AIX系统下openssh服务的安装
bash-3.00# smitty installp //键入此命令
Install Software
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* INPUT device / directory for software /soft //软件路径
* SOFTWARE to install [pware53.openssh > + //软件名称
PREVIEW only? (install operation will NOT occur) no +
COMMIT software updates? yes +
SAVE replaced files? no +
AUTOMATICALLY install requisite software? yes +
EXTEND file systems if space needed? yes +
OVERWRITE same or newer versions? no +
VERIFY install and check file sizes? no +
Include corresponding LANGUAGE filesets? yes +
DETAILED output? no +
Process multiple volumes? yes +
ACCEPT new license agreements? yes + //接受协议
PREVIEW new LICENSE agreements? no +
F1=Help lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk4=List
Esc+5=Reset x Running command... xsc+8=Image
Esc+9=Shell mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj
COMMAND STATUS
Command: running stdout: yes stderr: no
Before command completion, additional instructions may appear below.
[MORE...15]
Problems described in this section are not likely to be the source of any
immediate or serious failures, but further actions may be necessary or
desired.
Already Installed
-----------------
The number of selected filesets that are either already installed
or effectively installed through superseding filesets is 1. See
the summaries at the end of this installation for details.
NOTE: Base level filesets may be reinstalled using the "Force"
option (-F flag), or they may be removed, using the deinstall or
"Remove Software Products" facility (-u flag), and then reinstalled.
<< End of Warning Section >>
+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
------------------
1 Selected to be installed, of which:
1 Already installed (directly or via superseding filesets)
----
0 Total to be installed
Pre-installation Failure/Warning Summary
----------------------------------------
Name Level Pre-installation Failure/Warning
-------------------------------------------------------------------------------
pware53.openssh.rte 5.0.1.1 Already installed
[BOTTOM]
COMMAND STATUS
Command: OK stdout: yes stderr: no
Before command completion, additional instructions may appear below.
[TOP]
geninstall -I "a -cgNQqwXY -J" -Z -d /soft -f File 2>&1
File:
I:pware53.openssh.rte 5.0.1.1
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...
WARNINGS
--------
Problems described in this section are not likely to be the source of any
immediate or serious failures, but further actions may be necessary or
desired.
Already Installed
-----------------
The number of selected filesets that are either already installed
or effectively installed through superseding filesets is 1. See
the summaries at the end of this installation for details.
NOTE: Base level filesets may be reinstalled using the "Force"
option (-F flag), or they may be removed, using the deinstall or
"Remove Software Products" facility (-u flag), and then reinstalled.
<< End of Warning Section >>
+-----------------------------------------------------------------------------+
[MORE...18]
F1=Help F2=Refresh F3=Cancel Esc+6=Command
Esc+8=Image Esc+9=Shell Esc+0=Exit /=Find
n=Find Next
bash-3.00#
//启动sshd服务
bash-3.00# startsrc -s sshd
0513-085 The sshd Subsystem is not on file.
//查看ssh软件的状态
bash-3.00# lslpp -l | grep ssh
pware53.openssh.rte 5.0.1.1 COMMITTED OpenSSH 5.0p1
//查看ssh软件的安装位置
bash-3.00# lslpp -f | grep sshd
/opt/pware/share/man/man8/sshd.8
/opt/pware/etc/sshd_config.default
/opt/pware/sbin/sshd
/opt/pware/share/man/man5/sshd_config.5
//sshd 位于/opt/pware/sbin/ 目录下
//启动sshd服务
bash-3.00# /opt/pware/sbin/sshd
/opt/pware/etc/sshd_config: No such file or directory //无sshd_config文件
bash-3.00# cd /opt/pware/etc/
bash-3.00# ls
moduli pam.conf.example ssh_config.default sshd_config.default
//复制一份sshd_config文件
bash-3.00# cp sshd_config.default sshd_config
bash-3.00# /opt/pware/sbin/sshd
Privilege separation user sshd does not exist //sshd用户不存在
bash-3.00# useradd sshd
bash-3.00# /opt/pware/sbin/sshd
Could not load host key: /opt/pware/etc/ssh_host_rsa_key //不能加载主机密钥,需进行创建
Could not load host key: /opt/pware/etc/ssh_host_dsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
bash-3.00# find / -name ssh-keygen //查找ssh-keygen文件的目录
/opt/pware/bin/ssh-keygen
bash-3.00# cd /opt/pware/bin
bash-3.00# ls
autopoint gettextize msguniq
bash gfortran ngettext
bashbug gjnih openssl
c++ gss-client powerpc-ibm-aix5.3.0.0-c++
c_rehash iconv powerpc-ibm-aix5.3.0.0-g++
compile_et jcf-dump powerpc-ibm-aix5.3.0.0-gcc
cpp jv-scan powerpc-ibm-aix5.3.0.0-gcc-4.2.4
db_archive kdestroy powerpc-ibm-aix5.3.0.0-gcj
db_checkpoint kinit powerpc-ibm-aix5.3.0.0-gcjh
db_deadlock klist powerpc-ibm-aix5.3.0.0-gfortran
db_dump kpasswd rcp
db_hotbackup krb5-config recode-sr-latin
db_load krb524init rlogin
db_printlog ksu rsh
db_recover kvno sclient
db_stat msgattrib scp
db_upgrade msgcat sftp
db_verify msgcmp sim_client
envsubst msgcomm slogin
ftp msgconv ssh
g++ msgen ssh-add
gcc msgexec ssh-agent
gccbug msgfilter ssh-keygen
gcj msgfmt ssh-keyscan
gcjh msggrep telnet
gcov msginit uuclient
gettext msgmerge v4rcp
gettext.sh msgunfmt xgettext
bash-3.00# /opt/pware/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (//.ssh/id_rsa): /opt/pware/etc/ssh_host_rsa_key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /opt/pware/etc/ssh_host_rsa_key.
Your public key has been saved in /opt/pware/etc/ssh_host_rsa_key.pub.
The key fingerprint is:
0a:f2:6a:1b:03:83:c1:71:74:6c:12:e8:13:4f:2b:84 root@p_520_a
bash-3.00# /opt/pware/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (//.ssh/id_dsa): /opt/pware/etc/ssh_host_dsa_key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /opt/pware/etc/ssh_host_dsa_key.
Your public key has been saved in /opt/pware/etc/ssh_host_dsa_key.pub.
The key fingerprint is:
e3:da:6c:0a:50:8f:a9:ae:73:e5:74:5c:a7:1b:d0:27 root@p_520_a
bash-3.00# /opt/pware/sbin/sshd
Missing privilege separation directory: /var/empty //丢失特权分离目录
bash-3.00# mkdir -p /var/empty
bash-3.00# /opt/pware/sbin/sshd //启动sshd服务
bash-3.00# netstat -an | grep 22 //查看sshd监听端口22
tcp4 0 0 *.22 *.* LISTEN
tcp4 0 52 192.168.0.250.22 192.168.0.125.2427 ESTABLISHED
udp4 0 0 *.2279 *.*