How To Enable Ssh In Solaris 10

broken image


If this is Solaris 10, check if SSHD is running by issuing the svcs -p ssh command. That'll tell you if SSH is running, and, if not, why (maybe a dependancy failed for some reason, or maybe it was disabled). (SPARC) Package Management, SSH, Solaris 10 Add comments Jan 212008 OpenSSH is a free opensource version of the SSH connectivity tools. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks unlike Telnet,rlogin or ftp where the data is not encrypted and transmitted in. Parameter ChrootDirectory in /etc/ssh/sshdconfig allows the specification of a chroot target directory which will then be used for all ssh and sftp sessions to this server. The target directory definition can utilize the%u and%h tokens to customize the target directory. By default, Solaris 10 supports the SSH startup and configuration functions. You need to modify related items of the /etc/ssh/sshdconfig configuration file and use the ssh-keygen file on the SSH to generate a key. After restarting the SSHD service, you can log in to the SSH and use SFTP to transfer files if you pass the password authentication. Solaris Operating System - Version 9 GA to 10 8/11 U10 Release 9.0 to 10.0 All Platforms Goal. This technical instruction will show how to put ssh (the client command) and sshd (the server daemon) into debug mode in order to troubleshoot authorization and connection problems.

  1. How To Enable Ssh In Solaris 10 Iso
  2. How To Configure Passwordless Ssh In Solaris 10
  3. How To Enable Ssh In Solaris 10
  4. How To Enable Ssh In Solaris 10 Commands

To enable/allow root login from SSH you must complete the following three steps after ensuring that you really want to enable root ssh access.

  1. Change PermitRootLogin from no to yes in: /etc/ssh/sshd_config
    (you will need super user access to edit this file.)
  2. Restart SSHD: /lib/svc/method/sshd restart

———————————————————————————–


After fresh Install of Solaris OS , You will not be able to login directly as root with Putty as its disabled.
To enable the same follow below steps.
1) Login as oracle/any other user from putty and follow from point 3) to enable direct root login.

How To Enable Ssh In Solaris 10

OR

2) Login as root from GUI console and follow from point 3) to enable direct root login.

3) Switch user to root

-bash-3.00$ su –
Password:
Oracle Corporation SunOS 5.10 Generic Patch January 2005

How To Enable Ssh In Solaris 10

# ls -ltr /etc/default/login
-r–r–r– 1 root sys 2258 Aug 6 2010 /etc/default/login

# cp -pr /etc/default/login /etc/default/login.old
#
# ls -ltr /etc/default/login*
-r–r–r– 1 root sys 2258 Aug 6 2010 /etc/default/login.old
-r–r–r– 1 root sys 2258 Aug 6 2010 /etc/default/login
#

Comment the below parameter
vi /etc/default/login
#CONSOLE=/dev/console

backup the file /etc/ssh/sshd_config
# ls -ltr /etc/ssh/sshd_config
-rw-r–r– 1 root sys 5025 Aug 6 2010 /etc/ssh/sshd_config
#

cp -pr /etc/ssh/sshd_config /etc/ssh/sshd_config.old
# ls -ltr /etc/ssh/sshd_config*
-rw-r–r– 1 root sys 5025 Aug 6 2010 /etc/ssh/sshd_config.old
-rw-r–r– 1 root sys 5025 Aug 6 2010 /etc/ssh/sshd_config
#

Change the below parameter from 'no' to 'yes' as below
vi /etc/ssh/sshd_config

How

OR

2) Login as root from GUI console and follow from point 3) to enable direct root login.

3) Switch user to root

-bash-3.00$ su –
Password:
Oracle Corporation SunOS 5.10 Generic Patch January 2005

# ls -ltr /etc/default/login
-r–r–r– 1 root sys 2258 Aug 6 2010 /etc/default/login

# cp -pr /etc/default/login /etc/default/login.old
#
# ls -ltr /etc/default/login*
-r–r–r– 1 root sys 2258 Aug 6 2010 /etc/default/login.old
-r–r–r– 1 root sys 2258 Aug 6 2010 /etc/default/login
#

Comment the below parameter
vi /etc/default/login
#CONSOLE=/dev/console

backup the file /etc/ssh/sshd_config
# ls -ltr /etc/ssh/sshd_config
-rw-r–r– 1 root sys 5025 Aug 6 2010 /etc/ssh/sshd_config
#

cp -pr /etc/ssh/sshd_config /etc/ssh/sshd_config.old
# ls -ltr /etc/ssh/sshd_config*
-rw-r–r– 1 root sys 5025 Aug 6 2010 /etc/ssh/sshd_config.old
-rw-r–r– 1 root sys 5025 Aug 6 2010 /etc/ssh/sshd_config
#

Change the below parameter from 'no' to 'yes' as below
vi /etc/ssh/sshd_config

#PermitRootLogin no
PermitRootLogin yes

Restart ssh service
svcadm restart ssh

************************* End of task *************************


How To Enable Ssh In Solaris 10 Iso

Comments

comments

Tags: Allow root SSH login for Solaris 10, Enable direct root Logins, Enable direct root Logins for Solaris 10, Enable direct root Logins for Solaris 10 or Allow root SSH login for Solaris 10, Linux commands, root SSH login for Solaris 10, SSH login for Solaris 10

Recently I wrote a post about configuring OpenLDAP server with TLS support using RHEL available here. There I also mentioned how to setup Linux to authenticate against a LDAP server. But I didn't said a word about Solaris. That's unfair and I'm going to fix that by providing a quick guide on how to setup LDAP client in Solaris 10.

How To Configure Passwordless Ssh In Solaris 10

  1. First of all add LDAP server's certificate into your locale certificate database. Otherwise, you won't be able to setup a TLS session:
  2. Just verify that everything was done right:
  3. Setup Solaris ldap client:

    4. Please note that your serviceSearchDescriptor attribute might be different and that depends on your LDAP structure. This attribute just instruct ldap client how it should build its query to search, in my particular case, for passwd, group and net group records.

  4. All the rest is just almost like in the Linux world:

    5. nssswitch.conf

    cat /etc/pam.conf | grep sshd-kbdint

  5. Just take another look at your configuration:
  6. Use some very basic tools,i.e. id or getent, to make sure your could query and receive correct response from LDAP server.
  7. Finally, try to ssh into your server with a LDAP aware account.

How To Enable Ssh In Solaris 10

If anything goes wrong your could do the following:

How To Enable Ssh In Solaris 10 Commands

  • Use ldapsearch -v to make you sure you could setup a TLS session with your LDAP server successfully.
  • Enable PAM debugging and check the logs. To do that just run 'touch /etc/pam_debug', edit /etc/syslog.conf and add a new line (if it doesn't already there of course):

    And restart syslog with 'svcadm restart svc:/system/system-log:default'.

  • Analyze the logs on your LDAP server.
  • Switch off TLS and try to sniff the traffic with snoop to make sure your ldap client sends reasonable queries.

    • Have fun and happy tinkering!

    Posted on July 11, 2013 at 8:57 pm by sergeyt · Permalink
    In: Solaris





broken image
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save