How to Configure an LDAP User to Administer Remote Compliance
You must have the rights to assign the Compliance Assessor rights profile. The root
role or an administrator with the Compliance Assessor rights profile can assign the profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
Troubleshooting
If the user continues to be prompted for a password, debug the client-server connection.
As root
, debug the Secure Shell server. Run a command similar to the following:
SSHserver#
/usr/lib/ssh/sshd -p 2222 -d
In a different terminal window and using the same port, connect as the user from the client and search for the ultimate cause of the failure.
SSHclient$
ssh -p 2222 SSHserver
Messages similar to the following can indicate the ultimate cause of the failure:
Authentication refused: bad ownership or modes for directory /home/
username
In this instance, the user has a writable group directory above the directory where the private key is stored. Change the directory permissions to 755
.