Fibre Channel (SAN)

Reply
Occasional Visitor
Posts: 1
Registered: ‎07-10-2014

Passwordless ssh root access problem

Hi all,

I have a problem with passwordless ssh root access. Two switches, the same configuration, different behaviour.

 

SWITCH_1 OK:

 

SWITCH_1:root> ls -la /root/.ssh/
total 20
drwxr-xr-x 2 root sys 4096 Jun 20 12:01 ./
drwxr-x--- 5 root sys 4096 Jun 19 15:44 ../
-rw-r--r-- 1 root root 1116 Jun 20 12:01 authorized_keys
-rw-r--r-- 1 root sys 185 May 8 2013 environment
-rw-r--r-- 1 root root 221 Feb 13 20:53 known_hosts


SWITCH_1:root> ls -la /root/
total 32
drwxr-x--- 5 root sys 4096 Jun 19 15:44 ./
drwxr-xr-x 24 root root 4096 Jun 19 15:49 ../
-rw-r--r-- 1 root sys 507 May 8 2013 .bash_logout
-rw-r--r-- 1 root sys 27 May 8 2013 .inputrc
drwxr-xr-x 2 root admin 4096 Feb 13 20:53 .ncftp/
-rw-r--r-- 1 root sys 1202 May 8 2013 .profile
drwxr-xr-x 2 root sys 4096 Jun 20 12:01 .ssh/
drwxrwxrwx 3 root sys 4096 Feb 26 2010 .terminfo/

 

SWITCH_1:root> userconfig --show root
Account name: root
Description: root
Enabled: Yes
Password Last Change Date: Tue Nov 23 2010 (UTC)
Password Expiration Date: Not Applicable (UTC)
Locked: No
Role: root
AD membership: 0-255
Home AD: 0

SWITCH_1:root> cat /etc/sshd_config | grep -v ^# | sort -u

AllowTcpForwarding no
AllowedLogin admin
Banner /etc/fabos/motd
ChallengeResponseAuthentication no
HostKey /etc/ssh_host_dsa_key
HostKey /etc/ssh_host_rsa_key
IgnoreRhosts yes
LoginGraceTime 420
PermitUserEnvironment yes
PrintLastLog no
Protocol 2
Subsystem sftp /usr/libexec/sftp-server
UsePAM yes
UsePrivilegeSeparation no

 

SWITCH_1:root> version
Kernel: 2.6.14.2
Fabric OS: v7.0.2b1
Made on: Wed May 8 17:15:21 2013
Flash: Thu Jun 19 15:46:27 2014
BootProm: 1.0.9

 

Passwordless root ssh login works for this switch.

 

 

SWITCH_2: NOT OK:

 

SWITCH_2:root> ls -la /root/
total 28
drwx------ 4 root sys 4096 Apr 30 16:33 ./
drwxr-xr-x 24 root root 4096 Apr 30 16:40 ../
-rw-r--r-- 1 root sys 507 Feb 14 2011 .bash_logout
-rw-r--r-- 1 root sys 27 Feb 14 2011 .inputrc
-rw-r--r-- 1 root sys 1202 Feb 14 2011 .profile
drwxr-xr-x 2 root sys 4096 Jul 10 15:41 .ssh/
drwxrwxrwx 3 root sys 4096 Sep 19 2008 .terminfo/

 

SWITCH_2:root> ls -la /root/.ssh/
total 20
drwxr-xr-x 2 root sys 4096 Jul 10 15:41 ./
drwx------ 4 root sys 4096 Apr 30 16:33 ../
-rw-r--r-- 1 root root 1116 Jul 10 15:41 authorized_keys
-rw-r--r-- 1 root root 185 Jul 10 15:41 environment
-rw-r--r-- 1 root root 221 Jul 10 15:41 known_hosts

 

SWITCH_2:root> userconfig --show root

Account name: root
Description: root
Enabled: Yes
Password Last Change Date: Fri Mar 22 2013 (UTC)
Password Expiration Date: Not Applicable (UTC)
Locked: No
Role: root
AD membership: 0-255
Home AD: 0

 

SWITCH_2:root> cat /etc/sshd_config | grep -v ^# | sort -u

AllowTcpForwarding no
AllowedLogin admin
HostKey /etc/ssh_host_dsa_key
HostKey /etc/ssh_host_rsa_key
IgnoreRhosts yes
PermitUserEnvironment yes
PrintLastLog no
Protocol 2
Subsystem sftp /usr/libexec/sftp-server
UsePrivilegeSeparation no

 

SWITCH_2:root> version
Kernel: 2.6.14.2
Fabric OS: v6.3.2b2
Made on: Mon Feb 14 22:21:19 2011
Flash: Wed Apr 30 16:35:44 2014
BootProm: 1.0.9

 

The login requires password this time. The same public/private ssh key pair   is used for login. Any hint how to debug it? ssh -vvv says the key is offered and that's all...

 

Thanks a lot.

 

Pavol

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.