I still think it is like asking the other car-users for how to disable the brakes on your car...
Kind regards, The out-side Op 13 jan. 2013 om 00:01 heeft Bob Friesenhahn <[email protected]> het volgende geschreven: > I am trying to accomplish ssh root login with a forced command via an entry > in /root/.ssh/authorized_keys. This is to support my home-made backup > system. The strategy is already working for Solaris 10, Apple OS X, Linux, > and FreeBSD hosts. However, it is failing for OpenIndiana and I am having > difficulty determining why. > > I have this in /etc/ssh/sshd_config: > > # Are root logins permitted using sshd. > # Note that sshd uses pam_authenticate(3PAM) so the root (or any other) user > # maybe denied access by a PAM module regardless of this setting. > # Valid options are yes, without-password, no. > PermitRootLogin yes > > Besides, 'yes', I also tried 'forced-commands-only'. I even tried > temporarily editing /etc/default/login and commenting out the CONSOLE entry. > Each time I do 'svcadm refresh svc:/network/ssh:default' and observe that a > refresh entry does appear in '/var/svc/log/network-ssh:default.log'. > > I am not able to successfully ssh in as 'root' using root's pass-phrase or > password. I am not able to invoke the forced command using the private key. > > This is what I see on the ssh client side: > > debug1: Next authentication method: publickey > debug1: Trying public key: /.ssh/id_dsa_rsync > debug2: we sent a publickey packet, wait for reply > debug1: Remote: Forced command: /usr/bin/rsync --server --daemon > --config=/root/.ssh/rsync.conf . > debug1: Remote: Pty allocation disabled. > debug1: Remote: Port forwarding disabled. > debug1: Remote: X11 forwarding disabled. > debug1: Remote: Agent forwarding disabled. > debug1: Server accepts key: pkalg ssh-dss blen 530 lastkey 80a9c50 hint 0 > debug2: input_userauth_pk_ok: fp > 23:58:6a:f1:77:62:aa:1b:6c:4b:25:65:7e:64:1a:9e > debug1: read PEM private key done: type DSA > debug1: Remote: Forced command: /usr/bin/rsync --server --daemon > --config=/root/.ssh/rsync.conf . > > It is seeing my forced command but it is silently rejecting the key. I am not > able to find any log file information on the server side (/var/adm/messages) > which would provide a hint of why the key is rejected. > > Setting LogLevel to debug has no apparent effect and sshd does little logging > to /var/adm/messages. In other ssh implementations I see many log messages. > > Any ideas? > > Bob > -- > Bob Friesenhahn > [email protected], http://www.simplesystems.org/users/bfriesen/ > GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ > > _______________________________________________ > OpenIndiana-discuss mailing list > [email protected] > http://openindiana.org/mailman/listinfo/openindiana-discuss _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
