Brocade Fibre Channel Networking Community

Passwordless ssh root access problem

  • 1.  Passwordless ssh root access problem

    Posted 07-10-2014 10:26 AM

    Hi all,

    I have a problem with passwordless ssh root access. Two switches, the same configuration, different behaviour.

     

    SWITCH_1 OK:

     

    SWITCH_1:root> ls -la /root/.ssh/
    total 20
    drwxr-xr-x 2 root sys 4096 Jun 20 12:01 ./
    drwxr-x--- 5 root sys 4096 Jun 19 15:44 ../
    -rw-r--r-- 1 root root 1116 Jun 20 12:01 authorized_keys
    -rw-r--r-- 1 root sys 185 May 8 2013 environment
    -rw-r--r-- 1 root root 221 Feb 13 20:53 known_hosts


    SWITCH_1:root> ls -la /root/
    total 32
    drwxr-x--- 5 root sys 4096 Jun 19 15:44 ./
    drwxr-xr-x 24 root root 4096 Jun 19 15:49 ../
    -rw-r--r-- 1 root sys 507 May 8 2013 .bash_logout
    -rw-r--r-- 1 root sys 27 May 8 2013 .inputrc
    drwxr-xr-x 2 root admin 4096 Feb 13 20:53 .ncftp/
    -rw-r--r-- 1 root sys 1202 May 8 2013 .profile
    drwxr-xr-x 2 root sys 4096 Jun 20 12:01 .ssh/
    drwxrwxrwx 3 root sys 4096 Feb 26 2010 .terminfo/

     

    SWITCH_1:root> userconfig --show root
    Account name: root
    Description: root
    Enabled: Yes
    Password Last Change Date: Tue Nov 23 2010 (UTC)
    Password Expiration Date: Not Applicable (UTC)
    Locked: No
    Role: root
    AD membership: 0-255
    Home AD: 0

    SWITCH_1:root> cat /etc/sshd_config | grep -v ^# | sort -u

    AllowTcpForwarding no
    AllowedLogin admin
    Banner /etc/fabos/motd
    ChallengeResponseAuthentication no
    HostKey /etc/ssh_host_dsa_key
    HostKey /etc/ssh_host_rsa_key
    IgnoreRhosts yes
    LoginGraceTime 420
    PermitUserEnvironment yes
    PrintLastLog no
    Protocol 2
    Subsystem sftp /usr/libexec/sftp-server
    UsePAM yes
    UsePrivilegeSeparation no

     

    SWITCH_1:root> version
    Kernel: 2.6.14.2
    Fabric OS: v7.0.2b1
    Made on: Wed May 8 17:15:21 2013
    Flash: Thu Jun 19 15:46:27 2014
    BootProm: 1.0.9

     

    Passwordless root ssh login works for this switch.

     

     

    SWITCH_2: NOT OK:

     

    SWITCH_2:root> ls -la /root/
    total 28
    drwx------ 4 root sys 4096 Apr 30 16:33 ./
    drwxr-xr-x 24 root root 4096 Apr 30 16:40 ../
    -rw-r--r-- 1 root sys 507 Feb 14 2011 .bash_logout
    -rw-r--r-- 1 root sys 27 Feb 14 2011 .inputrc
    -rw-r--r-- 1 root sys 1202 Feb 14 2011 .profile
    drwxr-xr-x 2 root sys 4096 Jul 10 15:41 .ssh/
    drwxrwxrwx 3 root sys 4096 Sep 19 2008 .terminfo/

     

    SWITCH_2:root> ls -la /root/.ssh/
    total 20
    drwxr-xr-x 2 root sys 4096 Jul 10 15:41 ./
    drwx------ 4 root sys 4096 Apr 30 16:33 ../
    -rw-r--r-- 1 root root 1116 Jul 10 15:41 authorized_keys
    -rw-r--r-- 1 root root 185 Jul 10 15:41 environment
    -rw-r--r-- 1 root root 221 Jul 10 15:41 known_hosts

     

    SWITCH_2:root> userconfig --show root

    Account name: root
    Description: root
    Enabled: Yes
    Password Last Change Date: Fri Mar 22 2013 (UTC)
    Password Expiration Date: Not Applicable (UTC)
    Locked: No
    Role: root
    AD membership: 0-255
    Home AD: 0

     

    SWITCH_2:root> cat /etc/sshd_config | grep -v ^# | sort -u

    AllowTcpForwarding no
    AllowedLogin admin
    HostKey /etc/ssh_host_dsa_key
    HostKey /etc/ssh_host_rsa_key
    IgnoreRhosts yes
    PermitUserEnvironment yes
    PrintLastLog no
    Protocol 2
    Subsystem sftp /usr/libexec/sftp-server
    UsePrivilegeSeparation no

     

    SWITCH_2:root> version
    Kernel: 2.6.14.2
    Fabric OS: v6.3.2b2
    Made on: Mon Feb 14 22:21:19 2011
    Flash: Wed Apr 30 16:35:44 2014
    BootProm: 1.0.9

     

    The login requires password this time. The same public/private ssh key pair   is used for login. Any hint how to debug it? ssh -vvv says the key is offered and that's all...

     

    Thanks a lot.

     

    Pavol


    #BrocadeFibreChannelNetworkingCommunity