Ok...so this was an easy one after banging my head on the desk for a good while. I ran debug mode on the sshd ($sshd -d -d -d) and saw that my home direectory had the wrong permissions. So I set the permissions and it worked. I guess I can thank the admin who set me up. I guess I hindsight that should've been the first thing that I did. Thanks, Sonny -----Original Message----- From: Baillargeon, Sonny Sent: Thursday, June 16, 2005 4:28 PM To: sunmanagers@sunmanagers.org Subject: SSH Into Zone??? I am trying to unify, access everything from everywhere, SSH2 from ssh.com and Sun's version of OpenSSH. So I have a S10 box running the out-of-the-box SSH and a S8 box running SSH2 3.2.9.1. I can do SSH2 <=> OpenSSH no problems. Got all the keys converted back and forth. When I ssh from the global zone on S10 to a sub-zone it doesn't work. The thing that is getting me, I think anyway, is that the sub-zone is mounting my home directory from an NFS server, the same as the S8 box. I have kept the OpenSSH in the .ssh directory and the SSH2 in its .ssh2 directory. The global zone is a local home directory. This is what the verbose output from the client in the global zone to the sub-zone. Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to sub-zone [10.0.0.1] port 22. debug1: Connection established. debug1: identity file /export/home/sbaillar/.ssh/identity type -1 debug1: identity file /export/home/sbaillar/.ssh/id_rsa type -1 debug1: identity file /export/home/sbaillar/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1 debug1: no match: Sun_SSH_1.1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-Sun_SSH_1.1 debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible Unknown code 0 ) debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: Peer sent proposed langtags, ctos: i-default debug1: Peer sent proposed langtags, stoc: i-default debug1: We proposed langtags, ctos: i-default debug1: We proposed langtags, stoc: i-default debug1: Negotiated lang: i-default debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: Remote: Negotiated main locale: C debug1: Remote: Negotiated messages locale: C debug1: dh_gen_key: priv key bits set: 135/256 debug1: bits set: 1581/3191 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'sub-zone' is known and matches the RSA host key. debug1: Found key in /export/home/sbaillar/.ssh/known_hosts:3 debug1: bits set: 1576/3191 debug1: ssh_rsa_verify: signature correct debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive debug1: Next authentication method: gssapi-keyex debug1: Next authentication method: gssapi-with-mic debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible Unknown code 0 ) debug1: Next authentication method: publickey debug1: Trying private key: /export/home/sbaillar/.ssh/identity debug1: Trying private key: /export/home/sbaillar/.ssh/id_rsa debug1: Trying public key: /export/home/sbaillar/.ssh/id_dsa debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive debug1: Next authentication method: keyboard-interactive Password: Am I missing something? Any suggestions will be appreciated. Thanks, Sonny <FONT SIZE = 1>********************************************************************** 1>***** * This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. Unless otherwise stated, opinions expressed in this e-mail are those of the author and are not endorsed by the author's employer.</FONT> <FONT SIZE = 1>*************************************************************************** * This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. Unless otherwise stated, opinions expressed in this e-mail are those of the author and are not endorsed by the author's employer.</FONT> _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Fri Jun 17 08:00:12 2005
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:48 EST