This section can help you diagnose and resolve issues with your PingID SSH installation.
Verifying your PingID installation
Before performing the post-installation steps, verify the successful installation of PingID.
Troubleshooting SSH issues
Most SSH issues can be resolved by rerunning the installation package or reverting to a previous system state.
-
If you installed from the binary package, and got the following error response,
The method driver /usr/lib/apt/methods/https could not be found from apt-get - install apt-transport-https
, then rerun using the following command:sudo apt-get install apt-transport-https
-
If you installed and integrated PingID with SSH, but users are unable to
authenticate successfully, revert to the system state prior to the PingID SSH
installation.
- If your installation is on a physical machine:
- If you have kept an open session with root permissions, use that session.
- If you do not have an open session, you must access the machine to open a local root console session.
- If your installation is a virtual machine (VM), you should open a root console session in the VM control console.
- If your installation is on a physical machine:
Troubleshooting the PingID SSH installation on Solaris 10
Dealing with problems with Solaris 10.
If you are experiencing problems with Solaris 10, checking the following items may assist.
- Run the pkginfo command. The output might be helpful to find missing packages and for general investigation of Solaris hosts
- Check the console output and contents of config.log file produced during execution of the ./configure script. It plays vital role in investigation of compilation/installation issues
- If you use opencsw repository to satisfy requirements of
PingID SSH, then the libcurl4, libcurl_dev,
libssl1_0_0, libssl_dev, libcares_dev, librtmp_dev,
libssh2_dev, libkrb5_dev, libbrotli_dev and
openldap_dev packages are mandatory (this list is far longer than the
official requirements due to a bug in curl-config from opencsw
repository). These libraries can be installed with the
command:
/opt/csw/bin/pkgutil -y -i libcurl4 libcurl_dev libssl1_0_0 libssl_dev libcares_dev librtmp_dev libssh2_dev libkrb5_dev libbrotli_dev openldap_dev
- curl-config allows the ./configure script to locate libcurl dependencies and their location, so it is preferable to have the containing directory of curl-config in the PATH (for example, /opt/csw/bin). Solaris 11 hosts usually do not require any additional changes in this regard.
- If you use the opencsw repository it is preferable to install
and use a more modern compiler, than default GCC which comes with the
operating system. One such compiler can be installed with the
/opt/csw/bin/pkgutil -y -i gcc5core command. Preference to
the latter GCC over the original one is achieved by setting
/opt/csw/bin ahead of /usr/sfw/bin in
the command below:
export PATH=/usr/sbin:/usr/bin:/opt/csw/bin:/usr/ccs/bin:/usr/sfw/bin
- If the cURL and OpenSSL libraries are installed outside of the
default-search-path-for-libraries-during-linking (which are usually
/lib and /usr/lib), then it is
preferable to add this path via the LDFLAGS variable when calling the
./configure script. For example, if these libraries are
installed into /opt/csw/lib, the ./configure
command becomes:
LDFLAGS="-L/opt/csw/lib" ./configure --with-pam --prefix=/usr
Troubleshooting integration with SSH on HP-UX
If you are having trouble with the PingID integration with SSH when using it with PAM, it may be due to the X/Open Networking Interfaces of the version of libcurl that is installed. The version of libcurl may have been built without the additional flag for X/Open Sockets functionality. (For more information, see the xopen_networking man page.)
To resolve this issue:
- Remove the version of
libcurl
that was installed with depothelper. - Build
libcurl
from the source files:- Install the required
libraries:
depothelper openldap-2.4.45 depothelper libssh2
- Download https://curl.se/download/curl-7.54.1.tar.gz and copy it to the server.
- Unzip the downloaded
tarball:
/usr/contrib/bin/gunzip curl-7.54.1.tar.gz tar xvf curl-7.54.1.tar
- Build
libcurl
and install it to /usr/local/lib/hpux64:cd curl-curl-7.54.1 ./configure CC="cc" CFLAGS="-O -AC99 +DD64" CPPFLAGS="-I/usr/local/include -D_XOPEN_SOURCE=600 -D_HPUX_ALT_XOPEN_SOCKET_API" LDFLAGS="+DD64 -Wl,+b -Wl,/usr/local/lib/hpux64 -L/usr/local/lib/hpux64" --libdir=/usr/local/lib/hpux64 --disable-dict --disable-file --disable-ftp --disable-gopher --disable-imap --disable-manual --disable-ntlm-wb --disable-pop3 --disable-rtsp --disable-smb --disable-smtp --disable-sspi --disable-telnet --disable-tftp --disable-unix-sockets --without-brotli --without-libidn2 --without-librtmp make make install
- Install the required
libraries:
- Build the PingID SSH agent, as described in Installation example for HP-UX.