitEmptyPasswords no
and it may be that the problem has something to do with PAM.
Google found this old hit for me:
http://www.semicomplete.com/blog/geekery/solaris-10-sshd-publickey-solution.html
but it did not help. This hack is not necessary on my Solaris 10
systems.
Bob
--
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
More information about the OpenIndiana-discuss
mailing list