#########################
# Step 1 # Copy package from /u/goelc/sol_patch/< respective sol volume>
#########################
openssh-4.7p1-sol8-sparc-local.gz
openssl-0.9.8h-sol8-sparc-local.gz
prngd-0.9.25-sol8-sparc-local.gz
zlib-1.2.3-sol8-sparc-local.gz
#########################
# Step 2 # uncompress all the gzip’d files
#########################
gunzip –d openssh-4.7p1-sol8-sparc-local.gz
gunzip –d openssl-0.9.8f-sol8-sparc-local.gz
gunzip –d prngd-0.9.25-sol8-sparc-local.gz
gunzip –d zlib-1.2.3-sol8-sparc-local.gz
#########################
# Step 3 # install the packaes in this sequence
#########################
#pkgadd -d openssl-0.9.8f-sol8-sparc-local
The following packages are available:
1 SMCosslc openssl
(sparc) 0.9.8f
#pkgadd -d prngd-0.9.25-sol8-sparc-local
The following packages are available:
1 SMCprngd prngd
(sparc) 0.9.25
# pkgadd -d zlib-1.2.3-sol8-sparc-local
The following packages are available:
1 SMCzlib zlib
(sparc) 1.2.3
# pkgadd -d openssh-4.7p1-sol8-sparc-local
The following packages are available:
1 SMCosh471 openssh
(sparc) 4.7p1
#########################
# Step 4: Startup Script
#########################
# cp sshd.sh to /etc/init.d/sshd
Make the script executable and create a startup script on run level 2.
# chmod +x /etc/init.d/sshd
# ln -s /etc/init.d/sshd /etc/rc2.d/S99sshd
#########################
# Step 5: same thing for prngd
#########################
# cp prgnd.sh /etc/init.d/prngd
# chmod +x /etc/init.d/prngd
/# ln -s /etc/init.d/prngd /etc/rc2.d/S99prngd
#########################
# Step 6: path it correctly(** remember to add to .profile also)
#########################
export PATH=$PATH:/usr/local/bin:/usr/local/sbin:.
#########################
# Step 7: startup the processes prngd first
#########################
/etc/init.d >./prngd start
starting PRNG daemon
/etc/init.d >Info: Random pool not (yet) seeded
Could not bind socket to /var/spool/prngd/pool: No such file or directory
Jun 1 14:50:19 XXXXXX prngd[2730]: [ID 388259 daemon.alert] Could not bind socket to /var/spool/prngd/pool: No such file or directory
#########################
# Step 8: create the missing folder then try again
#########################
/etc/init.d >mkdir -p /var/spool/prngd
/etc/init.d >./prngd start
starting PRNG daemon
/etc/init.d >Info: Random pool not (yet) seeded
#########################
# Step 9: start ssh process
#########################
/etc/init.d >sshd start
ld.so.1: sshd: fatal: libgcc_s.so.1: open failed: No such file or directory
Killed
/etc/init.d >
# mkdir /var/empty
# chown root:sys /var/empty
# chmod 755 /var/empty
# groupadd sshd
# useradd -g sshd -c ’sshd privsep’ -d /var/empty -s /bin/false sshd
/var/empty should not contain any files.
The default sshd_config file in /usr/local/etc has the last line
Subsystem sftp /usr/libexec/sftp-server
#########################
# Step 10: Create keys for V2
#########################
The errors above are due to the fact that we didn’t create any key pairs for our ssh server.
Create a public key pair to support the new, DSA-based version 2 protocol
/ >/usr/local/bin/ssh-keygen -d -f /usr/local/etc/ssh_host_dsa_key -N “”
Generating public/private dsa key pair.
Your identification has been saved in /usr/local/etc/ssh_host_dsa_key.
Your public key has been saved in /usr/local/etc/ssh_host_dsa_key.pub.
The key fingerprint is:
ce:af:e5:96:e6:94:78:23:93:07:03:3a:0a:d0:90:1f root@XXXXXX
/ >
#########################
# Step 11: Create keys also to cater for V1 (OPTIONAL)
#########################
Create a public key pair to support the old, RSA-based version 1 protocol
/ > /usr/local/bin/ssh-keygen -b 1024 -f /usr/local/etc/ssh_host_rsa_key -t rsa -N “”
Generating public/private rsa key pair.
Your identification has been saved in /usr/local/etc/ssh_host_rsa_key.
Your public key has been saved in /usr/local/etc/ssh_host_rsa_key.pub.
The key fingerprint is:
e9:7f:8d:2c:a1:64:66:4b:87:4a:14:99:0b:69:8e:dd root@XXXXXX
/ >
#########################
# Step 12: startup ssh again
#########################
/usr/local/etc >/etc/init.d/sshd start
starting SSHD daemon
/usr/local/etc >Could not load host key: /usr/local/etc/ssh_host_key
Disabling protocol version 1. Could not load host key
Missing privilege separation directory: /var/empty
#########################
# Step 13: vi sshd_config
#########################
/usr/local/etc >ls
moduli ssh_host_dsa_key ssh_host_rsa_key.pub
prngd ssh_host_dsa_key.pub sshd_config
ssh_config ssh_host_rsa_key
/usr/local/etc >
/usr/local/etc >cat sshd_config | grep -i protocol
#Protocol 2,1
vi to edit ssh_config and uncomment the above line so it will look like this without the ‘#’
Protocol 2,1
/etc/init.d >mkdir -p /var/empty
/etc/init.d >./sshd start
starting SSHD daemon
/etc/init.d >Could not load host key: /usr/local/etc/ssh_host_key
Disabling protocol version 1. Could not load host key
/etc/init.d >ps -ef |grep ssh
root 2937 2816 0 15:31:19 pts/5 0:00 grep ssh
root 2934 1 0 15:31:07 ? 0:00 /usr/local/sbin/sshd
/usr/local/etc >ps -ef| grep prngd
root 2944 2816 0 15:32:37 pts/5 0:00 grep prngd
root 2734 1 0 14:51:10 ? 0:00 /usr/local/sbin/prngd /var/spool/prngd/pool