Hi, Are you able to start SSHD in debug mode?
Perhaps that will provide the relevant information. Kind regards/met vriendelijke groet, Serge Fonville http://www.sergefonville.nl Convince Microsoft! They need to add TRUNCATE PARTITION in SQL Server https://connect.microsoft.com/SQLServer/feedback/details/417926/truncate-partition-of-partitioned-table 2013/1/13 Bob Friesenhahn <[email protected]> > I am trying to accomplish ssh root login with a forced command via an > entry in /root/.ssh/authorized_keys. This is to support my home-made > backup system. The strategy is already working for Solaris 10, Apple OS X, > Linux, and FreeBSD hosts. However, it is failing for OpenIndiana and I am > having difficulty determining why. > > I have this in /etc/ssh/sshd_config: > > # Are root logins permitted using sshd. > # Note that sshd uses pam_authenticate(3PAM) so the root (or any other) > user > # maybe denied access by a PAM module regardless of this setting. > # Valid options are yes, without-password, no. > PermitRootLogin yes > > Besides, 'yes', I also tried 'forced-commands-only'. I even tried > temporarily editing /etc/default/login and commenting out the CONSOLE > entry. Each time I do 'svcadm refresh svc:/network/ssh:default' and > observe that a refresh entry does appear in '/var/svc/log/network-ssh:** > default.log'. > > I am not able to successfully ssh in as 'root' using root's pass-phrase or > password. I am not able to invoke the forced command using the private key. > > This is what I see on the ssh client side: > > debug1: Next authentication method: publickey > debug1: Trying public key: /.ssh/id_dsa_rsync > debug2: we sent a publickey packet, wait for reply > debug1: Remote: Forced command: /usr/bin/rsync --server --daemon > --config=/root/.ssh/rsync.conf . > debug1: Remote: Pty allocation disabled. > debug1: Remote: Port forwarding disabled. > debug1: Remote: X11 forwarding disabled. > debug1: Remote: Agent forwarding disabled. > debug1: Server accepts key: pkalg ssh-dss blen 530 lastkey 80a9c50 hint 0 > debug2: input_userauth_pk_ok: fp 23:58:6a:f1:77:62:aa:1b:6c:4b:** > 25:65:7e:64:1a:9e > debug1: read PEM private key done: type DSA > debug1: Remote: Forced command: /usr/bin/rsync --server --daemon > --config=/root/.ssh/rsync.conf . > > It is seeing my forced command but it is silently rejecting the key. I am > not able to find any log file information on the server side > (/var/adm/messages) which would provide a hint of why the key is rejected. > > Setting LogLevel to debug has no apparent effect and sshd does little > logging to /var/adm/messages. In other ssh implementations I see many log > messages. > > Any ideas? > > Bob > -- > Bob Friesenhahn > [email protected], http://www.simplesystems.org/** > users/bfriesen/ <http://www.simplesystems.org/users/bfriesen/> > GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ > > ______________________________**_________________ > OpenIndiana-discuss mailing list > OpenIndiana-discuss@**openindiana.org<[email protected]> > http://openindiana.org/**mailman/listinfo/openindiana-**discuss<http://openindiana.org/mailman/listinfo/openindiana-discuss> > _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
