[SunHELP] problems with putty/dsa authorization on solaris9

Phil Stracchino alaric at caerllewys.net
Fri Jun 6 10:53:10 CDT 2003 

On Fri, Jun 06, 2003 at 04:29:52AM -0700, Solaris Neophyte wrote:
> this worked w/o a hitch on freebsd and netbsd, but now i'm getting issues with
> solaris 9.
> 
> i'm trying to use keypair authorization instead of passwords when i ssh into
> the sparc20.
> 
> i used puttygen to create the dsa keypairs. i placed the public key,
> authorized_keys2 in the user home director under ~/.ssh and i placed the
> private key, id_dsa.ppk on the system that is going to access the sparc20. i
> changed the permissions for the ~./ssh to 700 and the permissions on the public
> key to 600.
> 
> whenever i try to login using the key, i get messages stating that the server
> rejected the key.
> 
> i've gone in to the password and shadow files using vipw (it's a bit different
> than i am used to) to change the password field of the user to a single '*'.
> 
> anyone have any clues how i can resolve this issue?


I'm having a similar problem, also on Solaris 9 (on an Ultra30).  Both
using Sun's ssh and using OpenSSH-3.6.1p1, built against either
OpenSSL-0.9.7a or 0.9.7b using the gcc-3.2.3 package from sunfreeware,
outgoing ssh connections work perfectly, but all forms of public-key
authorization fail on all incoming connections (including connections to
localhost).  Password auth works, but ONLY password auth.  The keys
being used are known valid keys that work to and from every other
machine on my network.

What's more, I can't get any debugging information out of sshd beyond
the initial ten lines after startup, even running sshd in the foreground
with debug level set to the maximum DEBUG3.

So I don't think puttygen is relevant to this -- it seems to be a
Solaris9 issue.

Any insights from anyone?


-- 
 .*********  Fight Back!  It may not be just YOUR life at risk.  *********.
 : phil stracchino : unix ronin : renaissance man : mystic zen biker geek :
 :  alaric at caerllewys.net : alaric-ruthven at earthlink.net : phil at latt.net  :
 :   2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)   :
 :    Linux Now!   ...Because friends don't let friends use Microsoft.    :

More information about the SunHELP mailing list