I’ve been away from Solaris for 5 months, but I need some VMs for NFSv4 testing, which means beating my head against modernization such as RBAC, pfexec, and NWAM.
I prefer to treat my lab Unix machines as inter-changable boxes and do all of my configuration up front. I want to be able to do an SSH root login, especially if the system goes out of the way to make that hard.
There are currently 3 things you have to do to violate this security truism on either OpenSolaris or Solaris 11:
1) Modify PermitRootLogin to yes in /etc/ssh/sshd_config.
2) Comment out the “CONSOLE=/dev/console” line in /etc/default/login.
3) Remove “;type=role” from the root entry in /etc/user_attr.
Thanks a lot! I wasted half day for this! Appreciate your help! I figured the other ones but the /etc/user_attr I couldnt find anywhere!
Awesome resource man. Thanx.
This of course also works for OpenIndiana – which I mention only so google will index it.
Thanks for the post.
Hello,
I also had the same problem on opensolaris 2008.11, whereas I tried to login to root, using the /etc/ssh/sshd_config feature, but received the “Permission denied” message. Have been reading the various postings on this very issue, and just about gave up trying to get root login. I know that it was setup when the OS was installed, but since my personal login is restricted, I am unable to do any Administrator functions. What could I be doing wrong. Any help would be appreciated.
Thank you,
DeWitt
Worked on my OpenIndiana 152, thanks!