1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
$Id: README.openssh2,v 1.9 2000/08/31 21:56:03 markus Exp $
howto:
1) generate server key:
$ ssh-keygen -d -f /etc/ssh_host_dsa_key -N ''
2) enable ssh2:
server: add 'Protocol 2,1' to /etc/sshd_config
client: ssh -o 'Protocol 2,1', or add to .ssh/config
3) DSA authentication similar to RSA (add keys to ~/.ssh/authorized_keys2)
interop w/ ssh.com dsa-keys:
ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2
and vice versa
ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub
echo Key mykey.pub >> ~/.ssh2/authorization
works:
secsh-transport: works w/o rekey
secsh-userauth: passwd and pubkey with DSA
secsh-connection: pty+shell or command, flow control works (window adjust)
tcp-forwarding: -L works, -R incomplete
x11-fwd
dss/dsa: host key database in ~/.ssh/known_hosts2
ssh-agent: supports SSH1-RSA and ssh-dss keys
client interops w/ sshd2, lshd
server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT, F-Secure SSH Client 4.0, SecureFX (secure ftp)
server supports multiple concurrent sessions (e.g. with SSH.com Windows client)
server supports SFTP (interops with ssh.com's windows, sftp2, scp2)
todo:
RE-KEYING
secsh-connection features:
complete tcp-forwarding, agent-fwd
auth other than passwd, and DSA-pubkey:
keyboard-interactive, (PGP-pubkey?), kerberos
config
server-auth w/ old host-keys
cleanup
advanced key storage?
keynote
-markus
$Date: 2000/08/31 21:56:03 $
|