Table of ContentsView in Frames

Setting up and starting SSH

The SSH setup process involves creating host and server keys.

About this task

You can determine the size of the host and server keys by using the following guidelines:

If you are using SSH 1.x, the host key is stored in the /etc/sshd/ssh_host_key file.

If you are using SSH 2.0, the RSA host key is stored in the /etc/sshd/ssh_host_rsa_key file, and the DSA host key is stored in the /etc/sshd/ssh_host_dsa_key file.

Note: The setup procedure requires you to enter key sizes for the SSH 1.x and SSH 2.0 protocols, regardless of the protocol you use. For example, if you plan to use SSH 2.0, you still must enter values for the SSH 1.x host key and server key sizes. You can accept the default value for keys that you do not use.

Steps

  1. Enter the following command:
    secureadmin setup [-f] [-q] ssh

    The -f option forces setup to run even if the SSH server has already been configured.

    The -q option is the non-interactive mode for setting up SSH. See the na_secureadmin(1) man page for more information.

  2. When prompted, enter a size for the SSH 1.x host key.

    The default size for the host key is 768 bits.

  3. When prompted, enter a size for the SSH 1.x server key.

    The default size for the server key is 512 bits.

  4. When prompted, enter a size for the SSH 2.0 host keys.

    The default size for the host key is 768 bits.

  5. When prompted, confirm the parameters that you specified.

    SecureAdmin generates the host key in the background, and, after a minute or two, the setup program sends a syslog message announcing that SSH is set up.

  6. After the syslog message is generated, activate the host and server keys by entering the following command:
    secureadmin enable {ssh1|ssh2}

    Use ssh1 to enable SSH service for SSH 1.x clients or ssh2 to enable SSH service for SSH 2.0 clients.