Re: rac user equivalence
- From: John Smith <john40855@xxxxxxxxx>
- To: Dan Norris <dannorris@xxxxxxxxxxxxx>
- Date: Thu, 8 Apr 2010 08:38:05 -0500
Forget to reply all the last time, Dan found it, there was an extra line in
system-auth on the problem node. Thanks Dan.
On Thu, Apr 8, 2010 at 8:24 AM, Dan Norris <dannorris@xxxxxxxxxxxxx> wrote:
> Since you can login to rac2 with a different user account, maybe you could
> try doing "su - oracle" from the login you have to confirm the password is
> what you think it is? Sounds like it could just be as simple as having the
> wrong password. Seems less likely, but you could check the files in
> /etc/pam.d (especially login and system-auth) to confirm they match between
> the nodes too.
>
> Dan
>
>
> On Thu, Apr 8, 2010 at 8:05 AM, John Smith <john40855@xxxxxxxxx> wrote:
>
>> This shows in /var/log/secure.:
>>
>> Apr 8 05:41:17 rac2 sshd[8421]: pam_access(sshd:account): access denied
>> for user `oracle' from `rac1'
>> Apr 8 05:41:17 rac2 sshd[8421]: Failed password for oracle from
>> 192.268.2.1 port 17143 ssh2
>> Apr 8 05:41:17 rac2 sshd[8422]: fatal: Access denied for user oracle by
>> PAM account configuration
>>
>> On Wed, Apr 7, 2010 at 8:34 PM, Matthew Zito <mzito@xxxxxxxxxxx> wrote:
>>
>>> Also, maybe one of your nodes has the user shell as sbin/nologin? Or has
>>> the account with no password and pam is preventing a login?
>>>
>>> An strafe of your sshd process will give you some useful data.
>>>
>>> Matt
>>>
>>>
>>>
>>> On Apr 7, 2010, at 9:30 PM, "Bobak, Mark" <Mark.Bobak@xxxxxxxxxxxx>
>>> wrote:
>>>
>>> Ugh, it’s 9:15pm, and I’m just now heading home, so, brain is a bit
>>> fried.
>>>
>>>
>>>
>>> First, I don’t suppose you’re installing 11gR2 Clusterware? If you are,
>>> there’s a “SSH Connectivity” button that you click, and Oracle will set
>>> everything up for you.
>>>
>>>
>>>
>>> Otherwise, check the log files. Anything in /var/log/secure?
>>>
>>>
>>>
>>> Try starting sshd in the foreground with the ‘-d’ option to turn on
>>> debugging, and then attempt a login.
>>>
>>>
>>>
>>> Hope that helps,
>>>
>>>
>>>
>>> -Mark
>>>
>>>
>>>
>>> *From:* oracle-l-bounce@xxxxxxxxxxxxx [mailto:
>>> oracle-l-bounce@xxxxxxxxxxxxx] *On Behalf Of *John Smith
>>> *Sent:* Wednesday, April 07, 2010 7:07 PM
>>> *To:* <oracle-l@xxxxxxxxxxxxx>oracle-l@xxxxxxxxxxxxx
>>> *Subject:* rac user equivalence
>>>
>>>
>>>
>>> Not precisely oracle, but related. Trying to set up user equivalence on
>>> redhat 5. When I ssh from node 2 to node 1, connecting as oracle, it works
>>> fine, no problems.
>>>
>>> But when I ssh from node 1 to node 2 as oracle, it immediately closes the
>>> connection after entering the password. This happens no matter what user id
>>> I connect from to the oracle account.
>>>
>>> I can ssh to other accounts on rac2, but not the oracle account.
>>>
>>> ssh_config and sshd_config are identical, as are hosts.allow and
>>> hosts.deny. Anyone have any ideas?
>>>
>>> [root@rac2 ssh]# ssh oracle@rac1
>>> oracle@rac1's password:
>>> Last login: Wed Apr 7 15:48:24 2010 from rac2
>>> [oracle@rac1 ~]$
>>>
>>> [oracle@rac1 ~]$ ssh oracle@rac2
>>> oracle@rac2's password:
>>> Connection closed by 192.168.2.223
>>>
>>> [root@rac1 ~]$ ssh oracle@rac2
>>> oracle@rac2's password:
>>> Connection closed by 192.168.2.223
>>>
>>> [root@rac1 ~]$ ssh johns@rac2
>>> johns@rac2's password:
>>> [johns@rac2 ~]$
>>>
>>>
>>
>
Other related posts:
