On Sun, 13 Jan 2013, Serge Fonville wrote:
Hi,
Are you able to start SSHD in debug mode?
This is the pertinent bit I see from the output of 'sshd -d -p 1234':
debug2: user_key_allowed: check options: 'command="/usr/bin/rsync --server
--da...
debug1: matching key found: file /root/.ssh/authorized_keys, line 3
Found matching DSA key:
23:58:6a:f1:77:62:aa:1b:6c:4b:25:65:7e:64:1a:9e
debug1: restore_uid: 0/0
debug1: ssh_dss_verify: signature correct
debug2: Starting PAM service sshd-pubkey for method publickey
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
Failed publickey for root from XX.XXX.XXX.XXX port 45090 ssh2
The description in /etc/ssh/sshd_config does say:
# Are logins to accounts with empty passwords allowed.
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
# to pam_authenticate(3PAM).
PermitEmptyPasswords no
and it may be that the problem has something to do with PAM.
Google found this old hit for me:
http://www.semicomplete.com/blog/geekery/solaris-10-sshd-publickey-solution.html
but it did not help. This hack is not necessary on my Solaris 10
systems.
Bob
--
Bob Friesenhahn
[email protected], http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
_______________________________________________
OpenIndiana-discuss mailing list
[email protected]
http://openindiana.org/mailman/listinfo/openindiana-discuss
