Installing OpenSSH on AIX - Update
Date: August 22, 2005OpenSSH is a freeware tool that provides a secure, industry accepted alternative to the "r-commands",telnet and ftp. The download location and installation procedure have changed numerous times. The currentprocedure requires two steps:First install the prereq OpenSSL libraries. The "rpm" install file can be found on the "Linux Toolbox for AIX"CD or downloaded from the web athttps://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixtbx&S_PKG=dlaixww I recommend downloading from the website to ensure you get the most current version and one that is iscompatible with the current OpenSSH version. You'll need to register to do the download. It's painless.Second, install OpenSSH. The install file can be downloaded fromhttp://sourceforge.net/projects/openssh-aix For more information seehttp://www-128.ibm.com/developerworks/eserver/articles/openssh_aix.html http://www.openssh.org Finally if you want to use "ssh" with your PC, you'll need the client code. I use "putty", which can be found athttp://www.chiark.greenend.org.uk/~sgtatham/putty/
Archive
Date: September 9, 2003Security concerns are common to all operating systems (not just Windows). Two common exposures are the
telnet
and
ftp
commands. Both commands transmit the password over the network in clear text, making ittrivial for a hacker to capture and use the password to gain entry.One alternative is the public domain
openSSH
tool (secure shell). It provides secure remote login and filetransfer. You should consider installing it (or equivalent) on all servers, especially those connected to apublic network. The attached filedescribes how to obtain and install SSH on AIX.
Documentation for SSH can be found at the website:http://www.openssh.org Update May 2005:Download OpenSSH Finally, I use PuTTY on my Windows PC. PuTTY is freeware implementation SSH for Win32 platforms. Itcan be downloaded from:http://www.chiark.greenend.org.uk/~sgtatham/putty
Installing openSSH on AIX
This document describes the procedure for installing openSSH on AIX 4.3.3 and 5.1.
Installing OpenSSH on AIX 4.3.3
At 4.3.3., the openSSH is installed using the RPM format packages, not by using installp format which isavailable at 5.1. and 5.2. In this procedure, you need to follow these three steps:
1.Installing the prerequisite filesets.2.Downloading the rpm packages.3.Installing the prerequisite rpm packages openSSH rpm packages.1.
Installing the prerequiste filesets.
The filesets
rpm.rte
and
perl.rte
are required to be installed prior to installing the rpm packages.The
rpm.rte
fileset can be found at the following:
Linux Toolbox CD or Linux Toolbox Websitehttp://www-1.ibm.com/servers/aix/products/aixos/linux/download.html
The filesets can be installed using
smitty installp
.2.
Downloading the rpm packages.
The
rpm
packages can be downloaded from the following website:http://www-1.ibm.com/servers/aix/products/aixos/linux/download.html Once on that page, the
prngd
(Psuedo Random Number Generator Daemon) daemon and the
zlib
compression and decompression library can be downloaded. These are the prerequistes for installing the
openssl rpm
package. These are
prngd-0.9.23-2.aix4.3.ppc.rpm
and
zlib-1.1.4-1.aix4.3.ppc.rpm
respectively.Then click
AIX TOOLbox Cryptographic Content
on the sorted content download in theupper right area and then register yourself, if you are not already a registered user. Then click on
Accept License
button at the bottom of the panel that appears and then you are ready todownload the
openssl
and
openssh rpm
packages which are:
openssl-0.9e-2.aix4.3.ppc.rpmopenssl-devel-0.9.6e-2.aix4.3.ppc.rpmopenssl-doc-0.9.6e-2.aix4.3.ppc.rpmopenssh-3.4p1-4.aix4.3.ppc.rpmopenssh-server-3.4p1-4.aix4.3.ppc.rpmopenssh-clients-3.4p1-4.aix4.3.ppc.rpm
3.
Installing the prerequisite rpm packages.
Once you have all the
rpm
files in the current directory, run the following commands to install them.
# rpm -i zlib-1.1.4-1.aix4.3.ppc.rpm# rpm -i prngd-0.9.23-2.aix4.3.ppc.rpm# rpm -i openssl-0.9e-2.aix4.3.ppc.rpm# rpm -i openssl-devel-0.9.6e-2.aix4.3.ppc.rpm# rpm -i openssl-doc-0.9.6e-2.aix4.3.ppc.rpm# rpm -i openssh-3.4p1-4.aix4.3.ppc.rpm# rpm -i openssh-server-3.4p1-4.aix4.3.ppc.rpm# rpm -i openssh-clients-3.4p1-4.aix4.3.ppc.rpm
Sometimes you may get the
error: failed dependencies
error while trying to install the
openssl
packages. In that case, run the following command:
# rpm -i --nodeps openssl-0.9.6e-2.aix4.3.ppc.rpm
The following command can be run to update the AIX-rpm:
# /usr/sbin/updtvpkg
The
prngd
needs to be installed before
openssl
and
openssh
, and
openssl
is the prerequiste for installing the
openssh rpm
packages. The
openssl-devel-0.9.6e-2.aix4.3.ppc.rpm
and the
openssl-doc-0.9.6e-2.aix4.3.ppc.rpm
are not the required packages for installing the openSSH.To verify that these packages are installed, run the following command:
# rpm -qa | egrep '(openssl|openssh|prng)'-->zlib-1.1.4-1prngd-0.9.23-2openssl-0.9.6e-2openssl-devel-0.9.6e-2
openssl-doc-0.9.6e-2openssh-3.4p1-4openssh-server-3.4p1-4openssh-clients-3.4p1-4
These packages are installed under the
/opt/freeware
directory, and several symbolic links arecreated in
/usr/bin
or
/usr/sbin
, as shown in the following example:
# ls -l /usr/bin/sshlrwxrwxrwx 1 root system 26 Oct 17 08:07 /usr/bin/ssh-> ../../opt/freeware/bin/ssh# ls -l /usr/sbin/sshdlrwxrwxrwx 1 root system 28 Oct 17 08:06 /usr/sbin/sshd-> ../../opt/freeware/sbin/sshd
Installing openSSH on 5.1
At 5.1., the installation of
openssh
itself is in
installp
format, but all the prerequisites (including
openssl
)can be installed using the same
rpm -i
commands (using the same 4.3.3.
rpm
packages).The
installp
format package can be downloaded from the following site:http://oss.software.ibm.com/developerworks/projects/opensshi.After installing the prerequisites using the following commands:
# rpm -i zlib-1.1.4-1.aix4.3.ppc.rpm# rpm -i prngd-0.9.23-2.aix4.3.ppc.rpm# rpm -i openssl-0.9e-2.aix4.3.ppc.rpm# rpm -i openssl-devel-0.9.6e-2.aix4.3.ppc.rpm# rpm -i openssl-doc-0.9.6e-2.aix4.3.ppc.rpm
Use
smitty installp
to install the
openssh
fileset extracted from the tar file
openssh34p1_51.tar
. Thefollowing filesets are needed to be extracted from the
tar
file to install openSSH.
openssh.base.clientopenssh.base.serveropenssh.licenseopenssh.man.en_USopenssh.msg.en_US
You also need to change the field for
Accept new License agreement
to
yes
in the smit panel or else the installation will fail.
# lslpp -l | grep ssh <-- you can see the fileset are installed.openssh.base.client 3.4.0.0 COMMITTED Open Secure Shell Commandsopenssh.base.server 3.4.0.0 COMMITTED Open Secure Shell Serveropenssh.license 3.4.0.0 COMMITTED Open Secure Shell Licenseopenssh.man.en_US 3.4.0.0 COMMITTED Open Secure Shellopenssh.msg.en_US 3.4.0.0 COMMITTED Open Secure Shell Messages -
You also need to change the field for
Accept new License agreement
to
yes
in the smit panel or else the installation will fail.
# lslpp -l | grep ssh <-- you can see the fileset are installed.openssh.base.client 3.4.0.0 COMMITTED Open Secure Shell Commandsopenssh.base.server 3.4.0.0 COMMITTED Open Secure Shell Serveropenssh.license 3.4.0.0 COMMITTED Open Secure Shell Licenseopenssh.man.en_US 3.4.0.0 COMMITTED Open Secure Shellopenssh.msg.en_US 3.4.0.0 COMMITTED Open Secure Shell Messages -openssh.base.client 3.4.0.0 COMMITTED Open Secure Shell Commandsopenssh.base.server 3.4.0.0 COMMITTED Open Secure Shell Server
In this case, you notice that the
ssh
commands are in the
/usr/bin
directory:
# ls -al /usr/bin/ssh-r-xr-xr-x 1 root system 503240 Sep 06 13:11 /usr/bin/ssh
of 00
Ssh Install
844 Reads
Info and Rating
| Category: | Uncategorized. |
| Rating: | |
| Upload Date: | 11/18/2009 |
| Copyright: | Attribution Non-commercial |
| Tags: |
Leave a Comment