[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] ssh

Subject: RE: [cobalt-users] ssh
From: Brandon Wheaton <brandonw@xxxxxxxxxxxx>
Date: Wed Feb 21 20:08:12 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> -----Original Message-----
> From: Jason Bielenda [mailto:jbielenda@xxxxxxxxxxxxxxxx]
>
> I am having trouble getting secure shell to load on a cube 3. 
> I can extract it, and ./configure it, but when i go to run a 
> make i get an error message that says
> there are no make files, but they are there. what version of 
> ssh should i install and are there any tricks to it?


Here is exactly what I did to my RaQ3i:


1. Get openssl-0.9.6.tar.gz and openssh-2.5.1p1.tar.gz 
   from Openssh.com and Openssl.com

2. Enable telnet on your machine via the web interface and 
   TEST IT before you proceed.

3. Telnet in, become root and stop the ssh daemon

4. Untar openssl-0.9.6.tar.gz and openssh-2.5.1p1.tar.gz using 
   tar xvf

5. cd openssl-0.9.6 and do ./config; make; make test; make install
   (this is a good time to get a Guinness - compilation takes 10 mins +/-)

6. Once OpenSSL has completed, cd into openssh-2.5.1p1 and do 
   ./configure --prefix=/usr/local --sysconfdir=/etc; make; make install
   
7. vi /etc/rc.d/init.d/sshd (and insert the following)


	#!/bin/sh

	case "$1" in
	'start')
      	  if [ -x /usr/local/sbin/sshd -a -f /etc/sshd_config ]; then 
              	echo "Starting the SSH daemon..."
         	      /usr/local/sbin/sshd
        	fi
        	;;
	'stop')
      	  /usr/bin/killall sshd
              echo "Stopping the SSH daemon..."
        	;;
	*)
      	  echo "Usage: /etc/init.d/sshd { start | stop }"
        	;;

	esac
	exit 0


8. Simlink startup scripts - cd /etc/rc.d/rc2.d then ln -s ../init.d/sshd
S75sshd

9. mv /etc/sshd_config /etc/sshd_config_old (or delete it) vi
/etc/sshd_config 
   and insert the following:


	Port 22
	ListenAddress 0.0.0.0
	PidFile /etc/sshd.pid
	Protocol 2,1
	SyslogFacility AUTH
	LogLevel INFO
	HostKey /etc/ssh_host_key
	HostKey /etc/ssh_host_dsa_key
	KeyRegenerationInterval 900
	ServerKeyBits 1024
	CheckMail no
	KeepAlive no
	PrintMotd no
	PermitRootLogin no 
	IgnoreRhosts no
	X11Forwarding no
	RhostsAuthentication no
	RhostsRSAAuthentication yes
	RSAAuthentication yes
	PasswordAuthentication yes
	PermitEmptyPasswords no
	UseLogin no
	StrictModes yes
	LoginGraceTime 180


10. Test the script - ./S75sshd start - should say "Starting the SSH
daemon..."
    then do ./S75sshd stop and you should see "Stopping the SSH daemon..."

11. ./S75sshd start to officially enable it

12. Verify the new install by ssh -v and you will see:
	 OpenSSH_2.5.1p1, SSH Protocols 1.5/2.0, OpenSSL 0x0090600f
	 Usage: ssh [options] host [command]

13. Test connectivity - ssh -v -l admin localhost (-v is verbose,
recommended 
    for verification)

14. Turn off telnet via the web interface, ssh in and change your admin
password.

15. Go grab another Guinness and congratulate yourself.

Please read through the OSSH and OSSL README and INSTALL docs for detailed 
explanations and  troubleshooting information.


Good luck and take care. 

Brandon Wheaton
UNIX Systems Engineer 
ValiCert, Inc.
1215 Terra Bella Ave. 
Mountain View, CA 94043 
650.280.UNIX 

----
Sure UNIX is user friendly; it's just picky about who its friends are.

Follow-Ups:
- [cobalt-users] RE: ssh
  - From: Michael Aronoff
- RE: [cobalt-users] ssh
  - From: Jacob Smith

Prev by Date: RE: [cobalt-users] RE: hacked raq
Next by Date: Re: [cobalt-users] Help with Port 69 & Portsentry / Logcheck
Previous by thread: Re: [cobalt-users] ssh
Next by thread: [cobalt-users] RE: ssh

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index