Hello All:
I think I messed up the sshd_config file. I was trying to test "PermiRootLogin Yes" now the service would not start, would not even let me establish putty connection. at the ESX server console I am getting error: "Starting sshd:/etc/sshd_config line 36: Bad yes/without-password/forced-commands-only/no argument: Yes". I have pasted the sshd_config file below. Please advise how to fix it.
$OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $
This is the sshd server system-wide configuration file. See
sshd_config(5) for more information.
This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
The strategy used for options in the default sshd_config shipped with
OpenSSH is to specify options with their default value where
possible, but leave them commented. Uncommented options change a
default value.
#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768
Logging
#obsoletes QuietMode and FascistLogging
SyslogFacility AUTH
LogLevel VERBOSE
Authentication:
#LoginGraceTime 120
PermitRootLogin Yes
#StrictModes yes
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
rhosts authentication should not be used
#RhostsAuthentication no
Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
similar for protocol version 2
#HostbasedAuthentication no
Change to yes if you don't trust ~/.ssh/known_hosts for
RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#AFSTokenPassing no
Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no
Set this to 'yes' to enable PAM keyboard-interactive authentication
Warning: enabling this may bypass the setting of 'PasswordAuthentication'
#PAMAuthenticationViaKbdInt no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#MaxStartups 10
no default banner path
#Banner /some/path
#VerifyReverseMapping no
#ShowPatchLevel no
override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
Ciphers aes256-cbc,aes128-cbc
Change the "Yes" after PermitRootLogin to "yes", it's case sensitive and doesn't like the capital Y.
Alex
www.phdvirtual.com - esXpress backup
Change the "Yes" after PermitRootLogin to "yes", it's case sensitive and doesn't like the capital Y.
Alex
www.phdvirtual.com - esXpress backup
That was it. Thanks Mittel!!