Permit root login via ssh - Solaris

This is a discussion on Permit root login via ssh - Solaris ; Hello, I have just installed OpenSolaris Developer Preview. I want to be able to login as root to this machine from a linux box. I have modified sshd_config to permit root login, restart sshd. When I try to directly login ...

+ Reply to Thread
Results 1 to 14 of 14

Thread: Permit root login via ssh

  1. Permit root login via ssh

    Hello,

    I have just installed OpenSolaris Developer Preview.

    I want to be able to login as root to this machine from a linux box.
    I have modified sshd_config to permit root login, restart sshd.

    When I try to directly login as root via ssh, I have:

    Permission denied
    (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).

    What can I do ?

    I know that directly login as root via ssh is not good from security
    point of view.

    What I want to do, is to backup my linux box to the solaris box, via
    rsync. On the linux box, I must be root to have access to all the user
    files, so the rsync is done under the root user. Are there other solutions ?

    Thanks,

    Olivier

  2. Re: Permit root login via ssh

    Olivier Scalbert wrote:
    > Hello,
    >
    > I have just installed OpenSolaris Developer Preview.
    >
    > I want to be able to login as root to this machine from a linux box.
    > I have modified sshd_config to permit root login, restart sshd.
    >
    > When I try to directly login as root via ssh, I have:
    >
    > Permission denied
    > (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
    >
    > What can I do ?


    change the line below to yes

    bash-3.00$ grep Root /etc/ssh/sshd_config
    PermitRootLogin no


  3. Re: Permit root login via ssh

    caveman wrote:
    > change the line below to yes
    >
    > bash-3.00$ grep Root /etc/ssh/sshd_config
    > PermitRootLogin no
    >


    That is what I have done !
    Does not work ...

  4. Re: Permit root login via ssh

    Olivier Scalbert wrote:
    > caveman wrote:
    >> change the line below to yes
    >>
    >> bash-3.00$ grep Root /etc/ssh/sshd_config
    >> PermitRootLogin no
    >>

    >
    > That is what I have done !
    > Does not work ...


    What error message (if any) do you get? I've done this a few times and
    never had problems

  5. Re: Permit root login via ssh

    Dave wrote:
    > Olivier Scalbert wrote:
    >> caveman wrote:
    >>> change the line below to yes
    >>>
    >>> bash-3.00$ grep Root /etc/ssh/sshd_config
    >>> PermitRootLogin no
    >>>

    >>
    >> That is what I have done !
    >> Does not work ...

    >
    > What error message (if any) do you get? I've done this a few times and
    > never had problems


    Permission denied
    (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).

  6. Re: Permit root login via ssh

    On Dec 16, 5:24 am, Olivier Scalbert
    wrote:
    > I have just installed OpenSolaris Developer Preview.
    > I want to be able to login as root to this machine from a linux box.
    > I have modified sshd_config to permit root login, restart sshd.
    > When I try to directly login as root via ssh, I have:
    > Permission denied
    > (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
    > What can I do ?
    > I know that directly login as root via ssh is not good from security
    > point of view.
    > What I want to do, is to backup my linux box to the solaris box, via
    > rsync.


    You dont have to be root to store files on Solaris or any other UNIX
    derivative
    Ive come across. You only need write permission.
    Create a user:group specifically for this like rsyncper

    > On the linux box, I must be root to have access to all the user
    > files, so the rsync is done under the root user. Are there other solutions ?


    rsync supports ssh so...

    The real question is - can you login as anyone at ALL on the Solaris
    box
    using ssh?.

  7. Re: Permit root login via ssh

    gerryt wrote:
    > On Dec 16, 5:24 am, Olivier Scalbert
    > wrote:
    >> I have just installed OpenSolaris Developer Preview.
    >> I want to be able to login as root to this machine from a linux box.
    >> I have modified sshd_config to permit root login, restart sshd.
    >> When I try to directly login as root via ssh, I have:
    >> Permission denied
    >> (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
    >> What can I do ?
    >> I know that directly login as root via ssh is not good from security
    >> point of view.
    >> What I want to do, is to backup my linux box to the solaris box, via
    >> rsync.

    >
    > You dont have to be root to store files on Solaris or any other UNIX
    > derivative
    > Ive come across. You only need write permission.
    > Create a user:group specifically for this like rsyncper
    >
    >> On the linux box, I must be root to have access to all the user
    >> files, so the rsync is done under the root user. Are there other solutions ?

    >
    > rsync supports ssh so...
    >
    > The real question is - can you login as anyone at ALL on the Solaris
    > box
    > using ssh?.


    Yes I can log as anyone on the Solaris (except root).
    But that does not help me ...

    From my Linux box, I need to be root to start the rsync (from Linux to
    Solaris) on all directories.
    So as root, on the Linux side, I do a rsync ..... solarisbox:/backupdir ...

    And then I have to enter the password of the Solaris root ..., except if
    I have miss something .



  8. Re: Permit root login via ssh

    Olivier Scalbert wrote:
    > And then I have to enter the password of the Solaris root ..., except if
    > I have miss something .


    You have. Just because you're root on the Linux side doesn't mean you have
    to be root on the Solaris side. Tell rsync/ssh to use a different user.
    Most of the time that's done just by saying "@host" instead of just
    "host".

    --
    Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/

  9. Re: Permit root login via ssh

    hume.spamfilter@bofh.ca wrote:
    > Olivier Scalbert wrote:
    >> And then I have to enter the password of the Solaris root ..., except if
    >> I have miss something .

    >
    > You have. Just because you're root on the Linux side doesn't mean you have
    > to be root on the Solaris side. Tell rsync/ssh to use a different user.
    > Most of the time that's done just by saying "@host" instead of just
    > "host".
    >

    Thanks for the info, I should have read the man !
    ;-)
    I will do some tests tomorrow.

  10. Re: Permit root login via ssh

    On Sun, 16 Dec 2007 18:53:07 +0100, Olivier Scalbert wrote:
    >caveman wrote:
    >> change the line below to yes
    >>
    >> bash-3.00$ grep Root /etc/ssh/sshd_config
    >> PermitRootLogin no
    >>


    >That is what I have done !
    >Does not work ...


    also edit etc/default/login and comment out "CONSOLE=/dev/console"


  11. Re: Permit root login via ssh

    On Dec 16, 1:42 pm, hume.spamfil...@bofh.ca wrote:
    > Olivier Scalbert wrote:
    > > And then I have to enter the password of the Solaris root ..., except if
    > > I have miss something .

    > You have. Just because you're root on the Linux side doesn't mean you have
    > to be root on the Solaris side. Tell rsync/ssh to use a different user.
    > Most of the time that's done just by saying "@host" instead of just
    > "host".
    > Brandon Hume - hume -> BOFH.Ca,http://WWW.BOFH.Ca/


    Ah! Another BOFH gets it. : > Maybe your explanation will work

  12. Re: Permit root login via ssh

    On Dec 16, 2:53 pm, Olivier Scalbert
    wrote:
    > caveman wrote:
    > > change the line below to yes

    >
    > > bash-3.00$ grep Root /etc/ssh/sshd_config
    > > PermitRootLogin no

    >
    > That is what I have done !
    > Does not work ...


    Stupid question, but did you restart ssh?

  13. Re: Permit root login via ssh

    sergiusens wrote:
    > On Dec 16, 2:53 pm, Olivier Scalbert
    > wrote:
    >> caveman wrote:
    >>> change the line below to yes
    >>> bash-3.00$ grep Root /etc/ssh/sshd_config
    >>> PermitRootLogin no

    >> That is what I have done !
    >> Does not work ...

    >
    > Stupid question, but did you restart ssh?


    Not a stupid question !
    Yes I did !

  14. Re: Permit root login via ssh

    hume.spamfilter@bofh.ca wrote:
    > Olivier Scalbert wrote:
    >> And then I have to enter the password of the Solaris root ..., except if
    >> I have miss something .

    >
    > You have. Just because you're root on the Linux side doesn't mean you have
    > to be root on the Solaris side. Tell rsync/ssh to use a different user.
    > Most of the time that's done just by saying "@host" instead of just
    > "host".
    >


    Thanks Brandon, you are right, it works !

+ Reply to Thread