]>
Commit | Line | Data |
---|---|---|
e9976690 | 1 | $Id$ |
2 | ||
3 | howto: | |
4 | 1) generate server key: | |
5 | $ ssh-keygen -d -f /etc/ssh_host_dsa_key -N '' | |
6 | 2) enable ssh2: | |
7 | server: add 'Protocol 2,1' to /etc/sshd_config | |
8 | client: ssh -o 'Protocol 2,1', or add to .ssh/config | |
9 | 3) DSA authentication similar to RSA (add keys to ~/.ssh/authorized_keys2) | |
10 | interop w/ ssh.com dsa-keys: | |
11 | ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2 | |
12 | and vice versa | |
13 | ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub | |
14 | echo Key mykey.pub >> ~/.ssh2/authorization | |
15 | ||
16 | works: | |
17 | secsh-transport: works w/o rekey | |
e9976690 | 18 | secsh-userauth: passwd and pubkey with DSA |
19 | secsh-connection: pty+shell or command, flow control works (window adjust) | |
20 | tcp-forwarding: -L works, -R incomplete | |
21 | x11-fwd | |
22 | dss/dsa: host key database in ~/.ssh/known_hosts2 | |
b5e300c2 | 23 | ssh-agent: supports SSH1-RSA and ssh-dss keys |
e9976690 | 24 | client interops w/ sshd2, lshd |
25 | server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT, F-Secure SSH Client 4.0, SecureFX (secure ftp) | |
26 | server supports multiple concurrent sessions (e.g. with SSH.com Windows client) | |
b5e300c2 | 27 | server supports SFTP (interops with ssh.com's windows, sftp2, scp2) |
e9976690 | 28 | todo: |
b5e300c2 | 29 | RE-KEYING |
e9976690 | 30 | secsh-connection features: |
b5e300c2 | 31 | complete tcp-forwarding, agent-fwd |
e9976690 | 32 | auth other than passwd, and DSA-pubkey: |
b5e300c2 | 33 | keyboard-interactive, (PGP-pubkey?), kerberos |
e9976690 | 34 | config |
35 | server-auth w/ old host-keys | |
36 | cleanup | |
37 | advanced key storage? | |
38 | keynote | |
e9976690 | 39 | |
40 | -markus | |
41 | $Date$ |