OpenSSH is a free opensource version of the SSH connectivity tools. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks unlike Telnet,rlogin or ftp where the data is not encrypted and transmitted in plain text. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.
Solaris 10 is by default installed with SSH server and the clients. However, if you have chosen to ignore SSH at the time of installation or have started the install with a minimal install then you may need to install OpenSSH manually.
The easiest way to install OpenSSH in Sun Solaris is to use the pre-compiled packages from sunfreeware.
The following are the packages that are required to be installed for OpenSSH to work properly in Solaris 10:
OpenSSL (Latest stable: openssl-0.9.8f)
ZLib (Latest stable: zlib-1.2.3)
GNU Compiler Collection (gcc Latest stable: libgcc-3.4.6)
TCPWrapper (Optional tcp_wrappers-7.6)
and OpenSSH itself (Latest Stable: openssh-4.7p1)
To start of, download the packages from the following sunfreeware.com links for sun solaris 10 Sparc:
Once done, upload the files onto the server so we can start to unzip the files and install.
Unzip and install gcc
solaris10# gunzip libgcc-3.4.6-sol9-sparc-local.gz
solaris10# pkgadd -d libgcc-3.4.6-sol9-sparc-local
Installation of <SMCgcc> was successful.
Unzip and install zlib
solaris10# gunzip zlib-1.2.1-sol9-sparc-local.gz
solaris10# pkgadd -d zlib-1.2.1-sol9-sparc-local
Installation of <SMCzlib> was successful.
Unzip and install OpenSSL
solaris10# gunzip openssl-0.9.8f-sol9-sparc-local.gz
solaris10# pkgadd -d openssl-0.9.8f-sol9-sparc-local
Installation of <SMCossl> was successful.
Unzip and install OpenSSH
solaris10# gunzip openssh-4.7p1-sol9-sparc-local.gz
solaris10# pkgadd -d openssh-4.7p1-sol9-sparc-local
The packages are now installed.
Create /var/empty directory
solaris10# mkdir /var/empty
Change directory ownership to Root user and sys group
solaris10# chown root:sys /var/empty
solaris10# chmod 755 /var/empty
Add sshd user & group
solaris10# groupadd ssh
solaris10# # useradd -g sshd -c ‘sshd privsep’ -d /var/empty -s /bin/false sshd
Edit the default /usr/local/sshd_config file and make the following changes:
Replace the line
Subsystem sftp /usr/libexec/sftp-server
Subsystem sftp /usr/local/libexec/sftp-server
Generate Keys for the server
solaris10# ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N “”
solaris10# ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N “”
solaris10# ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N “”
Enable OpenSSH server daemon sshd to run at the system startup
Edit /lib/svc/method/sshd file and change the path for the SSH DIR, KEYGEN & the start daemon as follows:
That is it. All done and ready to go. Try connecting to the server using a ssh client like PUTTY.