jslegers Absent Member.
Absent Member.
2886 views

sshd access denied

Hello,

I have a problem with a Netware 6.5.7 server. I can't get SSH to work. I have a problem with authentication. When I want to try to login I get an Access Denied error. Novell LDAP is up and running.

Here is my config file :

# $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $
# NWConfVersion = 21

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

Port 22
Protocol 2
ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
LogLevel INFO
LogPath sys:/etc/ssh/logs
LogMaxRotateFiles 7
LogMaxFileSize 4
LogRotationInterval 24

# Authentication:

LoginGraceTime 600
#PermitRootLogin yes
#StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile /etc/ssh/keys/authorized_keys

# Change to yes if you don't trust /etc/ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
ChallengeResponseAuthentication yes

ClientAliveInterval 10
ClientAliveCountMax 6
KeepAlive yes
Compression yes

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp SYS:/SYSTEM/sftp-svr.nlm

#eDir (Novell Directory Services) specific options
eDirNameContext o=bibliotheek

# Multi server navigation, default yes
# yes, path is /servername/volume/dirpath
# no, path is /volume/dirpath
DoSFTPMultiServerNavigation yes

# Ignore users home dir unless on destination server, default no
IgnoreRemoteHomeDir no

# Proxy user and password for ldap searches, useful when
# anon binds are disabled. Name must be fully qualified
ProxyName cn=ldappxy,o=bibliotheek
ProxyPassword

# Allow SSH console session access, default yes
AllowSSHSessions yes

# Restrict users to their home directory and below, default no
RestrictToHomeDir no

# File that contains list of users that are not restricted
UnrestrictFile /etc/ssh/unrestrict.txt

# Ignore all eDir home directory settings, use defaults settings, default no
IgnoreAllHomeDir no

# Default settings for user without a home directory
# or when IgnoreAllHomeDir is yes, no defaults
#DefaultUserHomeDir /public
#DefaultUserHomeVolume sys
#DefaultUserHomeServer rhost

# File name transactions are done using UTF8
# default no
SSHDSendUTF8FileNames no

# UTF8 file names to clients in this space separated aware list if
# SSHDSendUTF8FileNames is 'yes'. If SSHDSendUTF8FileNames 'yes' and
# this list is empty then all clients are considered UTF8 aware.
#UTF8AwareClients WinSCP_release_3.7.6

# Space separated list of CommonName:FullDistinguishName pairs. Common name
# used during login will be converted to the FDN for authentication purposes.
# No default, maximum of 16
eDirNameContext OU=centrale.O=Bibliotheek
eDirNameContext OU=Personeel.OU=centrale.O=Bibliotheek

What could be the problem? I have an other server and that one is running fine.

John
Labels (2)
0 Likes
8 Replies
jslegers Absent Member.
Absent Member.

Re: sshd access denied

Problem solved it was an invallid certificate. If have one other problem now if I login I get an error :

login as: admin
admin@192.168.30.12's password:

Only users with supervisor rights to this server can access console screens.
Press any key to disconnect.

Admin user has supervisor rights to the server object. Verry strange.
0 Likes
Knowledge Partner
Knowledge Partner

Re: sshd access denied

Try adding the user to the server under the "Operators" tab. Does it
work then?

- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)


Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

0 Likes
jslegers Absent Member.
Absent Member.

Re: sshd access denied

I have added the user admin to operators but still no result.
0 Likes
Knowledge Partner
Knowledge Partner

Re: sshd access denied

Jslegers,
> I have added the user admin to operators but still no result.
>

OK. Have you checked with SDIDIAG that your server keys are OK?

- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)


Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

0 Likes
jslegers Absent Member.
Absent Member.

Re: sshd access denied

I have started SDIDIAG but there were no errors found.
0 Likes
Knowledge Partner
Knowledge Partner

Re: sshd access denied

Jslegers,
> I have started SDIDIAG but there were no errors found.
>

OK. No ideas then. Let me ask around, but just for laughs, have you
tried another user? HAs it ever worked? Have you changed any of the
settings in The sshd_config file is located in sys\etc\ssh\?

- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)


Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

0 Likes
jslegers Absent Member.
Absent Member.

Re: sshd access denied

Hi AndersG,

We have tried with an other user and same problem. It has worked. Server is reinstalled due to harddisk crash.

John
0 Likes
Knowledge Partner
Knowledge Partner

Re: sshd access denied

Jslegers,
> We have tried with an other user and same problem. It has worked.
> Server is reinstalled due to harddisk crash.
>

OK. Let me ask.

- Anders Gustafsson (Sysop)
The Aaland Islands (N60 E20)


Novell has a new enhancement request system,
or what is now known as the requirement portal.
If customers would like to give input in the upcoming
releases of Novell products then they should go to
http://www.novell.com/rms

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.