[csw-users] New OpenSSH

Dennis Clarke dclarke at blastwave.org
Thu Aug 23 20:56:50 CEST 2007 

Okay .. I have tested this on Solaris 8 and 10 on Sparc and x86 and it seems
to work just fine.  One exception is that on Solaris 10 x86 I saw that the
installation resulted in the Sun OpenSSH service still running at the same
time that the CSW OpenSSH service was running. I think we do need to pick
one and only one after install.

This is even working on Solaris 8 sun4m :

SPARCstation 20 MP (4 X RT625), No Keyboard
ROM Rev. 2.25R hyperSPARC, 256 MB memory installed, Serial #3547448.
Ethernet address 8:0:20:21:b3:39, Host ID: 72362138.



Rebooting with command:
Boot device: /iommu/sbus/espdma at f,400000/esp at f,800000/sd at 3,0  File and args:
SunOS Release 5.8 Version Generic_117350-47 32-bit
Copyright 1983-2003 Sun Microsystems, Inc.  All rights reserved.
WARNING: forceload of misc/md_trans failed
WARNING: forceload of misc/md_raid failed
WARNING: forceload of misc/md_hotspares failed
WARNING: forceload of misc/md_sp failed
configuring IPv4 interfaces: qe0.
Hostname: fossil
The system is coming up.  Please wait.
checking ufs filesystems
/dev/rdsk/c0t1d0s5: is clean.
/dev/md/rdsk/d7: is logging.
/dev/md/rdsk/d5: is logging.
.
.
.

etc etc


and then from another machine

$ ping fossil
fossil is alive

$ /opt/csw/bin/ssh -2 -4 -e\^ -l dclarke -c aes256-cbc -v fossil
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /opt/csw/etc/ssh/ssh_config
debug1: Connecting to fossil [192.168.35.251] port 22.
debug1: Connection established.
debug1: identity file /export/home/dclarke/.ssh/id_rsa type -1
debug1: identity file /export/home/dclarke/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6
debug1: match: OpenSSH_4.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-cbc hmac-md5 none
debug1: kex: client->server aes256-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'fossil' is known and matches the RSA host key.
debug1: Found key in /export/home/dclarke/.ssh/known_hosts:4
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
---------------------------------------------------------------------------
    Sun Microsystems Inc. SunOS 5.8     Generic Patch     February 2004

                       Solaris 8 2/04 s28s_hw4wos_05a SPARC
           Copyright 2004 Sun Microsystems, Inc.  All Rights Reserved.
                            Assembled 08 January 2004

    SunOS fossil 5.8 Generic_117350-47 sun4m sparc SUNW,SPARCstation-20
--------------------------------------------------------------------------
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /export/home/dclarke/.ssh/id_rsa
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/export/home/dclarke/.ssh/id_rsa':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
Last login: Thu Aug 23 14:44:20 2007 from pluto
---------------------------------------------------------------------------
    Sun Microsystems Inc. SunOS 5.8     Generic Patch     February 2004

                       Solaris 8 2/04 s28s_hw4wos_05a SPARC
           Copyright 2004 Sun Microsystems, Inc.  All Rights Reserved.
                            Assembled 08 January 2004

    SunOS fossil 5.8 Generic_117350-47 sun4m sparc SUNW,SPARCstation-20
--------------------------------------------------------------------------
$

$ uname -a
SunOS fossil 5.8 Generic_117350-47 sun4m sparc SUNW,SPARCstation-20

$ debug1: need rekeying
debug1: SSH2_MSG_KEXINIT sent
debug1: rekeying in progress
debug1: rekeying in progress
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-cbc hmac-md5 none
debug1: kex: client->server aes256-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'pluto' is known and matches the RSA host key.
debug1: Found key in /export/home/dclarke/.ssh/known_hosts:5
debug1: ssh_rsa_verify: signature correct
debug1: set_newkeys: rekeying
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: set_newkeys: rekeying
debug1: SSH2_MSG_NEWKEYS received

$

Its not quick but it works even with aes256-cbc ciphers.

then again ..nothing is quick on a Sparc 20.  Except may be old 8-bit DOOM.
-
Dennis Clarke

More information about the users mailing list