Can't Log into Solaris 10 u10 due to Pam and DH errors

UNIX Solaris
1

Dears,,
i hope everything is going fine with you,,

Yesterday i was trying to log into My Solaris 10 u10 x86 Via SSH , But it showing me many error message and refusing to login even with with the root account and below you can find the error message:

[root@home:~] # ssh -v root@192.168.10.1
Sun_SSH_1.1.4, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 192.168.10.1 [192.168.10.1] port 22.
debug1: Connection established.
debug1: identity file /export/home/root/.ssh/identity type -1
debug1: identity file /export/home/root/.ssh/id_rsa type -1
debug1: identity file /export/home/root/.ssh/id_dsa type -1
debug1: Logging to host: 192.168.10.1
debug1: Local user: root Remote user: root
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1.5
debug1: match: Sun_SSH_1.1.5 pat Sun_SSH_1.1.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.4
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
no common kex alg: client 'diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1', server 'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g=='
debug1: Calling cleanup 0x807177a(0x0)

After google if found that i have to delete the /etc/ssh/ssh_host_*
So i logged into the system Via Fail safe > mounted the / to /a and deleted the ssh_hos_*

After reboot the machine i found there is another logs (also the diffie-hellman error still exist :

/usr/lib/security/pam_authtok_get.so.1 writable by group
/usr/lib/security/pam_dhkeys.so.1 writable by group

That's make me very confused, after more searching i found topic advising to check for the permission for the pam files, so loged into the system Via fail-safe and found out that all files taking full permission and i believe it's not good, below you can find the permission:

-rwxrwxrwx+

So i will be appreciated if you help me in this case is really it make me confused.

BR
Ahmed

2

The package contents file shows the correct attributes

grep /usr/lib/security/
pam_authtok_get.so.1 /var/sadm/install/contents

Also compare the checksum

sum /usr/lib/security/
pam_authtok_get.so.1

And check the integrity of your core solaris

pkgchk SUNWcsu
3

Can you login as root (or any other account) if you don't use ssh? (or is the system configured not to allow that?)

Can you get to the console and do an ordinary root login from there?

4

Hi MadeInGermany,,

Thanks for you reply and below you can find the output:


Thanks
Ahmed

---------- Post updated at 10:07 AM ---------- Previous update was at 10:04 AM ----------

Unfortunately i can't login with any user from ssh or console every time i try to login it show the DH error and the other also.

The only way to login is Via Fail safe.

Thanks you for your interest
Ahmed

5

Hi Ahmed,

So you can't login as root even directly on the console (without SSH)!!!!

Have you, or someone else, edited /etc/passwd and/or /etc/shadow directly recently?

If so, display them to your screen and check very carefully the formatting.

For example, the root account information must be on the very first line. Just inserting a blank line at the beginning of /etc/passwd will screw up all logins.

Before we suggest anything else, do these files look alright?
All the fields in them correctly delimited, etc.

---------- Post updated at 06:04 PM ---------- Previous update was at 05:23 PM ----------

Please post the content of:

 
 /etc/pam.conf
  
 /etc/security/policy.conf
6

The checksum of pam_authtok_get.so.1 is okay.
Reset all file permissions with

nawk '$NF=="SUNWcsl"' /var/sadm/install/contents | while read file ftype class perm owner group junk; do if [ "$ftype" != "s" ] && find "$file" -prune \! \( -user "$owner" -group "$group" -perm "$perm" \) | grep . >/dev/null; then echo chmod "$perm" "$file"; echo chown "$owner":"$group" "$file"; fi; done

To really execute, you can run the echoed commands in a shell. (Or pipe the whole loop to sh.)

7

Case solved by pkgchk -R /a -fv

Thanks