SSH2

Matt Wolinski mwolinski at mimecom.com
Fri Sep 8 07:38:09 EST 2000


I've installed and configured openssh 2.1.1p4.  It's working great,
however, I've been asked to implement SSH2 functionality.  I have a
question with the README.openssh2 file.  It says that all I need to do
is:

howto:
        1) generate server key:
                $ ssh-keygen -d -f /etc/ssh_host_dsa_key -N ''
        2) enable ssh2:
                server: add 'Protocol 2,1' to /etc/sshd_config
                client: ssh -o 'Protocol 2,1', or add to .ssh/config
        3) DSA authentication similar to RSA (add keys to
~/.ssh/authorized_keys

During my install I already created the server key.   So I should only
need to update the /etc/sshd_config file on each of my
servers.....correct?

Will I need to have each user update their ~/.ssh/config files also???
The server/client part confused me.  When I installed openssh on each
server, I did the same procedures.

I assume that I'll need to restart the sshd daemon on each
system....correct?

As far as the DSA authentication file, can I put a
/etc/ssh_authorized_keys file which contains the keys for all
servers????  Or does each user need to have their own
~/.ssh/authorized_keys file.  I would think that this should work the
same way as the known_hosts file........is that correct?

My last question has to do with the ssh command.  I assume that after
this change the ssh command will start using the protocal 2 rather than
protocol 1.3 or 1.5.  I know that some comercial distributions of SSH
come with a ssh2 command as well as an ssh command (that way you can
choose which to use).  I don't care about that.....I just wanted to
verify that after the config file change.....it'll start using the ssh2
protocol when I run the ssh command.

Thank you in advance for answering my questions.

Cheers, Matt






More information about the openssh-unix-dev mailing list