Configuring OpenSSH on Solaris 8

Published   Read time 1 min 42 sec(s)   (2566 views).  Solaris  

Secure shell (SSH) is a protocol that provides a secure, remote connection to any device with ssh support. SSH provides more security to any data that is being transported to the Internet by providing more authentication, encryption and authorization procedures.

Solaris 8 doesn't come with the SSH and SFTP like features, to enable these we have to configure and install a third party package OpenSSH.

The packages need to be on the system to use ssh properly are openssl, openssh, zlib and libgcc .All the packages are freely available on www.sunfreeware.com.

UPDATE 04/02/2016 Previously you could simply download the compiled packages from www.sunfreeware.com. However, the site no longer provides these packages :-( All is not lost, as you can now download from the OpenCSW website.

Installation

  1. Install the random patch for Solaris 8 (updates /dev/random). Without it you will get PRNG is not seeded error. (patch id: 112438-03 for Sparc, 112439-02 for X86)
  2. Download the CSWpkgutil package and install: 
    # wget http://mirror.opencsw.org/opencsw/pkgutil.pkg
# pkgadd -d pkgutil.pkg all
  3. To upgrade packages, run: 
    # /opt/csw/bin/pkgutil -U -u -y
  4. Now that you have a functional pkgutil, you can use it to build your package stream with dependencies. You can then use the following command (split into multiple lines for readability), as a regular user: 
    # pkgutil \
  --stream \
  --target=sparc:5.8 \
  --output openssh.pkg \
  --yes \
  --download \
  osshclient ossh
  5. The resulting package stream will be placed in the ~/.pkgutil/packages directory.
  6. You can then transfer it to your target machines and install packages from it. You need to install the packages in the right order; pkgutil will print that order out when it finishes creating the package stream
  7. If you prefer, you can download the individial packages (10 in total). and install them in the following order to resolve all dependencies:
    • CSWpkgutil
    • CSWcommon
    • CSWzlib
    • CSWcswclassutils
    • CSWcacertificates
    • CSWtcpwrap
    • CSWkrb5lib
    • CSWosslrt
    • CSWosshclient
    • CSWossh
  8. Once installed reboot the Solaris 8 branded zone in order for both the SSL and SSH to become active.
  9. Remember to add /opt/csw/bin to your $PATH