By default when you install a fresh solaris 10 operating system, the root user does not have an ssh login access to the system. This is done for security purposes and it is a default setting. So if you want to login to your system as root user, you have to first login as a normal non-root user and then do a switch user (su -) to root user. To remove this restriction follow the steps shown below.
1. Please check the sshd configuration file /etc/ssh/sshd_config and make sure PermitRootLogin is set to yes as shown below.
Solaris 10 is by default installed with SSH server and the clients. However, if you have chosen to ignore SSH at the time of installation or have started the install with a minimal install then you may need to install OpenSSH manually. I'm using the commands below to enable SSH in order to use WINSCP to upload solaris 11.3 patches. It worked successfully on 2 LDoMS and failed to work on.
2. Once you have modified the file to have the parameter, restart the ssh service for the changes to take effect.
3. If the parameter AllowUsers is set as well, it is necessary to add user “root” to the list of AllowUsers list as shown below.
This usually is not required as the AllowUsers parameter line is by default hashed out.
How To Enable Ssh In Solaris 11 System
I needed to quickly enable SSH as root to rsync
a load of data. Yes, Iknow there are far better ways to do it, and I know that enabling SSHfor root is a bad idea, and lazy, and normally I’d agree, but I neededto do it. Anyway, it’s on a private lab network.
So, I opened /etc/ssh/sshd_config
and changed PermitRootLogin
toyes
. I refreshed the SSH service, and tried to run a remote commandas root, and it wouldn’t let me.
How To Enable Ssh Windows
The sshd_config
man page told me I had to comment the CONSOLE
lineout of /etc/default/login
, just like yout had to do for telnet
inthe old days. So I did that, and still no dice.
I cranked up the sshd
logging, and saw that:
Ah, PAM. Right. This is where it starts to get murky for me. Rememberthat for some time now Sun have been trying to turn us all off root,making it a role and all that crap. You need to tell PAM that root isstill a user by sticking the following in /etc/pam.conf
.
sshd-kbdint account required pam_unix_account.so.1
UPDATE: I had a devil of a job with one box only accepting interactivelogins. It looks like things have changed in Solaris 11.1, so to useauthorized_keys
and whatnot, you’ll also have to have
in /etc/pam.conf
too.
Then, in combination with the other stuff, you can run SSH commands as root.So now you know how to do it, don’t do it.