3 Replies Latest reply on Oct 10, 2012 12:35 PM by CyberNinja

    Login issues

      I'm having trouble logging into some of my servers. I can log into all my servers if I'm using my ssh agent, but if I use my password, the login fails on some servers. If I become root and then become anther user and then try to su - to anther user using a password it fails.

      When something breaks the 1st thing you check is the last change. The last change was this. I moved all the servers from using md5 hashes for shoring our passwords to sha512. I looked in /etc/security/crypt.conf and /etc/security/policy.conf which are the files that where changed. They are the same when compared to each other. So I don't know why some servers are work and others are not.

      I did notice that on the servers that where not working had CRYPT_ALGORITHMS_ALLOW=1,2a,md5 instead of CRYPT_ALGORITHMS_ALLOW=1,2a,md5,5,6. I have corrected this and I'm still having issues.

      Any help would be great
        • 1. Re: Login issues
          This is a update. I was given the answer to my by MikelB from Oracle on the Oracle communities website.
          I like to post the answer so others can be helped.


          /usr/lib/security/crypt_sha256.so.1 has been delivered with patch 140905-01.
          This patch is embedded in Solaris 10u7.

          (Same for sha512).

          Current patch is 140905-02. Please check if this patch is installed.

          Best regards
          I looked at my system and the patch above was not installed, so I installed it. After I installed the patch and rebooted the server, my hashing issue was resolved. I have posted the link below, if any of you want to look at it.

          communities.oracle.com/portal/server.pt/community/view_discussion_topic/216?threadid=451089&aggregatorResults=T451089T450797T441919T450532T450098T448593T440143T438685T447153T445735&pagedAggregatorPageNo=1&sourceCommunityId=399&sourcePortletId=268&doPagination=true&returnUrl=https%3A%2F%2Fcommunities.oracle.com%2Fportal%2Fserver.pt%3Fopen%3Dspace%26name%3DCommunityPage%26id%3D1%26psname%3DOpener%26psid%3D0%26cached%3Dtrue%26in_hi_userid%3D321532%26control%3DSetCommunity%26PageID%3D0%26CommunityID%3D399%26isBack%3Dtrue&Portlet=View Discussion&PrevPage=Communities-ReplyDiscussion
          • 2. Re: Login issues
            Thanks for the update, Mike.

            By the way, for anyone that might want to try that link, Communities.Oracle.Com requires MOS login credentials.

            It's not a free site for just anyone.
            So, those without access to MOS (and therefore no access to get patches) would need to upgrade/reinstall Solaris 10 to Update 7 ( May 2009 ) or newer.
            • 3. Re: Login issues
              Thanks for posting that comment. I forgot that it is a locked down site. The users maybe able to get the patch from the CD or DVD.