Re: Attempting to get ported tools SSH to talk to a SLES 9 image on z.

Sun, 12 Feb 2006 14:41:22 -0800 

I would agree with Dave that you need to generate a key pair on the z/OS
system, and copy the public key to the ~/.ssh/authorized_keys file
(create it if it does not exist) on the target system.


Mark Post

-----Original Message-----
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of
James Melin
Sent: Thursday, February 09, 2006 4:48 PM
To: [email protected]
Subject: Re: Attempting to get ported tools SSH to talk to a SLES 9
image on z.


I have beaten it into submission on the z/OS side - I now get:

FSUM1006 A shell was not specified. Processing continues using the
default shell name.
Warning: Permanently added the RSA host key for IP address
'137.70.100.15' to the list of known hosts.
FOTS1373 Permission denied (publickey,keyboard-interactive).

So clearly, the system generated RSA key is being recognized.

When I look at the Linux logs, I see this in 'warn'

Feb  9 15:12:44 vadnais sshd[23215]: error: PAM: Authentication failure
for sytest from owl0.co.{supressed}
Feb  9 15:12:45 vadnais last message repeated 2 times

So it is reaching the target linux, clearly, and failing there.

My pam module was modified to allow for PAM authentication against
RACFLDAP and looks like this:

#%PAM-1.0
auth     required       pam_nologin.so
auth     sufficient     pam_ldap.so
auth     required       pam_env.so
auth     required       pam_unix2.so use_first_pass
account  sufficient     pam_ldap.so
account  required       pam_unix2.so
account  required       pam_nologin.so
password sufficient     pam_ldap.so
password required       pam_pwcheck.so
password required       pam_unix2.so    use_first_pass use_authtok
session  required       pam_unix2.so    none # trace or debug
session  required       pam_limits.so
# Enable the following line to get resmgr support for
# SSH sessions (see /usr/share/doc/packages/resmgr/README.SuSE)
#session  optional      pam_resmgr.so fake_ttyname

Is there something that I am missing here? What do I need to change to
enable the SSH from z/OS to Linux to work and still have ssh
authentication
from things like putty work ok.

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390

Reply via email to