[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] ssh
- Subject: Re: [cobalt-users] ssh
- From: Jay Summers <jay@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri Mar 2 15:56:37 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> Here is exactly what I did to my RaQ3i:
>
>
> 1. Get openssl-0.9.6.tar.gz and openssh-2.5.1p1.tar.gz
> from Openssh.com and Openssl.com
>
> 2. Enable telnet on your machine via the web interface and
> TEST IT before you proceed.
>
> 3. Telnet in, become root and stop the ssh daemon
>
> 4. Untar openssl-0.9.6.tar.gz and openssh-2.5.1p1.tar.gz using
> tar xvf
>
> 5. cd openssl-0.9.6 and do ./config; make; make test; make install
> (this is a good time to get a Guinness - compilation takes 10 mins +/-)
>
> 6. Once OpenSSL has completed, cd into openssh-2.5.1p1 and do
> ./configure --prefix=/usr/local --sysconfdir=/etc; make; make install
>
> 7. vi /etc/rc.d/init.d/sshd (and insert the following)
>
>
> #!/bin/sh
>
> case "$1" in
> 'start')
> if [ -x /usr/local/sbin/sshd -a -f /etc/sshd_config ]; then
> echo "Starting the SSH daemon..."
> /usr/local/sbin/sshd
> fi
> ;;
> 'stop')
> /usr/bin/killall sshd
> echo "Stopping the SSH daemon..."
> ;;
> *)
> echo "Usage: /etc/init.d/sshd { start | stop }"
> ;;
>
> esac
> exit 0
>
>
> 8. Simlink startup scripts - cd /etc/rc.d/rc2.d then ln -s ../init.d/sshd
> S75sshd
>
> 9. mv /etc/sshd_config /etc/sshd_config_old (or delete it) vi
> /etc/sshd_config
> and insert the following:
>
>
> Port 22
> ListenAddress 0.0.0.0
> PidFile /etc/sshd.pid
> Protocol 2,1
> SyslogFacility AUTH
> LogLevel INFO
> HostKey /etc/ssh_host_key
> HostKey /etc/ssh_host_dsa_key
> KeyRegenerationInterval 900
> ServerKeyBits 1024
> CheckMail no
> KeepAlive no
> PrintMotd no
> PermitRootLogin no
> IgnoreRhosts no
> X11Forwarding no
> RhostsAuthentication no
> RhostsRSAAuthentication yes
> RSAAuthentication yes
> PasswordAuthentication yes
> PermitEmptyPasswords no
> UseLogin no
> StrictModes yes
> LoginGraceTime 180
>
>
> 10. Test the script - ./S75sshd start - should say "Starting the SSH
> daemon..."
> then do ./S75sshd stop and you should see "Stopping the SSH daemon..."
>
> 11. ./S75sshd start to officially enable it
>
> 12. Verify the new install by ssh -v and you will see:
> OpenSSH_2.5.1p1, SSH Protocols 1.5/2.0, OpenSSL 0x0090600f
> Usage: ssh [options] host [command]
>
> 13. Test connectivity - ssh -v -l admin localhost (-v is verbose,
> recommended
> for verification)
>
> 14. Turn off telnet via the web interface, ssh in and change your admin
> password.
>
> 15. Go grab another Guinness and congratulate yourself.
>
> Please read through the OSSH and OSSL README and INSTALL docs for detailed
> explanations and troubleshooting information.
Hey Brandon,
I was wondering if you've done this installation on a RAQ2 with the old
Cobalt SSL package that they use to sell? I've got that particular package
installed on one of my RAQ2's and I noticed it is using OpenSSL. Will this
installation mess with the Cobalt SSL package? Will it install over the old
version, or can I just set a new path for it? Any help would be greatly
appreciated.
thanks,
Jay