Please consider a donation to the Higher Intellect project. See https://preterhuman.net/donate.php or the Donate to Higher Intellect page for more info.

Setup neko sshd

From Higher Intellect Vintage Wiki

Overview[edit]

Perform the following steps:

  1. Install neko_ssh, for more details see Nekoware
  2. Check if the directory '/var/empty' exists, otherwise create it.
  3. Check if a group[1] and user[2][3] named 'sshd' exists, otherwise create them.
  4. Shutdown the IRIX or Freeware sshd and disable it with chkconfig. It's not installed by default.
  5. Run 'chkconfig -f neko_sshd on'
  6. Start the daemon with '/etc/init.d/neko_sshd start'

Notes:

[1] Create the group first by editing /etc/group with your favorite editor. If you have fw_openssh installed you may have already a sshd account which you can use.

[2] Use the gui to add a user, or from commandline via: /usr/sysadm/privbin/addUserAccount

[3] The shell for this user is set to /bin/false and $home is the /var/empty dir from above

[4] Lock the new account with passwd -l sshd

A 'ps -edalf | grep sshd' will show if a process is currently up and running. Try to connect with a 'ssh user@localhost'. If this works, stop the sshd daemon and start editing the /usr/nekoware/etc/sshd_config and ssh_config files. You may want to limit the use of ssh version 2 protocol, disallow root logins, enable x-forwarding and more.

Before upgrading neko_sshd to a newer version, make a copy of your existing config files as previous versions of the neko package overwrite them.

Enabling X-Forwarding[edit]

In order to enable X-forwarding to a remote terminal open the following file:

 /usr/nekoware/etc/sshd_config 

And ensure the lines following settings are set to:

X11Forwarding yes
X11DisplayOffset 10 
X11UseLocalHost yes

SSH without entering a password[edit]

Use ssh-keygen to generate keys and copy the keys to each machine.

   ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P 
   scp $HOME/.ssh/id_dsa.pub user@othermachine:/usr/people/username 
   cat id_dsa.pub >> $HOME/.ssh/authorized_keys2
   chmod 0600 $HOME/.ssh/authorized_keys2
   ssh -i $HOME/.ssh/id_dsa othermachine
  • Reference: SSH, The secure Shell:The definitive Guide, O Rielly and associates. ISBN 0-596-00011-1

See also[edit]

  • man ssh-keygen
  • man ssh
  • man ssh_config

External link[edit]

Pertinent nekochan.net discussion, with an example sshd_config, is available [1]