OpenSSH

OpenSSH
•SunSolve random patches 112438-01
#patchadd 112438-01

•Install /dev/random
#pkgadd -d ANDIrand-0.7-5.8-sparc-1.pkg
(www.cosy.sbg.ac.at/~andi/)

•Install
openssh-3.p1-sol8-sparc-local
openssl-0.9.6d-sol8-sparc-local
tcp_wrapper-7.6-sol8-sparf-local
zlib.1.1.4-sol8-sparc-local
optional:
perl-5.6.1-sol8-sparc-local
prngd-0.9.25-sol8-sparc-local
egd-0.8.-sol8-sparc-local

•Put /usr/local/bin /usr/local/sbin in the path

•Setup sshd user and the /var/emty directory
#mkdir /var/empty
#chown root:sys /var/empty
#chmod 755 /var/empty
#groupadd sshd
#useradd -g sshd -c ‘sshd privsep’ -d /var/empty -s /bin/false sshd

•Setup tcp wrappers
/etc/hosts.deny: sshd:ALL
/etc/hosts.allow:

•Install ssh and sshd
#ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N “”
#ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N “”
#ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N “”

•Setup scripts to start sshd
vi /etc/init.d/sshd
#chmod 555 /etc/init.d/sshd
#ln -s /etc/init.d/sshd /etc/rc2.d/S98sshd

Lazy ssh authentication (ssh2)
* Login the source machine and cd to home directory.
* dev$ ssh-keygen -t rsa
* dev$ scp .ssh/id_rsa.pub jmli@oakdev1:~/.ssh

* Login the target machine and cd to home directory.
* sev$ cd ./ssh
* sev$ cat id_rsa.pub >> authorized_keys2
* sev$ chmod go-w authorized_keys2

• Usage Examples
scp file.jar jmli@oakdev1:/tmp

•sshd_config
(For Linx)
UsePrivilegeSeparation no

This entry was posted in unix. Bookmark the permalink.