We have a test box in solaris and some of 20 servers in prod. The problem is i can ping from test box to all prod box, but can't to ssh to prod box. If i try from prod to test box it giving unknown host error, SO what i need to check in test box
I did ps -ef |grep ssh it showing ssh is running
Please guide me what i need to do.
Thanks in Advance..
Prasad
Are your servers pointed to DNS server(s)? Or have an entry in /etc/hosts
If you ssh to the server using the hostname or alias, you must have an entry in your /etc/hosts file or calling the FQDN entry.
Its pointed to DNS server and i'm doing ssh hostname
which version of solaris are you doing?
if solaris 10, do svcs -vx and post the output.
if solaris 8 or 9, check the /etc/ssh/sshd_config file, /etc/defaultrouter , /etc/resolve.conf.
Are you able to ping to your gateway? whats the output of netstat -rn?
Its solaris 8
There is no ssh directory in etc, I can able to ping defaultrouter.
# more resolv.conf
domain domain.com
nameserver 10.0.108.12
nameserver 10.0.108.13
# ping 10.6.110.10
10.6.110.10 is alive
# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
10.6.110.0 10.6.110.139 U 1 12 dmfe0
224.0.0.0 10.6.110.139 U 1 0 dmfe0
default 10.6.110.10 UG 1 45
127.0.0.1 127.0.0.1 UH 2 9 lo0
# ps -ef |grep -i ssh
root 291 1 0 22:30:28 ? 0:00 /usr/local/sbin/sshd
root 532 370 0 06:13:00 console 0:00 grep -i ssh
In all other server defaultrouter is 10.15.14.1
since when you facing this issue? any changes made on the system recently? any reboot?
1) you can try to stop/start the sshd daemon
2) hope you're not trying to ssh as "root"
3) any subnets being blocked in the /etc/hosts.deny file (check the hosts.allow file as well)
4) how abt the sshd_config? PermitRootLogin line param?
5) can you ssh using the IP instead?
6) nslooklup hostname (does this return you your server IP)?
also try doing ssh -v <hostname> and see if the output throws any exceptions..
check the root dir for the .ssh dir (hidden file). check the known_hosts file if the servers' key which you're trying to ssh from is planted. Sorry bro, I wish I could help my level best, but without me trying infront of the system its always hard for me to put into good words...:o
In all other servers the gateway is 10.15.14.1
Did you create a password for the user using "passwd" at your destination host?. Even though you copied the public key correctly, and a match was found, the ssh daemon might throw an error that it failed public key authorization, and client would wait at a password prompt.
Fyi
is it a /etc/netmask or /etc/defaultrouter problem then?
yeah i can do ssh with ip, Its working
while doing nslookup it does not return to server ip
and sshd_config is not there and no ssh directory in etc.
the defaultrouter and netmasks is different in both servers. will it could be a problem.
what i need to do now, need to change the netmasks and defaultrouter as the prod server
Your sshd_config file may be located in /etc/ssh2 You have to have one. run
find / -name "sshd*_config"
You can also test the connection to your test server by entering
ssh 0 which should connect to your loopback address
Check /usr/local/etc/ for the ssh stuff. It looks like the install for ssh was done under /usr/local.