This content has been marked as final. Show 8 replies
That could very well be a nameservice issue. Does the issue affect all users or just a small sub-set?
Are you able to login as root on the console? By default root over ssh is disabled, but if you've enabled it you can confirm whether the issue is nameservice or not by confirming that local users (files) login successfully and nameservice backed users do not.
What nameservices for users (password) are you using? Looking at your /etc/nsswitch.conf file will tell you the order in which users, passwords, groups, etc are looked up.
Thanks for the update. Could you please let me know the details. I am very much new to Solaris. How to check all these which you said.
Edited by: 896653 on Mar 13, 2012 3:51 AM
You're going to need to know a few details about your infrastructure so start by asking your colleagues for help.
* Identify the server make/model you have
* Many of the systems on the market today have System Processors (SPs), iLOMs, ALOMS, etc. These are small computers within the system that allow you to control the host remotely. Ask your colleagues for the IP address of this device. This assumes that it's actually configured, has an IP address, and is connected to your management LAN. If it is configured, ssh to this IP address using the administrators username/password. If it's not configured, then you'll need to be onsite with a laptop and a serial cable (DB9 or RJ45)
* Depending on the host you'll then be able to console on to the host. Typical commands will be "console" or "start /SP/console".
* Login as root
* Look at your /etc/nsswitch.conf file to see what order and type of nameservice you have to identify users, eg:
$ grep passwd /etc/nsswitch.conf
* If you have local users (see /etc/passwd) then try to ssh to this system and login using one of these users. If you don't have any local users, create one for testing purposes. See the man pages for groupadd(1M) and useradd(1M). Then try ssh'ing as that new user from your putty session. If that works you can now confirm that local users work and non-local users do not. This then pushes you on to the name service and you will then need to engage your Network Team or whichever group manages that service within your estate.
That should get you started.
I am trying with local user only. I am trying with root user.It is not working.
Can you login via the console?
Given how complicated this could get it's best you log a support ticket with Oracle and get assistance from the Solaris Network Team. It's going to require trussing 'sshd' and/or putting it in to debug mode, and snooping the connection to see where the problem is.
Check if root login has been enabled. In /etc/ssh/sshd_config there is a parameter "PermitRootLogin" if is set to "no" then change it to "yes" and restart ssh service # svcadm restart svc:/network/ssh:default
Root Login is enabled.
Console login is happening.
After rebooting the server the issue has been solved. But we find same issue in 3more servers. Donno how to go ahead as it is very critical server which is not possible for a reboot.
If you have a support contract with Oracle, please raise a new service request and one of us will help you. If you don't have a support contract with Oracle it's best you speak to your support vendor.