VOICE Home Page: http://www.os2voice.org
[Newsletter Index]
[Previous Page] [Next Page]
[Features Index]

April 1999
editor@os2voice.org

"Installing SSH and SSHD for OS/2"

By: Adrian Gschwend - ktk@netlabs.org


This article describes how to install SSH (Secure Shell) and SSHD for OS/2, I wrote it because I had a lot of troubles until it worked. This is mainly because I don't know a lot about SSH and also because the OS/2 port (and the original version) is not very well documented!

SSH is a protocol like Telnet, you can control Servers over the TCP/IP protocol. The difference to Telnet is, that the connection through SSH is secure, it is something like SSL. You can get a copy of the OS/2 version at hobbes - ftp://hobbes.nmsu.edu/pub/os2/apps/internet/telnet/client/sshos203.zip, and more information about SSH is available at http://www.ssh.org and specifically on SSH for OS/2 at http://www.snafu.de/~hmstahl/ssh/sshos2.html.

The OS/2 port is free (at least the 1.x versions), V2.0 is commercial.
SSHD is the daemon process which is running on the server side.

First, let's start with the configuration, we need several config files first. I included several sample files in this package, note that the Unix-version uses long names, the OS/2 port not.

To run SSHD you need (%\mptn\etc means the directory you get if you enter SET ETC on a command line):

in your %\mptn\etc directory:
sshhkey => generate with ssh-keyg and point to
/mptn/etc/sshhkey
Do *not* enter a password for this file!
(just hit enter)
delete the sshhkey.pub-file, you don't need this one

sshd.cfg => take the file in the package and change if necessary
passwd => this is the most important auth-file. Take the sample
and change it for your needs.

sshrand.bin => will be created after first start
sshd.pid => will be created after first start

in your %\home\ssh directory:
authkeys => take the identity.pub files and copy the complete string
into this file. Use a new line if you want to enter more
than one user.

To run SSH you need:

in your %\mptn\etc directory:
ssh.cfg => take the file in the package and change if necessary

in your %home\ssh directory:
identity => generated with ssh-keyg, do *not* give away this file!
identity.pub => generated with ssh-keyg
copy the content of this file to the authkeys file of
the server you want to get access
known.hst => will be generated automatically

Now you should be able to use SSH on your machine. For sure SSH and SSHD should be in your PATH statement in CONFIG.SYS.

If you run SSHD on OS/2 you have to connect to the machine with:

SSH www.yourdomain.com CMD.EXE

If you do not use CMD.EXE SSH will do nothing because OS/2 is not providing a command line by default. For sure you can also use another command line interpreter like 4OS2.

The OS/2 port of SSHD is not very good, this is mainly because OS/2 was not designed as a multi user operating system. Until now there is no way to restrict access to special directories. If you allow to use SSH on your server, everyone with a valid key will be able to control the *whole* machine! So don't forget to use SSHD with care!

Also, ANSI-Support is not really working. Try it for example with TEDIT, you will notice that the output will run in the SSHD window on your server, not on your client!! I hope someone will fix this in a future version of SSHD, but as far as I know this is not very easy.

If you want to use ANSI you better choose the OS/2 Telnet, for sure this is not secure like SSH...

Also try the DIR xxx | MORE command, you will see that SSH does not send the correct strings and if you have to enter a key some programs will not work correctly, this can lock your SSH session.

Anyway, I'm happy that we have SSH for OS/2, even if it is not very well done.

If you have any questions or if you found a fault in this document you can contact me, but as I said, I'm not a master :-)

Have fun!

Adrian Gschwend
ktk@netlabs.org
http://www.netlabs.org


Features
editor@os2voice.org
[Previous Page ] [ Index] [Next Page
]
VOICE Home Page: http://www.os2voice.org