INSTALLING SSH IN SOLARIS 8

Where is this INSTALL document?

INSTALL files (and config or configure scripts) are usually associated with source installations. Since you're installing from a package, you shouldn't need that.

Also .ssh/config (not ./config (unless you're in .ssh)) is a configuration file for the SSH client. But it's not executable.

Does it just run at this point? Can you do /usr/local/sbin/sshd (or wherever it installed)? You'll probably need to create host keys with /usr/local/bin/ssh-keygen and then create (or find) a startup script if one wasn't installed.

--

Darren

Darren_Dunhama at 2007-7-8 21:37:54 >

Follow this steps recently i did it in a solaris 8 box

hope this will solve your issue

****************************************

Ssh installation for Solaris 8

Introduction:

Secure shell (SSH) is a protocol that provides a secure, remote connection to any device with ssh support. SSH is a substitute to Berkeley r-tools like telnet, rlogin, rsh and rcp which are not secure. SSH provides more security to any data that is being transported to the Internet by providing more authentication, encryption and authorization procedures. There are currently two versions of SSH available, SSH Version 1 and SSH Version 2

openssh

openssl (SSL)

prngd (Psuedo Random Generator Daemon)

zlib (Z library)

Installation:

#pkgadd -d openssl-0.9.6c-sol8-sparc-local

The following packages are available:

1 SMCosslc openssl

(sparc) 0.9.6c

Select package(s) you wish to process (or 'all' to process

all packages). (default: all) [?,?,q]:

#pkgadd -d prngd-0.9.23-sol8-sparc-local

The following packages are available:

1 SMCprngd prngd

(sparc) 0.9.23

Select package(s) you wish to process (or 'all' to process

all packages). (default: all) [?,?,q]:

#pkgadd -d zlib-1.1.4-sol8-sparc-local

The following packages are available:

1 SMCzlib zlib

(sparc) 1.1.4

Select package(s) you wish to process (or 'all' to process

all packages). (default: all) [?,?,q]:

#pkgadd -d openssh-3.1p1-sol8-sparc-local

The following packages are available:

1 SMCossh openssh

(sparc) 3.1p1

Select package(s) you wish to process (or 'all' to process

all packages). (default: all) [?,?,q]:

Note:- If you are facing any problem like PRNG is not seeded please apply 112438-01 patch and reboot the system and create a symbolic link

ln -s /devices/pseudo/random@0:random /dev/random

ln -s /devices/pseudo/random@0:urandom /dev/urandom

This is because of missing /dev/random

Create SSHD account and directory

# mkdir /var/empty

# chown root:sys /var/empty

# groupadd sshd

# useradd -g sshd -c "SSHD Admin" -d /var/empty 杝 /bin/false sshd

Startup Scripts:

Create a startup script for the ssh daemon.

/etc/init.d/sshd

#! /bin/sh

#

# start/stop the secure shell daemon

case "$1" in

'start')

# Start the ssh daemon

if [ -f /usr/local/sbin/sshd ]; then

echo "starting SSHD daemon"

/usr/local/sbin/sshd &

fi

;;

'stop')

# Stop the ssh deamon

PID=`/usr/bin/ps -e -u 0 | /usr/bin/fgrep sshd | /usr/bin/awk '{print $1}'`

if [ ! -z "$PID" ] ; then

/usr/bin/kill ${PID} >/dev/null 2>&1

fi

;;

*)

echo "usage: /etc/init.d/sshd {start|stop}"

;;

esac

Make the script executable and create a startup script on run level 2.

#sh sshd start

#chmod +x /etc/init.d/sshd

#ln 杝 /etc/init.d/sshd /etc/rc2.d/S99sshd

Create a startup script for the pseudo random generator daemon.

/etc/init.d/prngd

#! /bin/sh

#

# start/stop the pseudo random generator daemon

case "$1" in

'start')

# Start the ssh daemon

if [ -f /usr/local/bin/prngd ]; then

echo "starting PRNG daemon"

/usr/local/bin/prngd /var/spool/prngd/pool&

fi

;;

'stop')

# Stop the ssh deamon

PID=`/usr/bin/ps -e -u 0 | /usr/bin/fgrep prngd | /usr/bin/awk '{print $1}'`

if [ ! -z "$PID" ] ; then

/usr/bin/kill ${PID} >/dev/null 2>&1

fi

;;

*)

echo "usage: /etc/init.d/prngd {start|stop}"

;;

esac

Make the script executable and create a startup script on run level 2.

#chmod +x /etc/init.d/prngd

#ln 杝 /etc/init.d/prngd /etc/rc2.d/S99prngd

# /etc/init.d/prngd start

starting PRNG daemon

Info: Random pool not (yet) seeded

Could not bind socket to /var/spool/prngd/pool: No such file or directory

# mkdir -p /var/spool/prngd

#/etc/init.d/prngd start

starting PRNG daemon

# Info: Random pool not (yet) seeded

#

Next is to start the actual ssh daemon,

# /etc/init.d/sshd start

starting SSHD daemon

Could not load host key: /usr/local/etc/ssh_host_key

Could not load host key: /usr/local/etc/ssh_host_rsa_key

Could not load host key: /usr/local/etc/ssh_host_dsa_key

Disabling protocol version 1. Could not load host key

Disabling protocol version 2. Could not load host key

sshd: no hostkeys available -- exiting.

#

The errors above are due to the fact that we didn't create any key pairs for our ssh server.

Create a public key pair to support the new, DSA-based version 2 protocol

# /usr/local/bin/ssh-keygen -d -f /usr/local/etc/ssh_host_dsa_key -N ""

Generating public/private dsa key pair.

Your identification has been saved in /usr/local/etc/ssh_host_dsa_key.

Your public key has been saved in /usr/local/etc/ssh_host_dsa_key.pub.

The key fingerprint is:

00:91:f5:8a:55:7c:ac:ff:b7:08:1f:ce:23:aa:f2:79 root@solaris8

Create a public key pair to support the old, RSA-based version 1 protocol

# /usr/local/bin/ssh-keygen -b 1024 -f /usr/local/etc/ssh_host_rsa_key -t rsa -N ""

Generating public/private rsa1 key pair.

Your identification has been saved in /usr/local/etc/ssh_host_rsa_key.

Your public key has been saved in /usr/local/etc/ssh_host_rsa_key.pub.

The key fingerprint is:

8e:b0:1d:8a:22:f2:d2:37:1f:92:96:02:e8:74:ca:ea root@solaris8

Edit ssh daemon configuration file /usr/local/etc/sshd_config, enable protocol 2 and 1

Uncomment the line, that says

protocol 2,1

# /etc/init.d//sshd start

starting SSHD daemon

*********************************************

Thnaks

RK

54645a at 2007-7-8 21:37:54 >