Please consider a donation to the Higher Intellect project. See https://preterhuman.net/donate.php or the Donate to Higher Intellect page for more info. |
Setup neko sshd
Overview[edit]
Perform the following steps:
- Install neko_ssh, for more details see Nekoware
- Check if the directory '/var/empty' exists, otherwise create it.
- Check if a group[1] and user[2][3] named 'sshd' exists, otherwise create them.
- Shutdown the IRIX or Freeware sshd and disable it with chkconfig. It's not installed by default.
- Run 'chkconfig -f neko_sshd on'
- Start the daemon with '/etc/init.d/neko_sshd start'
Notes:
[1] Create the group first by editing /etc/group with your favorite editor. If you have fw_openssh installed you may have already a sshd account which you can use.
[2] Use the gui to add a user, or from commandline via: /usr/sysadm/privbin/addUserAccount
[3] The shell for this user is set to /bin/false and $home is the /var/empty dir from above
[4] Lock the new account with passwd -l sshd
A 'ps -edalf | grep sshd' will show if a process is currently up and running. Try to connect with a 'ssh user@localhost'. If this works, stop the sshd daemon and start editing the /usr/nekoware/etc/sshd_config and ssh_config files. You may want to limit the use of ssh version 2 protocol, disallow root logins, enable x-forwarding and more.
Before upgrading neko_sshd to a newer version, make a copy of your existing config files as previous versions of the neko package overwrite them.
Enabling X-Forwarding[edit]
In order to enable X-forwarding to a remote terminal open the following file:
/usr/nekoware/etc/sshd_config
And ensure the lines following settings are set to:
X11Forwarding yes X11DisplayOffset 10 X11UseLocalHost yes
SSH without entering a password[edit]
Use ssh-keygen to generate keys and copy the keys to each machine.
ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P scp $HOME/.ssh/id_dsa.pub user@othermachine:/usr/people/username cat id_dsa.pub >> $HOME/.ssh/authorized_keys2 chmod 0600 $HOME/.ssh/authorized_keys2 ssh -i $HOME/.ssh/id_dsa othermachine
- Reference: SSH, The secure Shell:The definitive Guide, O Rielly and associates. ISBN 0-596-00011-1
See also[edit]
- man ssh-keygen
- man ssh
- man ssh_config
External link[edit]
Pertinent nekochan.net discussion, with an example sshd_config, is available [1]