Configuring OpenSSH on Solaris 8
Solaris 8 doesn’t come with the SSH and SFTP like features, to enable these we have to configure and install a third party package OpenSSH.
/dev/random and /dev/random built-in, but patches have been released to correct this. The packages need to be on the system to use ssh properly are openssl, openssh, zlib and libgcc .All the packages are freely available on www.sunfreeware.com.
Installation Steps:
Step 1:
a) Installing the random patches for Solaris 8 (creates /dev/random files) if doesn’t installed.
Patches: 112438-03 for Solaris 8 sparc
112439-02 for Solaris 8 X86
We will get “PRNG is not seeded” error if you proceed without this patch
b) After installation take a reconfiguration boot to create new devices.
#reboot -- -r
Step 2: Installing the packages Below mentioned packages are needed to be downloaded and installed as below:
openssh-5.2p1-sol8-sparc-local.gz
openssl-0.9.8k-sol8-sparc-local.gz
zlib-1.2.1-sol8-sparc-local.gz
libgcc-3.4.6-sol8-sparc-local.gz
Install the following packages –
a) #gunzip openssh-5.2p1-sol8-sparc-local.gz
b) #gunzip openssl-0.9.8k-sol8-sparc-local.gz
c) #gunzip zlib-1.2.1-sol8-sparc-local.gz
d) #gunzip libgcc-3.4.6-sol8-sparc-local.gz
e) #pkgadd -d openssl-0.9.8k-sol8-sparc-local
f) #pkgadd -d zlib-1.2.1-sol8-sparc-local
g) #pkgadd -d libgcc-3.4.6-sol8-sparch)
#pkgadd -d openssh-5.2p1-sol8-sparc-local
Once we have installed the above packages we will have files in various subdirectories of /usr/local. We should now find ssh in /usr/local/bin and sshd in /usr/local/sbin. Make sure we have /usr/local/bin and /usr/local/sbin in your PATH environment variable.
Step 3:
a) Setting up the sshd user and the /var/empty directory
This method is now the default in openssh.
#mkdir /var/empty
#chown root:sys /var/empty
#chmod 755 /var/empty
#groupadd sshd
#useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd
/var/empty should not contain any files.
b) The /usr/local/etc /sshd_config file defaultly has the last line
Subsystem sftp /usr/libexec/sftp-server
This may need to be changed to
Subsystem sftp /usr/local/libexec/sftp-server
Step 4: Installing ssh and sshd
a) Each machine that you want to communicate with via the ssh client will need to have an sshd daemon running. But first, we need to run the following three lines to create the key information for the server machine. Again, make sure you have /usr/local/bin and /usr/local/sbin in the PATH.
If we have been running sshd before and have keys in /usr/local/etc, running these commands will overwrite them. As root, enter
# ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""
# ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N ""
# ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N ""
and wait until each is done - this may take a few minutes depending on the speed of your machine.
c) Now we can set up scripts to start the sshd daemon
# cd /etc/init.d
Script---
# cd /etc/init.d
# vi sshd
#!/bin/sh
pid=`/usr/bin/ps -e | /usr/bin/grep sshd | /usr/bin/sed -e 's/^ *//' -e 's/ .*//'`
case $1 in
'start')
/usr/local/sbin/sshd
echo "sshd demon started"
;;
'stop')
if [ "${pid}" != "" ]
then
/usr/bin/kill ${pid}
fi
;;
*)
echo "usage: /etc/init.d/sshd {start|stop}"
;;
esac
# chown root /etc/init.d/sshd
# chgrp sys /etc/init.d/sshd
# chmod 555 /etc/init.d/sshd
# ln -s /etc/init.d/sshd /etc/rc2.d/S98sshd
# /etc/rc2.d/S98sshd start will start the process
# /etc/rc2.d/S98sshd stop will stop the sshd daemon.
# ps -e | grep sshd to see if sshd is running.
0 comments:
Post a Comment