Re: Unable to connect to Remote Unix Machine via SSH with Kerberos (915 Views)
Reply
Occasional Contributor
Chris Winkler
Posts: 8
Registered: ‎05-18-2011
Message 1 of 3 (929 Views)

Unable to connect to Remote Unix Machine via SSH with Kerberos

I am trying to setup remote unix servers in Sitescope 11.10 for the servers in our test environment that have Kerberos implemented but am seeing connection errors. From the Sitescope server, I can successfully SSH into these remote unix servers using putty. Because Kerberos is implemented, I only have to enter my username in putty. A password is not required. Underneath the covers, there is an authentication step with our active directory that takes place. My ID has been configured within Kerberos so that Kerberos does the authentication against our active directory and I do not have to enter a password when SSH'ing.

 

In Sitescope 11.10, I configure the Remote Unix Server with:

Username: my username
Password: I leave this field empty
Method: SSH
SSH AUthentication Method: Password

 

 

Result:
Attempting SSH V1 connect.
SSH V1 connect failed
Attempting SSH V2 connect
SSH V2 connect failed
remote command error  (-1)
remote command error  (-1)

 


Log File Error Message:
Sun Dec 18 19:35:14 EST 2011 SSH internalConnectV2: A Connection error occurred: Permission denied connecting to host 10.10.10.10
2011-12-18 19:35:14,484 [http-8080-Processor22] (RemoteCommandLine.java:130) ERROR - <-- list of SSH retries

 

 

Is there a recommended a way to properly configure a Remote Unix Server that uses Kerberos in Sitescope?

Trusted Contributor
Polter
Posts: 163
Registered: ‎07-14-2011
Message 2 of 3 (915 Views)

Re: Unable to connect to Remote Unix Machine via SSH with Kerberos

Check that the user assigned has permission  for connection.

Respected Contributor
dcsbeemer
Posts: 299
Registered: ‎07-19-2011
Message 3 of 3 (908 Views)

Re: Unable to connect to Remote Unix Machine via SSH with Kerberos

[ Edited ]

Hi Chris


I'd start with making sure you can reach the remote Unix server over SSH port 22 from your SiS server. Running 'telnet IP.OF.REMOTE.UNIX.MACHINE 22' should do the trick.

If that works, next try connecting to the Unix machine from your SiS machine with something like PuTTy.

If that works, try inserting the password you used when you connected via PuTTy in SiS and just check if it successfully connects then. I assume you do not want to use password authentication, so maybe use SSH keys instead?

I haven't got much experience with Kerberos myself and it doesn't seem like Sitescope has support for it when it comes to remote Unix servers (could be wrong though).

 

 

If you still have trouble, let us know and we'll go from there.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.