-
July 30th, 2003, 04:02 AM
#1
sshd newb here
My goal is to X11 forward over ssh. However I can't even get sshd to work.
One thing I noticed that ssh wasn't listed in /inetd.conf which I thought was odd. But i read that it is better to be run as a daemon.
Well when I run "sshd" it can't find any host keys. So i run ssh-keygen and create a RSA1, which is placed in /root/.ssh/identify.pub. I then run "ssh-add ./identify.pub". SUCCESS. Then "ssh-agent". SUCCESS. Ok here goes nothing
"sshd -h identify.pub"
Could not load host key
And it disables protocol ver1 and ver2.
no hostkeys available.
I might be doing all this completely wrong. I need some insight because the man pages arent cutting it.
thanks
-
July 30th, 2003, 06:58 AM
#2
Hi there,
Help Us Help You when you have a Problem
- What is your OS (RH Linux, OpenBSD, etc) ?
- What is your OS version (8.0, 9.0, etc) ?
- What is your ssh (open-ssh, etc) ?
- What is your ssh version (2.3, 3.5, etc) ?
- How do you install it (binary package, make from source, etc) ?
Well I guess that's enough for starter...
Peace always,
<jdenny>
Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds
-
July 30th, 2003, 09:34 AM
#3
The major distros ship (yes, all of them. Even Slackware) with a script which will automatically create host keys when you start sshd for the first time.
Therefore, I have no experience of doing so manually.
Is there a reason why this script doesn't work for you?
Slarty
-
July 30th, 2003, 10:18 AM
#4
Re: sshd newb here
Originally posted here by br_fusion
My goal is to X11 forward over ssh.
I can't help with getting SSHD working, but more info about the distro might help
Try man sshd to see where the conf files live and check in the conf file the paths for the keys.
Most distros forward X11 by default but otherwise in the ~/.ssh/config file add the line:
ForwardX11 yes
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
July 30th, 2003, 02:57 PM
#5
I am assuming you are using openssh, so I took a quick look at the Makefile:
Code:
host-key: ssh-keygen$(EXEEXT)
@if [ -z "$(DESTDIR)" ] ; then \
if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \
echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \
else \
./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ; \
fi ; \
if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key ] ; then \
echo "$(DESTDIR)$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \
else \
./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ; \
fi ; \
if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key ] ; then \
echo "$(DESTDIR)$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \
else \
./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" ; \
fi ; \
fi ;
host-key-force: ssh-keygen$(EXEEXT)
./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""
./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N ""
./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N ""
So...find where openssh is installed (DESTDIR) find your conf directory (probably $DESTDIR/etc).
(hint): find / -name sshd_config -print
Wherever, sshd_config lives, is probably your configuration directory for openssh. Note this directory and:
ssh-keygen -t rsa1 -f <directory>/ssh_host_key -N "" ;
ssh-keygen -t dsa -f <directory>/ssh_host_dsa_key -N "" ;
ssh-keygen -t rsa -f <directory>/ssh_host_rsa_key -N "" ;
While you are at it, note where your sshd_conf file is and have a run through it. X11 should be enabled by default. I recommend disabling protocol version 1 for security reasons.
Change in sshd_config:
Protocols 2,1
to
Protocols 2
Makefiles are your friend
/nebulus
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
July 30th, 2003, 03:16 PM
#6
Makefiles are your friend
That is the best single bit of linux advice I have seen in a while!
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
July 30th, 2003, 03:24 PM
#7
Originally posted here by RoadClosed
That is the best single bit of linux advice I have seen in a while!
The best I ever got was :
locate is your friend
They were right.
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|