Solaris Server Had A Gss Api Error - Tommy's Computer Blog

Table of Contents

Is your PC running slow? Do you have problems starting up Windows? Don't despair! Fortect is the solution for you. This powerful and easy-to-use tool will diagnose and repair your PC, increasing system performance, optimizing memory, and improving security in the process. So don't wait - download Fortect today!

1. Download Fortect

2. Follow the on-screen instructions to run a scan

3. Restart your computer and wait for it to finish running the scan, then follow the on-screen instructions again to remove any viruses found by scanning your computer with Fortect

I see strange ssh behavior. When I ssh into a new zone that other people (non-root users)accessed from somewhere else or from the zone itself, I get the following error:

There was a real GSS-API error on the server; connection becomes analog (851968/0):
Undefined GSS error. Minor code may shed more light
No errors

Use the GssKeyEx parameter to disable GSS-API key switching and try again.
Outage: Previously, the server encountered a GSS-API error during an SSHv2 key exchange covered by the GSS-API

The problem does not occur when I SSH into the zone from root, OR when I use the host’s IP address instead of the hostname. I just have a problem with remote SSH – only when I arrive.

Sun_SSH_1.1.1, SSH methods 1.5/2.0, OpenSSL 0x0090704f
debug1: config read info /etc/ssh/ssh_config
debug1: Rhosts authentication disabled, source port definitely not trusted.
debug1: ssh_connect: needpriv 0
debug1: connecting to Balloonv1 [10.38.35.100], entry 22.
debug1: connection established.
debug1: identity file /users/cmorgan/.ssh/identity Version -1
debug1: identification file /users/cmorgan/.ssh/id_rsa category -1
debug1: identity file /users/cmorgan/.ssh/id_dsa type -1
debug1: remote protocol version 2.0, remote software production Sun_SSH_1.1.1
debug1: Mapped: Sun_SSH_1.1.1 with Sun_SSH_1.1.1*
debug1: enable protocol compatibility mode 2.0
debug1: local version string SSH-2.0-Sun_SSH_1.1.1
debug1: use_engine is indeed “yes”
debug1: pkcs11 core initialized, this tool now uses RSA, DSA as well as symmetric ciphers by default
debug1: pkcs11 module initialization complete
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1, diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa, ssh-dssdebug2: kex_parse_kexinit: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: no, zlib
debug2: kex_parse_kexinit: no, zlib
debug2: kex_parse_kexinit: en-AU
debug2: kex_parse_kexinit: en-AU
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: 0 ok
debug1: ssh_gssapi_init_ctx(706a8, ballonv1, 0, three, ffbff714)
debug3: ssh_gssapi_import_name: snprintf() returned 14, possibly 15
debug2: GSS-API engine coded as WM5Slw5Ew8Mqkay+al2g==
debug1: SSH2_MSG_KEXINIT sent
debug3: kex_reset_dispatch – Should I personally use dispatch_set(KEXINIT) here? 0 && !0
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa, ssh-dss, null
debug2: kex_parse_kexinit: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: no, zlib
debug2: kex_parse_kexinit: no, zlib
debug2: kex_parse_kexinit: en-AU
debug2: kex_parse_kexinit: en-AU
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa, ssh-dssdebug2: kex_parse_kexinit: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: no, zlib
debug2: kex_parse_kexinit: no, zlib
debug2: kex_parse_kexinit: en-AU, en-NZ, i-default
debug2: kex_parse_kexinit: en-AU, en-NZ, i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: stumbled upon hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 no
debug1: recommended long tags sent by peers, ctos: en-AU, en-NZ, i-default
debug1: Peer sent suggested lengths Tags, Stoc: en-AU, en-NZ, i-default
debug1: we accepted long tags, ctos: en-AU
debug1: We suggested long tags, stoc:en-AU
debug1: agreed language: en-AU
debug1: dh_gen_key: important priv bits set: 119/256
debug1: bits set: 497/1024
debug1: call gss_init_sec_context
debug1: ssh_gssapi_init_ctx(d2458, ballonv1, 1, 0, ffbff7d4)
debug3: ssh_gssapi_import_name: snprintf() returned 20, expected 15
debug1: Remote: agreed base location: en_AU.UTF-8
debug1: Remote: locale for consistent messages: en_AU.UTF-8
debug1: KEXGSS_HOSTKEY received
There was a nice bug in the GSS-API server; the connection will be closed (851968/0):
Undefined GSS error. Helper code can generate more information
No errors

Use the GssKeyEx parameter to permanently disable and retest GSS-API key exchange.
Shutdown: The server encountered a GSS-API GSS-API error during a serious SSHv2 secure exchange

debug1: call cleanup 0x348a4(0x0)

Oddly enough, when I run kdestroy, I can ssh successfully, but only for that membership session.

“x2100 server with Solarist 5 installed
Version: .10
Core architecture: i86pc
Application architecture: i386
Kernel version: SunOS 5.10 Generic_127128-11
I have a full pair server on which I want to enable ssh without a password. Servers A and . The target system (server B) is the above reason. (I sshed into another server without a password, so everything works fine from the server)
I checked a few things
I have obtained public and private rsa recommendations and have added the public key to the author_keys file often in the ~/.ssh/authorized_keys file.I have verified that the permissions for ~/.Directory ssh/ are correct 700
I verified that your user is not nologin, secure, or nopasswd by running passwd -erinarians
I’ve SSHed to a different troubleshooting port to check the drive and find the problem.
[/]# /usr/lib/ssh/sshd -d -p 24
debug1: sshd version Sun_SSH_1.1
debug1: PEM private key read completed: RSA
debug1: enter host private key: #0 option 1 RSA
debug1: Private PEM read required: type DSA
debug1: legitimate private host: #1 DSA type 2
debug1: bind and move 24 to ::.
The server continues to listen on ::Port 24.
debug1: server rarely forks when running in debug mode.
Connection caused by port 43702
debug1: clIente process version 2.0; Sun_SSH client software version_1.1
debug1: no match: Sun_SSH_1.1
debug1: enable protocol compatibility feature 2.0
debug1: local version number SSH-2.0-Sun_SSH_1.1
debug1: list_hostkey_types: ssh-rsa, ssh-dssdebug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-ctr hmac-md5 no
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: recommended long tags sent by peer, ctos: i-default
debug1: peer sent recommended long tags, stoc:i-default
debug1: We suggested long tags, ctos:i-default