Setup neko sshd

From Higher Intellect Wiki
Jump to: navigation, search

After installing the latest neko_sshd...

Perform the following steps:

1. Check if the directory '/var/empty' exists, otherwise create it.
2. Check if a group[1] and user[2][3] named 'sshd' exists, otherwise create them.  
3. Shutdown the IRIX or Freeware sshd and disable it with chkconfig. It's not installed by default.
4. Run 'chkconfig -f neko_sshd on'
5. Start the daemon with '/etc/init.d/neko_sshd start'

A 'ps -edalf | grep sshd' will show if a process is currently up and running. Try to connect with a 'ssh user@localhost'. If this works, stop the sshd daemon and start editing the /usr/nekoware/etc/sshd_config and ssh_config files. You may want to limit the use of ssh version 2 protocol, disallow root logins, enable x-forwarding and more.

Before upgrading neko_sshd to a newer version, make a copy of your existing config files as previous versions of the neko package overwrite them.

[1] Create the group first by editing /etc/group with your favorite editor. If you have fw_openssh installed you may have already a sshd account which you can use.
[2] Use the gui to add a user, or from commandline via: /usr/sysadm/privbin/addUserAccount 
[3] The shell for this user is set to /bin/false and $home is the /var/empty dir from above.
[4] Lock the new account with passwd -l sshd .

Courtesy of Joerg.

SSH without entering a password

Use ssh-keygen to generate keys and copy the keys to each machine.

   ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P 
   scp $HOME/.ssh/ user@othermachine:/usr/people/username 
   cat >> $HOME/.ssh/authorized_keys2
   chmod 0600 $HOME/.ssh/authorized_keys2
   ssh -i $HOME/.ssh/id_dsa othermachine

  • Reference: SSH, The secure Shell:The definitive Guide, O Rielly and associates. ISBN 0-596-00011-1

See also

  • man ssh-keygen
  • man ssh
  • man ssh_config

External link

Pertinent discussion is available here

Share your opinion