Yesterday I was installing SSH2 (2.4.0) on an Ultra10 station running
Solaris 7 in order to replace the previous version of SSH2 (2.0.13).
This was being done in an attempt to solve the problem with this machine
hosting scp2 callups, which resulted in error messages stating
scp2: warning: ssh_packet_wrapper_input: invalid packet
received: len1232347245
and a "hung" process that could be escaped only by ^C or (perhaps)
timeout. The callups had been from other machines running linux and
version 2.4.0, so I thought there was perhaps a compatibility problem.
I have four accounts on the Ultra10 and all of them need SSH2
capability. After downloading the source file as one of the users
(frysingj), I su'd to root and successfully ran configure, make, and
make install. I then ran ssh-keygen2 and ssh-pubkeymgr while su'd to
root. After exiting to my user persona (frysingj), I tested scp2 and got
warnings about the public key for frysingj being missing. I reran
ssh-keygen2 and ssh-pubkeymgr as frysingj and those warnings were no
longer received. However, I found I could scp2 out to the linux stations
but they could not scp2 in to the Ultra10, the same packet warning and
"hang" as above being the result. Also, I noticed that the host name in
my prompt line changed from the machine's host name to -s but it did not
occur to me that this was a big problem.
After logging out and taking a lunch break, I attempted to log back in
and found that the Ultra10 had major problems; apparently the hostname
in the computer had been lost or damaged. This problem prevents logins
either directly or remotely, by user or by root. We are currently
attempting to rebuild the file system without losing too much data since
our last backup. Nuts!
So I have a few questions:
1. Should I have installed SSH2 as root in order to allow all user
accounts to use it?
2. Should I have run the keygen and pubkeymgr scripts as root?
3. Assuming the answers to 1 and 2 are "yes", should each user account
run the keygen and pubkeymgr programs to build their own ~/.ssh2
contents?
[Aside: The online directions merely state that
after installation, one should "set up the following
files". It is not clear to me whether those actions
should be done as root or as a user nor, in all
cases, just how one does set them up--other than
running the keygen and pubkeymger scripts.]
4. How can I safely install SSH2 without killing the Solaris operating
system?
5. Since the packet length problem is apparently NOT due to
incompatibility between 2.4.0 and previous versions of SSH2, what causes
it and how can it be fixed?
I hope someday to get past all this exercise as a unix system
administrator and security manager to get back to doing the meteorology
research I intended to do in the first place.
Jim Frysinger
also at: [EMAIL PROTECTED]
http://www.cofc.edu/~frysingj
--
Metric Methods(SM) "Don't be late to metricate!"
James R. Frysinger, CAMS http://www.metricmethods.com/
10 Captiva Row e-mail: [EMAIL PROTECTED]
Charleston, SC 29407 phone/FAX: 843.225.6789
