Thursday, June 30, 2005

sshd Configuration in Solaris 8

Re: sshd Configuration in Solaris 8
Posted By Rajendra Yadav On Tuesday, June 28, 2005 at 7:48 AM

hi
do the following

#mkdir /var/empty
#chown root:sys /var/empty
#chmod 755 /var/empty
#groupadd sshd
#useradd -g sshd -c "SSHD Admin" -d /var/empty -s
/bin/false sshd
#ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N
""
#ssh-keygen -t dsa -f /usr/local/etc/ssh_dsa_key -N ""
#ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key
-N ""

then y start the sshd services

Regard
Rajendra

--- sagar via solaris-l
<email@removed> wrote:

> # Calculating the Cost of Tape and Disk Storage
> Solutions
> # Learn more at:
> http://www.ITtoolbox.com/r/rd.asp?i=10697
>
> # View Group Archive:
> http://ITtoolbox.com/hrd.asp?i=830
>
> Hi Guys
> I am new to sshd configuration .
> I have installed OpenSsh in Solaris8.
>
> I have a few Queries
>
> What is prngd ? Why is used ..
> Also when I start the sshd daemon I am Getting the
> following message
> Privilege separation user sshd does not exist
>
> What is the Privilege Separation User
>
> Please assist
>
> Regards
>
> Sagar
>

prngd is a random number generator, only required if your kernel does
not have a /dev/random and /dev/urandom. There are kernel patches for
Solaris that give you those devices. You might already have them.

The sshd privilege separation user is used by the daemon to lower it's
privileges, so it doesn't have to run as root all the time, before a
user has authenticated (when it runs as that user). It increases
security and makes it harder for someone to obtain remote root access
in the event that a buffer overflow is discovered/exploited in sshd.

0 Comments:

Post a Comment

<< Home