svcadm restart svc:/network/ssh:defaultAfter that, I carefully checked status sshd by showing listen ports.
netstat -an | grep LISTENBut I did not see ssh port listening. After that I perform ssh checking but connection was error. (Phew, fortunely I did not exit current ssh session.)
I checked status service sshd using command:
svcs -l sshResult
fmri svc:/network/ssh:default
name SSH server
enabled true
state offline
next_state none
state_time Wed Feb 04 13:15:44 2015
logfile /var/svc/log/network-ssh:default.log
restarter svc:/system/svc/restarter:default
contract_id 57
dependency require_all/none svc:/system/filesystem/local (online)
dependency optional_all/none svc:/system/filesystem/autofs (online)
dependency require_all/none svc:/network/loopback (online)
dependency require_all/none svc:/network/physical (online)
dependency require_all/none svc:/system/cryptosvc (maintenance)
dependency require_all/none svc:/system/utmp (online)
dependency require_all/restart file://localhost/etc/ssh/sshd_config (online)
In /var/adm/messages, I saw these lines:
Feb 4 13:14:14 A.B.C.D sshd[10376]: [ID 970222 auth.error] libpkcs11: Unable to contact kcfd: Bad file number
Feb 4 13:14:14 A.B.C.D sshd[10376]: [ID 748427 auth.error] libpkcs11: /usr/lib/security/pkcs11_softtoken_extra.so unexpected fai
lure in ELF signature verification. System may have been tampered with. Cannot continue parsing /etc/crypto/pkcs11.conf
Feb 4 13:14:14 A.B.C.D sshd[10376]: [ID 800047 auth.error] monitor error: pkcs11 engine does not exist
Using `elfsign verify -e /usr/lib/security/pkcs11_softtoken_extra.so` , result was passed.
After reading solaris 10 document, I reliazed that service in maintance status is not running ( or died ) and need to be clear.
So, I ran this command to restore cryptosvc
svcadm clear svc:/system/cryptosvc:defaultChecked status cryptosvc using command:
svcs -p svc:/system/cryptosvc:defaultResult:
STATE STIME FMRI
online 13:49:40 svc:/system/cryptosvc:default
13:49:40 10948 kcfd
Now I started ssh service and finished:
svcadm enable svc:/network/ssh:default