Need help > ssh root login without password on redhat7.0
FARHAT Mehdi
localhost> ssh 127.0.0.1
but i need to type the password....
i try to add the root account in the .shosts file
but nothing ....
0/ My .shost file
localhost root
localhost.localdomain root
1/
the "strace sshd 2>&1 | grep open" do not report the open on the .shost
file...
2/
[root@localhost /root]# sshd -ddd
debug: sshd version OpenSSH_2.1.1
debug: Seeding random number generator
debug: read DSA private key done
debug: Seeding random number generator
debug: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
debug: Seeding random number generator
debug: Seeding random number generator
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 127.0.0.1 port 1023
debug: Client protocol version 2.0; client software version
OpenSSH_2.1.1
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-1.99-OpenSSH_2.1.1
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ri...@openssh.com
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ri...@openssh.com
debug: got kexinit: none
debug: got kexinit: none
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: client->server 3des-cbc hmac-sha1 none
debug: kex: server->client 3des-cbc hmac-sha1 none
debug: Wait SSH2_MSG_KEXDH_INIT.
debug: bits set: 497/1024
debug: bits set: 487/1024
debug: sig size 20 20
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: userauth-request for user root service ssh-connection method none
debug: Starting up PAM with username "root"
Failed none for ROOT from 127.0.0.1 port 1023 ssh2
debug: userauth-request for user root service ssh-connection method
publickey
debug: keytype ssh-dss
Failed publickey for ROOT from 127.0.0.1 port 1023 ssh2
-------------------------------------------------------------------------------------------
3/ My Pam file
#%PAM-1.0
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_limits.so
-------------------------------------------------------------------------------------------
4/ My sshd.conf
# This is ssh server systemwide configuration file.
Port 22
#Protocol 2,1
Protocol 1,2
ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
IgnoreRhosts no
# Uncomment if you don't trust ~/.ssh/known_hosts for
RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging
RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
#SkeyAuthentication no
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
CheckMail no
UseLogin no
#Subsystem sftp /usr/local/sbin/sftpd
------------------------------------------------------------------------------------------