Setting up HP Nonstop OpenSSH (ITUG OpenSSH distribution)

Posted by faizel isaacs on June 5th, 2009 filed in HP NonStop Application Support

http://nonstop-sysadmin.blogspot.com/2008/08/installing-openssh-on-nonstop.html

 

 

 

RESOURCES:

 

HP Nonstop E-Services portal
https://onepoint.nonstop.compaq.com/

International Tandem Users Group
ITUG

HP Nonstop newsgroup
Tandem newsgroup

Bowden Systems Inc (ISV with some free utilities available)
http://www.bsi2.com/

 

 

Setting up OpenSSH on Nonstop (ITUG OpenSSH distribution)

Notes:
1. Tested on H06.10
2. Keyboard interactive authentication does not work

Obtain the following 2 packages from the ITUG software library
prngd-0.9.27
openssh-3.7.1p2

- Install “prngd”

cd /tmp
uncompress nse-prngd.tar.Z
tar xvf nse-prngd.tar
cp prngd /usr/local/bin
mkdir -p /usr/local/etc/prngd
cp ./contrib/NONSTOP_KERNEL/prngd.conf /usr/local/etc/prngd/prngd.conf
mkdir -p /usr/local/var/run

- Make sure “$ZPLS” is started

gtacl -c ’scf status server $zpmon.#zpls’

- Create a start script for prngd

cat /usr/local/bin/start-prngd
#!/bin/sh
run nohup /usr/local/bin/prngd /usr/local/var/run/egd-pool temp.out&
sleep 10
exit

- Install OpenSSH

cd /
uncompress nse-openssh.tar.Z
tar xvf nse-openssh.tar

- Generate host keys.

ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N “”
ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N “”
ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N “”

- As super.super, add group “floss”, user “floss.sshd”, and alias “sshd” to the system. Not too sure what this is for, just following the readme.

gtacl -p safecom
=add user floss.sshd, 42,16, password password
=add alias sshd, floss.sshd, password password
=freeze user floss.sshd
=freeze alias sshd
=exit

- As super.super, set ownership and permissions on “/usr/local/var/empty”.

touch /usr/local/var/empty
chown super.super /usr/local/var/empty
chmod 755 /usr/local/var/empty

- As super.super, set ownership and permission on “/usr/local/bin/ssh”.

chown super.super /usr/local/bin/ssh
chmod 755 /usr/local/bin/ssh
chmod u+s /usr/local/bin/ssh

- As super.super, set contents, ownership and permission on
“/usr/local/etc/sshd_config”.

vi /usr/local/etc/sshd_config
> Change PasswordAuthentication to no.
> Change UsePrivilegeSeparation to no.
chown super.super /usr/local/etc/sshd_config
chmod 644 /usr/local/etc/sshd_config

- As super.super, set contents, ownership and permission on
“/usr/local/etc/ssh_config”.

vi /usr/local/etc/ssh_config
> Change RhostsAuthentication to yes.
> Add UsePrivilegedPort to yes.
chown super.super /usr/local/etc/ssh_config
chmod 644 /usr/local/etc/ssh_config

- Prepare a start script for sshd

cat /usr/local/sbin/start-sshd
#!/bin/sh
run nohup /usr/local/sbin/sshd temp.out 2>temp.out &
sleep 10
exit

Comments are closed.