Ssh - Secure Shell for Unix Servers - Quick Start Guide

SSH Secure Shellfor UNIX ServersQuick Start Guide

May 2001

This document contains instructions on how to install (anduninstall) SSH Secure Shell for Unix Servers.

2

c�

1996- 2001SSHCommunicationsSecurityOyj, Finland.

Nopartof thispublicationmaybereproduced,published,storedin anelectronicdatabase,or transmitted,in any form or by anymeans,electronic,mechanical,recording,or otherwise,for anypurpose,without theprior written permissionof SSHCommu-nicationsSecurityOyj. This softwareis protectedby interna-tional copyright laws. All rightsreserved. sshR

�is a registered

trademarkof SSHCommunicationsSecurityOyj in theUnitedStatesandin certainotherjurisdictions. SSH2,theSSHlogo,SSH IPSECExpress,SSH Certifier, SSH Sentineland Mak-ing theInternetSecurearetrademarksof SSHCommunicationsSecurityOyj andmayberegisteredin certainjurisdictions.Allother namesand marksare propertyof their respective own-ers. THEREIS NO WARRANTY OF ANY KIND FORTHEACCURACY OR USEFULNESSOF THIS INFORMATIONEXCEPTAS REQUIRED BY APPLICABLE LAW OR EX-PRESSLY AGREEDIN WRITING.

SSHCommunicationsSecurity OyjFredrikinkatu42;FIN-00100Helsinki;FINLANDSSHCommunicationsSecurityInc.1076EastMeadow Circle;Palo Alto, CA 94303;USASSHCommunicationsSecurityK.K.HouseHamamatsu-choBldg. 5F; 2-7-1 Hamamatsu-cho,Minato-ku;Tokyo 105-0013,JAPAN

http://www.ssh.com/e-mail: [email protected](sales),http://www.ssh.com/support/ssh/Tel: +358 20 5007030(Finland), +1 650 2512700(USA), +81 334596830(Japan)Fax: +358 20 5007031(Finland), +1 650 2512701(USA), +81 334596825(Japan)

c�

2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start

CONTENTS 3

Contents

1 Installing SSHSecureShell 5

1.1 InstallationonLinux Platforms. . . . . . . . . . . . . . . . . . . 6

1.1.1 Installing . . . . . . . . . . . . . . . . . . . . . . . . . . 6

1.1.2 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 7

1.2 InstallationonSolarisSPARC Platforms. . . . . . . . . . . . . . 7

1.2.1 Installingwith pkgadd . . . . . . . . . . . . . . . . . . 8

1.2.2 Installingwithoutpkgadd . . . . . . . . . . . . . . . . . 9

1.2.3 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 9

1.3 InstallationonHP-UX . . . . . . . . . . . . . . . . . . . . . . . 10

1.3.1 Installing . . . . . . . . . . . . . . . . . . . . . . . . . . 10

1.3.2 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 11

1.4 InstallationonAIX 4.3.x . . . . . . . . . . . . . . . . . . . . . . 11

SSHSecureShellQuick Start c�

2001SSHCommunicationsSecurityOyj

4 CONTENTS

1.4.1 Installing . . . . . . . . . . . . . . . . . . . . . . . . . . 11

1.4.2 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 12

1.5 InstallationonOtherUNIX Platforms . . . . . . . . . . . . . . . 13

2 Further Information 15

2.1 Official WebResourcesatssh.com. . . . . . . . . . . . . . . . . 15

2.2 Non-SSHCommunicationsSecurityWebSites . . . . . . . . . . 16

c�


5

Chapter 1

Installing SSHSecureShell

This chaptercontainsinstructionson how to install theSSHSecureShellserverandclientsoftwareonvariousUNIX platforms.

Theactualinstallationandsystemconfigurationof theSSHSecureShellsoftwareis dependenton theparticularplatform.For installationinstructionson platformsnotcoveredhere,pleaseconsulttheplatform-specificdocumentationshippedwithyoursoftwarepackage.

Theseinstructionsassumethat you are installing from CD-ROM. If you havedownloadedthe software from the SSH CommunicationsSecuritye-commercesite(http://commerce.ssh.com ), youshouldalreadyhavetheappropriateinstallationpackageonyourmachine.



6 Chapter 1. Installing SSHSecureShell

1.1 Installation on Linux Platforms

SSHSecureShell productsfor Linux platformsaresuppliedin RPM (RedHatPackageManager)binarypackages.

Pleasenotethat thebinaryRPMsareintendedfor RedHat andSuSELinux dis-tributionsrunningonanIntel x86 platform.OnotherplatformsthatusetheRPMpackagemanager, the installationof theappropriatefiles will probablysucceed,but the configurationphasemight fail. In this case,you mustdo the configura-tion manually, asif you wereinstallingdirectly from sourcefiles (seeSection1.5(InstallingonOtherUnix Platforms)).

1.1.1 Installing

On the installation CD-ROM the software is located in the directory/install/linux/ . PleasereadtheREADMEfile for any importantlastminuteinformation.

1. Copy theRPMinstallationpackageto yourmachine.

2. Changeyour working directoryto thedirectorywhereyou have copiedtheinstallationpackageandissuethefollowing commandwith rootprivileges:

rpm -ihv ssh-commercial-server-x.y.z-v.i386. rpm

Thecommandvariesa bit accordingto thesoftwareandRPM releasever-sion. For example,server might bereplacedwith workstation , andthelettersx.y.z-v shouldbereplacedwith theappropriatereleasenum-ber.

If youhavepreviousSSHSecureShellRPMsinstalled,issuethefollowingcommandwith rootprivileges:

rpm -Uhv ssh-commercial-server-x.y.z-v.i386. rpm

c�


1.2. Installation on SolarisSPARC Platforms 7

3. After issuingthe command,the softwarewill be installed. You might beaskedto accepttheLicenseAgreementif you have not donesopreviouslyon theparticularcomputer, or if theLicensehaschangedfrom thepreviousversion.

4. The softwareshouldnow be readyto use. If you alreadyhadthe SecureShelldaemonrunning,restartit or rebootthecomputer.

1.1.2 Uninstalling

Uninstallationis accomplishedby issuingthefollowing commandwith rootpriv-ileges:

rpm -e ssh-commercial-server

Onceagain,server may be replacedwith somethingelse,dependingon theactualsoftwareversion.

Pleasenoticethatevenaftera successfuluninstallation,theSecureShelldaemonwill beleft running.Youmustkill it manually:

kill ‘cat /var/run/sshd2_22.pid‘

or

/etc/rc.d/init.d/sshd2 stop

1.2 Installation on SolarisSPARC Platforms

Thepackageincludescompiledbinariesfor Solaris2.6, 7, and8 on theSPARCarchitecture.For Solarison the Intel x86 platform,no pre-compiledbinariesare




available.

Note: If you wantto compilethesourcecodeyourself,we recommendtheusageof SunMicrosystems’proprietaryC compiler(ForteC, formerly SunWorkShopProfessionalC, or its equivalent).

1.2.1 Installing with pkgadd

On the installation CD-ROM the software is located in the directory/install/solaris/ . Pleasereadthe READMEfile for any importantlastminuteinformation.

1. Copy theinstallationpackageto yourmachine.

2. Unpackthedistribution binaryto somesuitableplace.Thestandardplaceis /var/spool/pkg in a Solarisenvironment.

gzip -dc package | tar xvf -

package is thenameof theinstallationpackage.

3. Install thepackagewith thepkgadd tool.

pkgadd -d .

4. StarttheSecureShelldaemonusingthecommand

/etc/init.d/sshd2 start

or

/InstDir/sbin/sshd2

whereInstDir is thechoseninstallationdirectory(asdefault /usr/local).

c�


1.2. Installation on SolarisSPARC Platforms 9

1.2.2 Installing without pkgadd

Pkgadd setsup a few variableswhich theinstallationscriptwill use.If you areusingthescriptwithoutpkgtool , youhave to setthemupyourself:

VERSION=x.y.z (x.y.z = the version number)BASEDIR=/var/spool/pkg/SSHssh2/relo c

Rememberalsoto export thevariables.

Unpackthedistribution to somesuitabletemporaryspace.Theabove BASEDIRappliesonly if you put thepackageunder/var/spool/pkg . In this case,youhave to do theinstallationmanually, usingthepostinstall command.

gzip -dc package | tar xvf -cd SSHssh2/reloctar cf - . | (cd /usr/local; tar xfBp -)cd ../install./postinstall

1.2.3 Uninstalling

To removeSSHSecureShellfrom aSolarismachine:

1. StoptheSecureShelldaemonusingthecommand

/etc/init.d/sshd2 stop

2. Uninstallthepackageby issuingoneof thefollowing commandswith rootprivileges:

pkgrm SSHssh2




or

pkgrm SSHssh2.2

1.3 Installation on HP-UX

1.3.1 Installing

On the installation CD-ROM the software is located in the directory/install/hp-ux/ . PleasereadtheREADMEfile for any importantlastminuteinformation.


2. Unpackthepackagewith gunzip .

3. Install thepackageby issuingthefollowing commandwith rootprivileges:

swinstall -s path_to/package ssh2

/path to/package is the absolutepath and nameof the distributionfile.

Thesoftwarewill beinstalledin the/opt/ssh2 directory, andthemanualpageswill be installedin the /usr/man directory. Symbolic links forbinarieswill becreatedin the/usr/bin and/usr/sbin directories.


/sbin/init.d/sshd start

c�


1.4. Installation on AIX 4.3.x 11

1.3.2 Uninstalling

To removeSSHSecureShellfrom aHP-UX machine:


/sbin/init.d/sshd stop

2. Uninstall the packageby issuingthe following commandwith root privi-leges:

swremove ssh2

Pleasenoticethatevenaftera successfuluninstallation,theSecureShelldaemonwill be left running. You must kill it manually. Also, uninstallationdoesnotremoveany configurationfiles.

1.4 Installation on AIX 4.3.x

Note: If you wantto compilethesourcecodeyourself,we recommendtheusageof IBM’ sproprietaryC compiler(IBM C for AIX or its equivalent).

1.4.1 Installing

On the installation CD-ROM the software is located in the directory/install/aix/ . Pleasereadthe READMEfile for any importantlast minuteinformation.





2. Unpackthepackageby giving thefollowing command:

gzip -dc package | tar -xvf -

package is thenameof thedistributionfile.

3. Install thepackageby issuingthefollowing commandwith rootprivileges:

installp -d . SSH.Secure.Shell

If you only wantto applyandnot committhepackage,you canusethe-aflag with installp . Packageswhich areappliedbut not committedcanberejectedlateron. PleasereadtheAIX manualpagesfor moreinformationaboutthe installp command.


/etc/ssh2/sshd2 start

1.4.2 Uninstalling

To removeSSHSecureShellfrom anAIX machine:


/etc/ssh2/sshd2 stop

2. Uninstall the packageby issuingthe following commandwith root privi-leges:

installp -u SSH.Secure.Shell

c�


1.5. Installation on Other UNIX Platforms 13

1.5 Installation on Other UNIX Platforms

If pre-compiledbinariesfrom SSH CommunicationsSecuritydo not exist foryour particularUNIX or UNIX-lik e platform(suchasFreeBSD,NetBSD,BSDI,OpenBSD,OSF/1,Tru64, Digital Unix) you can compile the sourceyourself.A list of the officially supportedplatformsis availableat http://www.ssh.com/products/ssh/portability.html .

In orderto compilethesourcecode,you needthefollowing:

� anANSI C compiler(gcc andegcs areavailablefrom theFreeSoftwareFoundation’sGNU project,http://www.gnu.org )

� developmentlibrariesfor youroperatingsystem.

On the installation CD-ROM the source code is located in the directory/install/source/ .

Copy the sourcepackageto your machine. Then, login as root , and run thefollowing commands.

gzip -dc ssh-x.y.z-v.tar.gz | tar -xvf -cd ssh-x.y.z-v./configuremakemake install

You canenableor disablecertainfunctionality whenyou compileSSHSecureShell. To usetheoptionalfunctionality, just make sureyou do it in thefollowingsyntax:

# ./configure --[option]




Themostcommonconfigureoptionsarelistedbelow, but therearealsoadditionaloptionsnot listedhere.Type./configure --help for moreinformation.

--prefix=PREFIX

Definestheinstallationdirectory(default /usr/local )

--with-foreign-etcdir=PATH

Definesthedirectorycontainingnon-ssh-specificfiles (default /etc ).

--with-etcdir=PATH

Defines the directory containing ssh system files (default[FOREIGN ETCDIR]/ssh2 ).

--enable-debug

Enablesdebugging(recommended)

--disable-X11-forwarding

Turnsoff X11 forwarding

--disable-tcp-port-forwarding

Turnsoff port forwarding

--with-ssh-connection-limit=#

Definesthenumberof simultaneousconnectionsallowedto sshd2

--with-serversecurid[=PATH]

Compilesin supportfor SecurIDserverauthentication

--with-clientsecurid

Compilesin supportfor SecurIDclientauthentication

--with-kerberos5=[KRB PREFIX]

Compilesin Kerberos5support

--with-libwrap[=PATH]

Compilesin libwrap(tcp wrappers)support

c�


15

Chapter 2

Further Information

For informationon theuseof SSHSecureShell,pleaseseeSSHSecure ShellforUnix Servers Administrator’s Guide(foundon the installationCD-ROM in PDFandHTML formats).Seealsothemanualpagesincludedin thedistribution.

For comprehensive informationon the variousaspectsof SSHSecureShell,werecommendSSH,The Secure Shell: The DefinitiveGuide by Daniel J. BarrettandRichardSilverman(O’Reilly, 2001),andUNIX SecureShellby AnneCarasik(McGraw-Hill, 1999).

Also severalonlineresourcesonSecureShellareavailable,administeredby SSHCommunicationsSecurityor otherparties.

2.1 Official WebResourcesat ssh.com

Thefollowing Webresourcesareadministeredby SSHCommunicationsSecurity.



16 Chapter 2. Further Information

� CryptographyA-Z

http://www.ssh.com/tech/crypto/

� SSHSecureShellfor Unix ServersAdministrator’sGuide

http://www.ssh.com/products/ssh/a dmini strato r/

� SSHSecureShellFAQ

http://www.ssh.com/support/ssh/fa q

� List of SupportedPlatformsfor SSHSecureShell

http://www.ssh.com/products/ssh/p ortab ility. html

� IETF secshDrafts

http://www.ssh.com/tech/archive/s ecsh. html

2.2 Non-SSHCommunicationsSecurity WebSites

Thefollowing Websitesarenot administeredby SSHCommunicationsSecurity,andwedonotacceptany responsibilityfor informationpostedthere.

� Archivesof theold SecureShellpublicmailing list ([email protected])

http://www.mail- archive.com/ssh@cl inet. fi/

� TheSecureShellFAQ

http://www.employees.org/˜satch/s sh/fa q/

� TheSecureShellsecshIETF WorkingGroup

http://www.ietf.org/html.charters /secs h- char ter.html

c�


Ssh - Secure Shell for Unix Servers - Quick Start Guide

Documents

Transcript of Ssh - Secure Shell for Unix Servers - Quick Start Guide