+print "\n";
+
+makeConfDir();
+copyPRNGFile();
+$keyhash = determineKeys();
+runKeyGen($keyhash->{gen});
+copyKeyFiles($keyhash->{copy});
+copyConfigFiles();
+
+my $metadata = new Grid::GPT::Setup(package_name => "gsi_openssh_setup");
+
+$metadata->finish();
+
+print "\n";
+print "Additional Notes:\n";
+print "\n";
+print " o I see that you have your GLOBUS_LOCATION environmental variable\n";
+print " set to:\n";
+print "\n";
+print " \"$gpath\"\n";
+print "\n";
+print " Remember to keep this variable set (correctly) when you want to\n";
+print " use the executables that came with this package.\n";
+print "\n";
+print " After that you may execute, for example:\n";
+print "\n";
+print " \$ . \$GLOBUS_LOCATION/etc/globus-user-env.sh\n";
+print "\n";
+print " to prepare your environment for running the gsi_openssh\n";
+print " executables.\n";
+
+if ( !getPrivilegeSeparation() )
+{
+ print "\n";
+ print " o For System Administrators:\n";
+ print "\n";
+ print " If you are going to run the GSI-OpenSSH server, we recommend\n";
+ print " enabling privilege separation. Although this package supports\n";
+ print " this feature, your system appears to require some additional\n";
+ print " configuration.\n";
+ print "\n";
+ print " From the file README.privsep, included as a part of the OpenSSH\n";
+ print " distribution:\n";
+ print "\n";
+ print " When privsep is enabled, during the pre-authentication\n";
+ print " phase sshd will chroot(2) to \"/var/empty\" and change its\n";
+ print " privileges to the \"sshd\" user and its primary group. sshd\n";
+ print " is a pseudo-account that should not be used by other\n";
+ print " daemons, and must be locked and should contain a \"nologin\"\n";
+ print " or invalid shell.\n";
+ print "\n";
+ print " You should do something like the following to prepare the\n";
+ print " privsep preauth environment:\n";
+ print "\n";
+ print " \# mkdir /var/empty\n";
+ print " \# chown root:sys /var/empty\n";
+ print " \# chmod 755 /var/empty\n";
+ print " \# groupadd sshd\n";
+ print " \# useradd -g sshd -c 'sshd privsep' -d /var/empty \\\n";
+ print " -s /bin/false sshd\n";
+ print "\n";
+ print " /var/empty should not contain any files.\n";
+}
+
+print "\n";
+print " o For more information about GSI-Enabled OpenSSH, visit:\n";
+print " <http://www.ncsa.uiuc.edu/Divisions/ACES/GSI/openssh/>\n";
+