Ssh - Secure Shell for Unix Servers - Quick Start Guide
Transcript of Ssh - Secure Shell for Unix Servers - Quick Start Guide
![Page 1: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/1.jpg)
SSH Secure Shellfor UNIX ServersQuick Start Guide
May 2001
This document contains instructions on how to install (anduninstall) SSH Secure Shell for Unix Servers.
![Page 2: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/2.jpg)
2
c�
1996- 2001SSHCommunicationsSecurityOyj, Finland.
Nopartof thispublicationmaybereproduced,published,storedin anelectronicdatabase,or transmitted,in any form or by anymeans,electronic,mechanical,recording,or otherwise,for anypurpose,without theprior written permissionof SSHCommu-nicationsSecurityOyj. This softwareis protectedby interna-tional copyright laws. All rightsreserved. sshR
�is a registered
trademarkof SSHCommunicationsSecurityOyj in theUnitedStatesandin certainotherjurisdictions. SSH2,theSSHlogo,SSH IPSECExpress,SSH Certifier, SSH Sentineland Mak-ing theInternetSecurearetrademarksof SSHCommunicationsSecurityOyj andmayberegisteredin certainjurisdictions.Allother namesand marksare propertyof their respective own-ers. THEREIS NO WARRANTY OF ANY KIND FORTHEACCURACY OR USEFULNESSOF THIS INFORMATIONEXCEPTAS REQUIRED BY APPLICABLE LAW OR EX-PRESSLY AGREEDIN WRITING.
SSHCommunicationsSecurity OyjFredrikinkatu42;FIN-00100Helsinki;FINLANDSSHCommunicationsSecurityInc.1076EastMeadow Circle;Palo Alto, CA 94303;USASSHCommunicationsSecurityK.K.HouseHamamatsu-choBldg. 5F; 2-7-1 Hamamatsu-cho,Minato-ku;Tokyo 105-0013,JAPAN
http://www.ssh.com/e-mail: [email protected](sales),http://www.ssh.com/support/ssh/Tel: +358 20 5007030(Finland), +1 650 2512700(USA), +81 334596830(Japan)Fax: +358 20 5007031(Finland), +1 650 2512701(USA), +81 334596825(Japan)
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start
![Page 3: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/3.jpg)
CONTENTS 3
Contents
1 Installing SSHSecureShell 5
1.1 InstallationonLinux Platforms. . . . . . . . . . . . . . . . . . . 6
1.1.1 Installing . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.1.2 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 7
1.2 InstallationonSolarisSPARC Platforms. . . . . . . . . . . . . . 7
1.2.1 Installingwith pkgadd . . . . . . . . . . . . . . . . . . 8
1.2.2 Installingwithoutpkgadd . . . . . . . . . . . . . . . . . 9
1.2.3 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 9
1.3 InstallationonHP-UX . . . . . . . . . . . . . . . . . . . . . . . 10
1.3.1 Installing . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.3.2 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 11
1.4 InstallationonAIX 4.3.x . . . . . . . . . . . . . . . . . . . . . . 11
SSHSecureShellQuick Start c�
2001SSHCommunicationsSecurityOyj
![Page 4: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/4.jpg)
4 CONTENTS
1.4.1 Installing . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.4.2 Uninstalling. . . . . . . . . . . . . . . . . . . . . . . . . 12
1.5 InstallationonOtherUNIX Platforms . . . . . . . . . . . . . . . 13
2 Further Information 15
2.1 Official WebResourcesatssh.com. . . . . . . . . . . . . . . . . 15
2.2 Non-SSHCommunicationsSecurityWebSites . . . . . . . . . . 16
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start
![Page 5: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/5.jpg)
5
Chapter 1
Installing SSHSecureShell
This chaptercontainsinstructionson how to install theSSHSecureShellserverandclientsoftwareonvariousUNIX platforms.
Theactualinstallationandsystemconfigurationof theSSHSecureShellsoftwareis dependenton theparticularplatform.For installationinstructionson platformsnotcoveredhere,pleaseconsulttheplatform-specificdocumentationshippedwithyoursoftwarepackage.
Theseinstructionsassumethat you are installing from CD-ROM. If you havedownloadedthe software from the SSH CommunicationsSecuritye-commercesite(http://commerce.ssh.com ), youshouldalreadyhavetheappropriateinstallationpackageonyourmachine.
SSHSecureShellQuick Start c�
2001SSHCommunicationsSecurityOyj
![Page 6: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/6.jpg)
6 Chapter 1. Installing SSHSecureShell
1.1 Installation on Linux Platforms
SSHSecureShell productsfor Linux platformsaresuppliedin RPM (RedHatPackageManager)binarypackages.
Pleasenotethat thebinaryRPMsareintendedfor RedHat andSuSELinux dis-tributionsrunningonanIntel x86 platform.OnotherplatformsthatusetheRPMpackagemanager, the installationof theappropriatefiles will probablysucceed,but the configurationphasemight fail. In this case,you mustdo the configura-tion manually, asif you wereinstallingdirectly from sourcefiles (seeSection1.5(InstallingonOtherUnix Platforms)).
1.1.1 Installing
On the installation CD-ROM the software is located in the directory/install/linux/ . PleasereadtheREADMEfile for any importantlastminuteinformation.
1. Copy theRPMinstallationpackageto yourmachine.
2. Changeyour working directoryto thedirectorywhereyou have copiedtheinstallationpackageandissuethefollowing commandwith rootprivileges:
rpm -ihv ssh-commercial-server-x.y.z-v.i386. rpm
Thecommandvariesa bit accordingto thesoftwareandRPM releasever-sion. For example,server might bereplacedwith workstation , andthelettersx.y.z-v shouldbereplacedwith theappropriatereleasenum-ber.
If youhavepreviousSSHSecureShellRPMsinstalled,issuethefollowingcommandwith rootprivileges:
rpm -Uhv ssh-commercial-server-x.y.z-v.i386. rpm
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start
![Page 7: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/7.jpg)
1.2. Installation on SolarisSPARC Platforms 7
3. After issuingthe command,the softwarewill be installed. You might beaskedto accepttheLicenseAgreementif you have not donesopreviouslyon theparticularcomputer, or if theLicensehaschangedfrom thepreviousversion.
4. The softwareshouldnow be readyto use. If you alreadyhadthe SecureShelldaemonrunning,restartit or rebootthecomputer.
1.1.2 Uninstalling
Uninstallationis accomplishedby issuingthefollowing commandwith rootpriv-ileges:
rpm -e ssh-commercial-server
Onceagain,server may be replacedwith somethingelse,dependingon theactualsoftwareversion.
Pleasenoticethatevenaftera successfuluninstallation,theSecureShelldaemonwill beleft running.Youmustkill it manually:
kill ‘cat /var/run/sshd2_22.pid‘
or
/etc/rc.d/init.d/sshd2 stop
1.2 Installation on SolarisSPARC Platforms
Thepackageincludescompiledbinariesfor Solaris2.6, 7, and8 on theSPARCarchitecture.For Solarison the Intel x86 platform,no pre-compiledbinariesare
SSHSecureShellQuick Start c�
2001SSHCommunicationsSecurityOyj
![Page 8: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/8.jpg)
8 Chapter 1. Installing SSHSecureShell
available.
Note: If you wantto compilethesourcecodeyourself,we recommendtheusageof SunMicrosystems’proprietaryC compiler(ForteC, formerly SunWorkShopProfessionalC, or its equivalent).
1.2.1 Installing with pkgadd
On the installation CD-ROM the software is located in the directory/install/solaris/ . Pleasereadthe READMEfile for any importantlastminuteinformation.
1. Copy theinstallationpackageto yourmachine.
2. Unpackthedistribution binaryto somesuitableplace.Thestandardplaceis /var/spool/pkg in a Solarisenvironment.
gzip -dc package | tar xvf -
package is thenameof theinstallationpackage.
3. Install thepackagewith thepkgadd tool.
pkgadd -d .
4. StarttheSecureShelldaemonusingthecommand
/etc/init.d/sshd2 start
or
/InstDir/sbin/sshd2
whereInstDir is thechoseninstallationdirectory(asdefault /usr/local).
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start
![Page 9: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/9.jpg)
1.2. Installation on SolarisSPARC Platforms 9
1.2.2 Installing without pkgadd
Pkgadd setsup a few variableswhich theinstallationscriptwill use.If you areusingthescriptwithoutpkgtool , youhave to setthemupyourself:
VERSION=x.y.z (x.y.z = the version number)BASEDIR=/var/spool/pkg/SSHssh2/relo c
Rememberalsoto export thevariables.
Unpackthedistribution to somesuitabletemporaryspace.Theabove BASEDIRappliesonly if you put thepackageunder/var/spool/pkg . In this case,youhave to do theinstallationmanually, usingthepostinstall command.
gzip -dc package | tar xvf -cd SSHssh2/reloctar cf - . | (cd /usr/local; tar xfBp -)cd ../install./postinstall
1.2.3 Uninstalling
To removeSSHSecureShellfrom aSolarismachine:
1. StoptheSecureShelldaemonusingthecommand
/etc/init.d/sshd2 stop
2. Uninstallthepackageby issuingoneof thefollowing commandswith rootprivileges:
pkgrm SSHssh2
SSHSecureShellQuick Start c�
2001SSHCommunicationsSecurityOyj
![Page 10: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/10.jpg)
10 Chapter 1. Installing SSHSecureShell
or
pkgrm SSHssh2.2
1.3 Installation on HP-UX
1.3.1 Installing
On the installation CD-ROM the software is located in the directory/install/hp-ux/ . PleasereadtheREADMEfile for any importantlastminuteinformation.
1. Copy theinstallationpackageto yourmachine.
2. Unpackthepackagewith gunzip .
3. Install thepackageby issuingthefollowing commandwith rootprivileges:
swinstall -s path_to/package ssh2
/path to/package is the absolutepath and nameof the distributionfile.
Thesoftwarewill beinstalledin the/opt/ssh2 directory, andthemanualpageswill be installedin the /usr/man directory. Symbolic links forbinarieswill becreatedin the/usr/bin and/usr/sbin directories.
4. StarttheSecureShelldaemonusingthecommand
/sbin/init.d/sshd start
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start
![Page 11: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/11.jpg)
1.4. Installation on AIX 4.3.x 11
1.3.2 Uninstalling
To removeSSHSecureShellfrom aHP-UX machine:
1. StoptheSecureShelldaemonusingthecommand
/sbin/init.d/sshd stop
2. Uninstall the packageby issuingthe following commandwith root privi-leges:
swremove ssh2
Pleasenoticethatevenaftera successfuluninstallation,theSecureShelldaemonwill be left running. You must kill it manually. Also, uninstallationdoesnotremoveany configurationfiles.
1.4 Installation on AIX 4.3.x
Note: If you wantto compilethesourcecodeyourself,we recommendtheusageof IBM’ sproprietaryC compiler(IBM C for AIX or its equivalent).
1.4.1 Installing
On the installation CD-ROM the software is located in the directory/install/aix/ . Pleasereadthe READMEfile for any importantlast minuteinformation.
1. Copy theinstallationpackageto yourmachine.
SSHSecureShellQuick Start c�
2001SSHCommunicationsSecurityOyj
![Page 12: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/12.jpg)
12 Chapter 1. Installing SSHSecureShell
2. Unpackthepackageby giving thefollowing command:
gzip -dc package | tar -xvf -
package is thenameof thedistributionfile.
3. Install thepackageby issuingthefollowing commandwith rootprivileges:
installp -d . SSH.Secure.Shell
If you only wantto applyandnot committhepackage,you canusethe-aflag with installp . Packageswhich areappliedbut not committedcanberejectedlateron. PleasereadtheAIX manualpagesfor moreinformationaboutthe installp command.
4. StarttheSecureShelldaemonusingthecommand
/etc/ssh2/sshd2 start
1.4.2 Uninstalling
To removeSSHSecureShellfrom anAIX machine:
1. StoptheSecureShelldaemonusingthecommand
/etc/ssh2/sshd2 stop
2. Uninstall the packageby issuingthe following commandwith root privi-leges:
installp -u SSH.Secure.Shell
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start
![Page 13: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/13.jpg)
1.5. Installation on Other UNIX Platforms 13
1.5 Installation on Other UNIX Platforms
If pre-compiledbinariesfrom SSH CommunicationsSecuritydo not exist foryour particularUNIX or UNIX-lik e platform(suchasFreeBSD,NetBSD,BSDI,OpenBSD,OSF/1,Tru64, Digital Unix) you can compile the sourceyourself.A list of the officially supportedplatformsis availableat http://www.ssh.com/products/ssh/portability.html .
In orderto compilethesourcecode,you needthefollowing:
� anANSI C compiler(gcc andegcs areavailablefrom theFreeSoftwareFoundation’sGNU project,http://www.gnu.org )
� developmentlibrariesfor youroperatingsystem.
On the installation CD-ROM the source code is located in the directory/install/source/ .
Copy the sourcepackageto your machine. Then, login as root , and run thefollowing commands.
gzip -dc ssh-x.y.z-v.tar.gz | tar -xvf -cd ssh-x.y.z-v./configuremakemake install
You canenableor disablecertainfunctionality whenyou compileSSHSecureShell. To usetheoptionalfunctionality, just make sureyou do it in thefollowingsyntax:
# ./configure --[option]
SSHSecureShellQuick Start c�
2001SSHCommunicationsSecurityOyj
![Page 14: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/14.jpg)
14 Chapter 1. Installing SSHSecureShell
Themostcommonconfigureoptionsarelistedbelow, but therearealsoadditionaloptionsnot listedhere.Type./configure --help for moreinformation.
--prefix=PREFIX
Definestheinstallationdirectory(default /usr/local )
--with-foreign-etcdir=PATH
Definesthedirectorycontainingnon-ssh-specificfiles (default /etc ).
--with-etcdir=PATH
Defines the directory containing ssh system files (default[FOREIGN ETCDIR]/ssh2 ).
--enable-debug
Enablesdebugging(recommended)
--disable-X11-forwarding
Turnsoff X11 forwarding
--disable-tcp-port-forwarding
Turnsoff port forwarding
--with-ssh-connection-limit=#
Definesthenumberof simultaneousconnectionsallowedto sshd2
--with-serversecurid[=PATH]
Compilesin supportfor SecurIDserverauthentication
--with-clientsecurid
Compilesin supportfor SecurIDclientauthentication
--with-kerberos5=[KRB PREFIX]
Compilesin Kerberos5support
--with-libwrap[=PATH]
Compilesin libwrap(tcp wrappers)support
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start
![Page 15: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/15.jpg)
15
Chapter 2
Further Information
For informationon theuseof SSHSecureShell,pleaseseeSSHSecure ShellforUnix Servers Administrator’s Guide(foundon the installationCD-ROM in PDFandHTML formats).Seealsothemanualpagesincludedin thedistribution.
For comprehensive informationon the variousaspectsof SSHSecureShell,werecommendSSH,The Secure Shell: The DefinitiveGuide by Daniel J. BarrettandRichardSilverman(O’Reilly, 2001),andUNIX SecureShellby AnneCarasik(McGraw-Hill, 1999).
Also severalonlineresourcesonSecureShellareavailable,administeredby SSHCommunicationsSecurityor otherparties.
2.1 Official WebResourcesat ssh.com
Thefollowing Webresourcesareadministeredby SSHCommunicationsSecurity.
SSHSecureShellQuick Start c�
2001SSHCommunicationsSecurityOyj
![Page 16: Ssh - Secure Shell for Unix Servers - Quick Start Guide](https://reader036.fdocuments.us/reader036/viewer/2022073106/577cc7a31a28aba711a1897c/html5/thumbnails/16.jpg)
16 Chapter 2. Further Information
� CryptographyA-Z
http://www.ssh.com/tech/crypto/
� SSHSecureShellfor Unix ServersAdministrator’sGuide
http://www.ssh.com/products/ssh/a dmini strato r/
� SSHSecureShellFAQ
http://www.ssh.com/support/ssh/fa q
� List of SupportedPlatformsfor SSHSecureShell
http://www.ssh.com/products/ssh/p ortab ility. html
� IETF secshDrafts
http://www.ssh.com/tech/archive/s ecsh. html
2.2 Non-SSHCommunicationsSecurity WebSites
Thefollowing Websitesarenot administeredby SSHCommunicationsSecurity,andwedonotacceptany responsibilityfor informationpostedthere.
� Archivesof theold SecureShellpublicmailing list ([email protected])
http://www.mail- archive.com/ssh@cl inet. fi/
� TheSecureShellFAQ
http://www.employees.org/˜satch/s sh/fa q/
� TheSecureShellsecshIETF WorkingGroup
http://www.ietf.org/html.charters /secs h- char ter.html
c�
2001SSHCommunicationsSecurityOyj SSHSecureShell Quick Start