Ssh to Solaris 10 server - close connection

psychocandy · April 24, 2013, 10:30am

Can ssh to server. Asks for password.

Then seems to time out and close the connection. Any ideas?

---------- Post updated at 09:30 AM ---------- Previous update was at 07:51 AM ----------

Here is output from ssh -vvv -l user <IPaddress>

debug3: packet_send2: adding 64 (len 59 padlen 5 extra_pad 64)
debug2: we sent a password packet, wait for reply
Connection closed by 172.20.110.51
debug1: Calling cleanup 0x34204(0x0)

Hmmm. Looks like remote end ssh is not responding?

DustinT · April 24, 2013, 10:41am

The default config is to not allow the root user to login remotely. You didn't mention in your post which user account you're trying to connect with, but it's a common error so perhaps my suggestion will help.

---------- Post updated at 10:41 AM ---------- Previous update was at 10:40 AM ----------

Change the file /etc/ssh/sshd_config with PermitRootLogin yes to replace PermitRootLogin no 2. restart the services
#svcadm restart svc:/network/ssh:default

psychocandy · April 25, 2013, 6:51am

Thanks Dustin. Yes, aware of that. I'd actually created another user and was trying to login with this one.

I'm wondering if the user is created correctly now....

---------- Post updated 04-25-13 at 05:26 AM ---------- Previous update was 04-24-13 at 11:20 AM ----------

Still the same problem with newly created user.

Where can I see the log file from a host point of view?

---------- Post updated at 05:51 AM ---------- Previous update was at 05:26 AM ----------

Interesting!

tail -f authlog
Apr 25 11:46:54 s_local@noc1423nm sshd[1132]: [ID 685508 auth.info] libgss dlopen(/usr/lib/gss/mech_spnego.so.1): ld.so.1: sshd: fatal: /usr/lib/gss/mech_spnego.so.1: open failed: No such file or directory
Apr 25 11:46:55 s_local@noc1423nm sshd[1132]: [ID 800047 auth.notice] Failed keyboard-interactive for root from 172.20.31.59 port 32972 ssh2

DustinT · April 25, 2013, 9:18am

can you post the relevant output from /etc/shadow and /etc/passwd?

---------- Post updated at 09:18 AM ---------- Previous update was at 09:16 AM ----------

Also, you want to make sure that your user's home directories are created properly. Usually that's /export/home/<user>

Finally, you might want to look into create_user.sh. It's a script that was originally from Sun and is now distributed by Oracle that provides a thorough foundation for user creation. It's also a simple way to follow the Oracle best practices during new user creation. Heck, if nothing else, it's worth reading through.

bitlord · April 25, 2013, 9:57am

Hello,
Can you show us your /etc/ssh/ssh_config and /etc/ssh/sshd_config? Did you setup this server? On our severs we add this line to /etc/ssh/sshd_config.

AllowGroups users

We have a security requirement that says only certain users can use ssh. In the line above the group users is the only group allowed to use ssh. You can set users instead of a group with AllowUsers instead of AllowGroups.

Anther thing to look at is the the Ciphers. The settings can cause issues. We have issues with this mostly when running a ssh client from windows.

I hope this helps.