| View previous topic :: View next topic |
| Author |
Message |
hhaamu
Apprentice
Joined: 23 Aug 2002
Posts: 253
Location: Finland
|
 Posted: Fri Aug 30, 2002 11:52 am Post subject: setting up sshd |
 |
|
Hi!
I want to set up a ssh daemon so I can connect from any computer to this using ssh. The problem is: there isn't any howtos for ssh 
The output when running sshd as root:
Could not load host key: /etc/ssh/ssh_host_key
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
(the problem obviously is that I don't have any keys generated)
How do I do that? ssh-keygen? Under what priviledges? |
|
| Back to top |
|
 |
eivinn
Apprentice
Joined: 10 Jul 2002
Posts: 219
Location: Norway
|
| Posted: Fri Aug 30, 2002 12:07 pm Post subject: |
|
|
| Code: | emerge openssh
rc-update add openssh default
|
Now you can restart your computer and openssh is started by default.
You can then log in as root or any other user on the system provided they have got a shell. |
|
| Back to top |
|
|
rizzo
Retired Dev
Joined: 30 Apr 2002
Posts: 1067
Location: Manitowoc, WI, USA
|
| Posted: Fri Aug 30, 2002 12:25 pm Post subject: |
|
|
To start sshd, do:
| Code: | | /etc/init.d/sshd start |
This will create those host keys. Start up sshd by the executable itself does not create those keys.
Using the /etc/init.d/ scripts is the preferred way to start/stop services on your machine. |
|
| Back to top |
|
|
hhaamu
Apprentice
Joined: 23 Aug 2002
Posts: 253
Location: Finland
|
| Posted: Fri Aug 30, 2002 2:13 pm Post subject: |
|
|
Thanks!
btw, it's
| Code: | | rc-update add sshd default |
|
|
| Back to top |
|
|
dirty
n00b
Joined: 03 Sep 2002
Posts: 8
|
| Posted: Thu Sep 12, 2002 6:39 pm Post subject: |
|
|
thanks alot
i goted the same problem  |
|
| Back to top |
|
|
changed
n00b
Joined: 17 Jul 2002
Posts: 26
|
| Posted: Tue Sep 17, 2002 2:16 pm Post subject: |
|
|
| eivinn wrote: | | Code: | emerge openssh
rc-update add openssh default
|
You can then log in as root or any other user on the system provided they have got a shell. |
I have problem. As far as I login as a root everything is ok but no other user is allowed to use ssh. Why ?
regards |
|
| Back to top |
|
|
JyZude
n00b
Joined: 23 Apr 2002
Posts: 15
|
| Posted: Tue Sep 17, 2002 4:05 pm Post subject: |
|
|
| changed: This may be a silly question, but can the other users log in at a normal terminal? Have you set their passwords with passwd? Have you set their default login shells with usermod -s? Just checking. |
|
| Back to top |
|
|
rizzo
Retired Dev
Joined: 30 Apr 2002
Posts: 1067
Location: Manitowoc, WI, USA
|
| Posted: Tue Sep 17, 2002 6:29 pm Post subject: |
|
|
| I'd be willing to bet they do not have their shells set. Look in the /etc/passwd file and see if they have a shell like /bin/bash set. If not, set it. |
|
| Back to top |
|
|
changed
n00b
Joined: 17 Jul 2002
Posts: 26
|
| Posted: Tue Sep 17, 2002 11:57 pm Post subject: |
|
|
Thanks for your reply guys 
Yes they can login locally... I set their passwords with passwd but ... plz dont laugh I edited /etc/passwd manually to fix the problem with default shells ... does it make any difference ? |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Wed Sep 18, 2002 12:07 am Post subject: |
|
|
| changed wrote: | Thanks for your reply guys
Yes they can login locally... I set their passwords with passwd but ... plz dont laugh I edited /etc/passwd manually to fix the problem with default shells ... does it make any difference ? |
oohhhh not good. Don't do that unless... actually there's never a really good reason for doing it.
1. How to do it normally/correctly.
usermod -s <path to shell> <username>
All user attributes can be modified through usernmod commands.
2. How to make what you've already do work.
No sense in going through it again so run the secret happy command:
pwconv
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
changed
n00b
Joined: 17 Jul 2002
Posts: 26
|
| Posted: Wed Sep 18, 2002 1:00 am Post subject: |
|
|
Thank you so much!!!
Well... it looks Im brainless  |
|
| Back to top |
|
|
alixta
n00b
Joined: 23 Oct 2002
Posts: 1
|
| Posted: Wed Oct 23, 2002 10:55 pm Post subject: sshd: Could not load host key: ..... |
|
|
| rizzo wrote: | To start sshd, do:
| Code: | | /etc/init.d/sshd start |
This will create those host keys. Start up sshd by the executable itself does not create those keys.
Using the /etc/init.d/ scripts is the preferred way to start/stop services on your machine. |
Using Gentoo 1.4 Rc_2 and following the above instructions (emerge openssh, rc-update etc including a reboot) & I'm still getting 'Could not load host key: /etc/ssh/ssh_host_key' during boot up.
I tried manually creating the keys & running sshd before using the above script, but no luck either 
Any clues?
Cheers
Alistair
>>>>>UPDATED<<<<<
Nothing like answering your own question 
Once I removed the host keys I had manually created & then try
| Code: | | /etc/init.d/sshd start |
whammo  it boots up & creates it's own keys.. |
|
| Back to top |
|
|
Mnemia
Guru
Joined: 17 May 2002
Posts: 476
|
| Posted: Thu Oct 24, 2002 12:03 am Post subject: |
|
|
| kashani wrote: | | changed wrote: | Thanks for your reply guys
Yes they can login locally... I set their passwords with passwd but ... plz dont laugh I edited /etc/passwd manually to fix the problem with default shells ... does it make any difference ? |
oohhhh not good. Don't do that unless... actually there's never a really good reason for doing it.
1. How to do it normally/correctly.
usermod -s <path to shell> <username>
All user attributes can be modified through usernmod commands.
2. How to make what you've already do work.
No sense in going through it again so run the secret happy command:
pwconv
kashani |
Pardon my ignorance, but why exactly is there any reason why you shouldn't edit the file manually? There is no difference with whether you add it by hand or use the usermod commands, at least as far as I knew. I thought they just edited the file as if you had done it yourself. Explain?
BTW, I don't think he means that he manually put the encrypted password in /etc/passwd, bypassing the shadow file. I think he just means that he added on the shell at the end of his user's line in passwd and I don't think there's anything wrong with that since that's how I've always done it and it works fine. |
|
| Back to top |
|
|
serty2
n00b
Joined: 22 Oct 2002
Posts: 25
|
| Posted: Thu Oct 24, 2002 10:15 am Post subject: |
|
|
about the fact that the normal users cannot log in an ssh session, see the post about that in the newbie section...this question has been posted a zillion times,
what u should do is add the users to the WHEEL group ....
By default, only the WHEEL group can login to sshd  |
|
| Back to top |
|
|
klieber
Bodhisattva
Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA
|
| Posted: Thu Oct 24, 2002 5:10 pm Post subject: |
|
|
| Mnemia wrote: | | Pardon my ignorance, but why exactly is there any reason why you shouldn't edit the file manually? There is no difference with whether you add it by hand or use the usermod commands, at least as far as I knew. |
You can edit the files manually, but you need to use tools that will place a lock on the file to prevent other files/users from writing to the file at the same time and corrupting things. This isn't so much of an issue when you're on a single-user system where there's little chance that multiple people will be accessing the file at the same time. However, it's still a smart idea to get in the habit of using the correct tools/methods.
man vipw and man vigr for more info or search google.
--kurt
_________________
The problem with political jokes is that they get elected |
|
| Back to top |
|
|
Mnemia
Guru
Joined: 17 May 2002
Posts: 476
|
| Posted: Thu Oct 24, 2002 7:44 pm Post subject: |
|
|
| klieber wrote: | | Mnemia wrote: | | Pardon my ignorance, but why exactly is there any reason why you shouldn't edit the file manually? There is no difference with whether you add it by hand or use the usermod commands, at least as far as I knew. |
You can edit the files manually, but you need to use tools that will place a lock on the file to prevent other files/users from writing to the file at the same time and corrupting things. This isn't so much of an issue when you're on a single-user system where there's little chance that multiple people will be accessing the file at the same time. However, it's still a smart idea to get in the habit of using the correct tools/methods.
man vipw and man vigr for more info or search google.
--kurt |
Cool, thanks for explaining that. That makes sense. |
|
| Back to top |
|
|
|
Networking & Security
