======user status========passwd -s solarisusersolarisuser LK======/var

1. ======user status========
2. passwd -s solarisuser
3. solarisuser LK
4.  
5. ======/var/log/auth========
6. May 11 03:39:47 SOLARIS10 sshd[13221]: [ID 492425 auth.error] Warning: could not acquire NIS domain internal yp server or client error
7. May 11 03:39:47 SOLARIS10 sshd[13221]: [ID 800047 auth.info] Accepted publickey for solarisuser from 10.232.64.25 port 56844 ssh2
8.  
9. ======sshd_config========
10. # $OpenBSD: sshd_config,v 1.68 2003/12/29 16:39:50 millert Exp $
11.  
12. # This is the sshd server system-wide configuration file. See
13. # sshd_config(5) for more information.
14.  
15. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
16.  
17. # The strategy used for options in the default sshd_config shipped with
18. # OpenSSH is to specify options with their default value where
19. # possible, but leave them commented. Uncommented options change a
20. # default value.
21.  
22. Port 22
23. Protocol 2
24. #ListenAddress 0.0.0.0
25. #ListenAddress ::
26.  
27. # HostKey for protocol version 1
28. HostKey /etc/ssh/ssh_host_key
29. # HostKeys for protocol version 2
30. HostKey /etc/ssh/ssh_host_rsa_key
31. HostKey /etc/ssh/ssh_host_dsa_key
32.  
33. # Lifetime and size of ephemeral version 1 server key
34. #KeyRegenerationInterval 1h
35. #ServerKeyBits 768
36.  
37. # Logging
38. #obsoletes QuietMode and FascistLogging
39. SyslogFacility AUTH
40. LogLevel INFO
41.  
42. # Authentication:
43.  
44. LoginGraceTime 2m
45. PermitRootLogin without-password
46. StrictModes yes
47.  
48. RSAAuthentication yes
49. PubkeyAuthentication yes
50. AuthorizedKeysFile .ssh/authorized_keys2
51.  
52. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
53. #RhostsRSAAuthentication no
54. # similar for protocol version 2
55. #HostbasedAuthentication no
56. # Change to yes if you don't trust ~/.ssh/known_hosts for
57. # RhostsRSAAuthentication and HostbasedAuthentication
58. IgnoreUserKnownHosts no
59. # Don't read the user's ~/.rhosts and ~/.shosts files
60. IgnoreRhosts yes
61.  
62. # To disable tunneled clear text passwords, change to no here!
63. PasswordAuthentication yes
64. PermitEmptyPasswords no
65.  
66. # Change to no to disable s/key passwords
67. ChallengeResponseAuthentication yes
68.  
69. # Kerberos options
70. KerberosAuthentication yes
71. KerberosOrLocalPasswd yes
72. KerberosTicketCleanup yes
73. #KerberosGetAFSToken no
74.  
75. # GSSAPI options
76. GSSAPIAuthentication yes
77. GSSAPICleanupCredentials yes
78.  
79. # Set this to 'yes' to enable PAM authentication (via challenge-response)
80. # and session processing. Depending on your PAM configuration, this may
81. # bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords'
82. UsePAM yes
83. UsePAMSetCred yes
84.  
85. AllowTcpForwarding yes
86. GatewayPorts no
87. X11Forwarding yes
88. X11DisplayOffset 10
89. X11UseLocalhost yes
90. PrintMotd no
91. PrintLastLog yes
92. TCPKeepAlive yes
93. UseLogin no
94. UsePrivilegeSeparation no
95. #PermitUserEnvironment no
96. Compression yes
97. ClientAliveInterval 0
98. ClientAliveCountMax 3
99. UseDNS yes
100. PidFile /var/run/sshd.pid
101. MaxStartups 10
102.  
103. # no default banner path
104. #Banner /some/path
105.  
106. # override default of no subsystems
107. Subsystem sftp /usr/libexec/sftp-server