SSH 2.1.1p4 configuration

tested on eDesktop 2.4 standard issue kernel   09/04/2000
Marianne Taylor

1)  Download and install the tar files exactly as described by Les Bell.  The only difference for me was the openssh version.  I went with the latest available as of August 12, 2000, version 2.1.1p4.  Obviously you need to install on both boxes.

2)  At the end of the make install the host keys should be generated.  I can't remember if it asks you where to put them.  Mine are in /etc/ssh.

3)  You should then switch to the /home/user/.ssh and generate the users keys.
Run ssh-keygen (generates for SSH1) and/or ssh-keygen -d (generates for SSH2).
I don't think you need to do both but I did.  You need to enter a passphrase.
When prompted store in the defaults which are identity,, id_dsa,

4) Generate authorized_keys and authorized_keys2
cp authorized_keys
cp authorized_keys2

5)  Generate the keys as the user you want to access on your other box in the same fashion as above repeating steps 3 & 4.

6)  Copy the .pub user files over to the other system and vice versa.
Then run
cat "/location/other_machine/" >> /home/"username"/.ssh/authorized_keys(2)
Remember to put in the authorized_keys2 and into the authorized_keys.

7)  Next you need to copy over to the other systems the public host keys.  As mentioned above mine are stored in the default /etc/ssh.  You must do this for both systems.  These are entitled:
 ssh_host_key (SSH1)
 ssh_host_dsa_key (SSH2)

8)  Make the ssh_known_hosts and ssh_known_hosts2 on each system.  These are made in the same manner as the authorized keys, except you need to enter the hostname and domain name (and any alias) of the box it belongs to at the
beginning of the key:

eg),gateway,gw,x.x.x.x keyyyyyyyyyyy.......

Note the various names for the box are seperated by commas and then a space is put in before the start of the key.  Do this for all the host you will be sshing to.  Make sure to put the dsa_keys in the ssh_known_hosts2 and the host_keys in the other.  You can tell the difference with a text editor by the beginning of the key:  dsa keys start with ssh-dss and then the gobbly gook.

9)  Next make a .shosts file with the syntax:
hostname.domainname user
where the user is someone you will permit to sign in without a password

also do .rhosts with the same syntax.
Both these files go in /home/"username"/.ssh

10) Next make hosts.equiv in /etc and shosts.equiv in /etc/ssh.
These contain hostnames that can access your system.
Syntax the same as for .shosts but it is not recommended that you put the user names in these files.

We're getting close now:
11)  Finally you need to do the config files.  The binary will install defaults in the /etc/ssh directory. ssh_config and
sshd_config and I made them the same on both systems.

12)  Next check all the file permissions.  They have to be exactly so or ssh might not work.

-rw-r--r--   1 root     root        28 Aug 13 21:37 hosts.equiv

files in .ssh
drwx------   2 mtaylor  mtaylor   1024 Aug 14 22:34 .
drwx------   5 mtaylor  mtaylor   1024 Aug 10 21:47 ..
-rw-------   1 mtaylor  mtaylor     44 Aug 14 22:21 .rhosts
-rw-------   1 mtaylor  mtaylor     44 Aug 14 22:22 .shosts
-rw-------   1 mtaylor  mtaylor   1022 Aug 13 22:18 authorized_keys
-rw-------   1 mtaylor  mtaylor    1835 Aug 13 16:38 authorized_keys2
-rw-------   1 mtaylor  mtaylor    744 Aug 12 15:30 id_dsa
-rw-r--r--   1 mtaylor  mtaylor    612 Aug 12 15:30
-rw-------   1 mtaylor  mtaylor    537 Aug 13 22:14 identity
-rw-r--r--   1 mtaylor  mtaylor    341 Aug 13 22:14

files in /etc/ssh
drwxr-xr-x   2 root     root      1024 Aug 14 22:18 .
drwxr-xr-x  41 root     root      3072 Aug 14 09:49 ..
-rw-r--r--   1 root     root        28 Aug 13 21:37 shosts.equiv
-rw-r--r--   1 root     root       974 Aug 13 15:19 ssh_config
-rw-------   1 root     root       668 Aug 13 15:20 ssh_host_dsa_key
-rw-r--r--   1 root     root       609 Aug 13 15:20
-rw-------   1 root     root       534 Aug 13 15:19 ssh_host_key
-rw-r--r--   1 root     root       338 Aug 13 15:19
-rw-r--r--   1 root     root       752 Aug 13 21:52 ssh_known_hosts
-rw-r--r--   1 root     root      1294 Aug 13 21:53 ssh_known_hosts2
-rw-r--r--   1 root     root      1258 Aug 13 22:48 sshd_config

13)You must have a sshd file in the /etc/pam.d directory. Mine looks like this sshd

14) All should be ready now.  Start sshd by typing "sshd".  You can automatically start sshd at each bootup by placing the following line in your /etc/rc.d/rc.local file.

Anytime you make changes to the configuration files you need to stop and restart the daemon.
killall sshd

Contact the other machine by typing   ssh

So far this is the only way I could get my system to work with ssh. I couldn't get passwords to be accepted so had to go with this
Any suggestions on how to improve this sxs would be appreciated or how to solve the rejection of passwords issue would be greatly appreciated.

searchSearch Index