[8768] in Info-AFS_Redistribution
Re: Openssh on solaris 2.5.1
daemon@ATHENA.MIT.EDU (Peter Scott)
Wed Dec 12 20:59:48 2001
Message-Id: <4.3.2.7.2.20011212175101.00b427e0@mail2a.jpl.nasa.gov>
Date: Wed, 12 Dec 2001 17:55:17 -0800
To: "ERIC K. CHEU" <ekcheu@uncg.edu>
From: Peter Scott <Peter.J.Scott@jpl.nasa.gov>
Cc: info-afs@transarc.com
In-Reply-To: <Pine.GSO.3.96.1011212153633.19957A-100000@supernova.uncg.e
du>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 03:46 PM 12/12/01 -0500, ERIC K. CHEU wrote:
>I've gotten openssh 3.02p1 and 3.01 to work on 2.5.1 2.6-2.8.
>The main difference in getting 2.6-2.8 to work is
>to use the pam modules. I also put a "setpag()" call before sshd forks
>off when a connectiong is made (this means adding a whole lot of
>libraries when compiling sshd, however).
>make sure you have rcmd.hostname in your kas database, and make the
>keys and passwords match what you put in the /etc/srvtab file (they don't
>have to match, but if they don't match, then ssh will continually ask
>for your password everytime you try to ssh into a machine).
I don't mind having to type my password whenever I login, I've been doing
that all along. But I don't like the idea of putting extra stuff in the
kas database, it's not mine and the folk who run it will rightly object to
special casing me.
I'm woefully ignorant of much of this - I'm just trying to upgrade from the
no-longer-secure SSH1. And the SSH1 sshd I've been running has never
needed changes to the kas database. So I'm puzzled as to why I should have
to start doing that with SSH2.
>kas create rcmd.hostname -admin whatever
>
>I compile with these flags:
>
>--prefix=
>--with-afs= path to afs library
>--with-kerberos4= path to kth kerberos library
>--with-ssl-dir= path to openssl library
>
>when you start doing the "Make", the compiler will barf several times
>(more than likely, unless you compiled kth and ssl differently than I
>did), in which you will have to manually compile those executables
>seperately. And have to rearrange the libraries differently then the
>way that the 'Makefile' does.
Yeah, I got that part.
--
Peter Scott
Peter.J.Scott@jpl.nasa.gov
