Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: AIX 6.1 - openssh - problem
Operating Systems AIX AIX 6.1 - openssh - problem Post 302371841 by bieszczaders on Monday 16th of November 2009 10:56:12 AM
Old 11-16-2009
Quote:
Originally Posted by Neo
And what was your solution?
My mistake. I unarchived openssl.tar.Z and openssh.tar.Z in the same directory. When i unarchived packages in various directory installation complete success Smilie
 

10 More Discussions You Might Find Interesting

1. AIX

openSSH for AIX

Has anyone installed openSSH, or any alternate ssh on AIX 5.1 if so is there a web site with quick guide of do's and don'ts for installation / setup that can be recommended. Is it a straightforward install ? (2 Replies)
Discussion started by: gefa
2 Replies

2. AIX

AIX 4.3 Openssh 3.7.1.0 Operation

I am new/just getting used to this group (Unix Forums), but did search around. I saw a listing for "openssh for AIX" in which a response indicated a link was posted in the original post, but I couldn't find that link or another "original post", so first, if someone could enlighten me why I couldn't... (2 Replies)
Discussion started by: ripley
2 Replies

3. AIX

OPENSSH and PRNGD with AIX 4.3.3

I am running openssl-0.9.6g-3 and prngd-0.9.23-3 on AIX 4.3.3. When I tried to initiate a SSH session, it hang at the "ssh-rand-helper" command. I then get a source copy of ssh-rand-helper.c from openssh-3.8p1 to debug it and found that it hung during the function call "RAND_bytes(seed,... (3 Replies)
Discussion started by: flockofseagull
3 Replies

4. AIX

how to install openSSH in AIX 5.3?

Guys I need to install openSSH on AIX 5.3? First problem is : i am unable to find openSSH 3.8.1 freeware on the net ?pls pass on any links if you have. Second problem is : installation.Although i know how to install rpm packages,installing SSH is bit diffrent.But that second issue. Can... (16 Replies)
Discussion started by: ak835
16 Replies

5. AIX

openssh 5.0 with aix 5.3

Hi All, I upgraded my openssh to 5.0. Now I need to modify the sshd_config file to my company's new policy. My problem? There are two config file on my system: /usr/local/etc/sshd_config and /etc/ssh/sshd_config Which should I edit? Please help. Thanks. (1 Reply)
Discussion started by: itik
1 Replies

6. AIX

AIX 6.1 and OpenSSH

Hi, First of all, I wanted to try AIX and purchased a rs6000 from ebay with AIX6.1 installed. My plan is to lear AIX, but I need to install ssh on the machine for the remote access. The point is that I have seen nowhere a how'to or something. Can you please give me some advices? ... (11 Replies)
Discussion started by: aixn00b
11 Replies

7. AIX

AIX 5.x OpenSSH choot and non-root owned

Good day. I was looking at implementing a chroot environment using openssh. I know I can use the sshd_config file and dictate that it is to use chroot for a specific directory for a user/group. However, the issue with this is that it is has to be root owned. To my knowledge, there is no mount... (0 Replies)
Discussion started by: smurphy_it
0 Replies

8. AIX

Troubleshooting OpenSSH 6.2 Install on AIX 7.1

*SOLVED. please see edit at bottom* Hello, I have a freshly installed AIX 7.1 that I would like to enable SSH on. I believe I need OpenSSH and OpenSSL to do this. OpenSSL was already installed, so I moved onto installing OpenSSH. I downloaded OpenSSH 6.2 from this site that claims support... (0 Replies)
Discussion started by: bstring
0 Replies

9. AIX

OpenSSH update in AIX

Hi, We have 4 vulnerabilities in our AIX servers and the files to be installed are as follows: File to be installed OpenSSH_6.0.0.6102 OpenSSH_6.0.0.6107 OpenSSH_6.0.0.6110 Openssh_fix8 My question is, can we install the Openss_fix8 directly to resolve all the issues or should we... (2 Replies)
Discussion started by: gshari.89
2 Replies

10. AIX

Openssh install failed on AIX 6.1

im new to aix... my task is suppose to be simple. install openssh i followed this article: Installing OpenSSH and OpenSSL on AIX 6.1 | Keymon's snippets and brushstrokes when i try to start the sshd service with the command: "startsrc -s sshd" im getting an error saying: "the sshd subsystem... (6 Replies)
Discussion started by: guy3145
6 Replies

LEARN ABOUT CENTOS

ssh_keysign_selinux

ssh_keysign_selinux(8)					    SELinux Policy ssh_keysign					    ssh_keysign_selinux(8)

NAME

       ssh_keysign_selinux - Security Enhanced Linux Policy for the ssh_keysign processes

DESCRIPTION

       Security-Enhanced Linux secures the ssh_keysign processes via flexible mandatory access control.

       The  ssh_keysign  processes execute with the ssh_keysign_t SELinux type. You can check if you have these processes running by executing the
       ps command with the -Z qualifier.

       For example:

       ps -eZ | grep ssh_keysign_t

ENTRYPOINTS

       The ssh_keysign_t SELinux type can be entered via the ssh_keysign_exec_t file type.

       The default entrypoint paths for the ssh_keysign_t domain are the following:

       /usr/lib/openssh/ssh-keysign, /usr/libexec/openssh/ssh-keysign

PROCESS TYPES

       SELinux defines process types (domains) for each process running on the system

       You can see the context of a process using the -Z option to ps

       Policy governs the access confined processes have to files.  SELinux ssh_keysign policy is very flexible  allowing  users  to  setup  their
       ssh_keysign processes in as secure a method as possible.

       The following process types are defined for ssh_keysign:

       ssh_keysign_t

       Note:  semanage	permissive -a ssh_keysign_t can be used to make the process type ssh_keysign_t permissive. SELinux does not deny access to
       permissive process types, but the AVC (SELinux denials) messages are still generated.

BOOLEANS

       SELinux policy is customizable based on least access required.  ssh_keysign policy is extremely flexible  and  has  several  booleans  that
       allow you to manipulate the policy and run ssh_keysign with the tightest access possible.

       If you want to allow host key based authentication, you must turn on the ssh_keysign boolean. Disabled by default.

       setsebool -P ssh_keysign 1

       If  you	want  to  deny	any  process  from ptracing or debugging any other processes, you must turn on the deny_ptrace boolean. Enabled by
       default.

       setsebool -P deny_ptrace 1

       If you want to allow all domains to use other domains file descriptors, you must turn on the domain_fd_use boolean. Enabled by default.

       setsebool -P domain_fd_use 1

       If you want to allow all domains to have the kernel load modules, you must turn on  the	domain_kernel_load_modules  boolean.  Disabled	by
       default.

       setsebool -P domain_kernel_load_modules 1

       If you want to allow all domains to execute in fips_mode, you must turn on the fips_mode boolean. Enabled by default.

       setsebool -P fips_mode 1

       If you want to enable reading of urandom for all domains, you must turn on the global_ssp boolean. Disabled by default.

       setsebool -P global_ssp 1

       If you want to allow confined applications to use nscd shared memory, you must turn on the nscd_use_shm boolean. Enabled by default.

       setsebool -P nscd_use_shm 1

FILE CONTEXTS

       SELinux requires files to have an extended attribute to define the file type.

       You can see the context of a file using the -Z option to ls

       Policy  governs	the  access  confined  processes have to these files.  SELinux ssh_keysign policy is very flexible allowing users to setup
       their ssh_keysign processes in as secure a method as possible.

       STANDARD FILE CONTEXT

       SELinux defines the file context types for the ssh_keysign, if you wanted to store files with these types in a diffent paths, you  need	to
       execute the semanage command to sepecify alternate labeling and then use restorecon to put the labels on disk.

       semanage fcontext -a -t ssh_keysign_exec_t '/srv/ssh_keysign/content(/.*)?'
       restorecon -R -v /srv/myssh_keysign_content

       Note: SELinux often uses regular expressions to specify labels that match multiple files.

       The following file types are defined for ssh_keysign:

       ssh_keysign_exec_t

       - Set files with the ssh_keysign_exec_t type, if you want to transition an executable to the ssh_keysign_t domain.

       Paths:
	    /usr/lib/openssh/ssh-keysign, /usr/libexec/openssh/ssh-keysign

       Note:  File context can be temporarily modified with the chcon command.	If you want to permanently change the file context you need to use
       the semanage fcontext command.  This will modify the SELinux labeling database.	You will need to use restorecon to apply the labels.

COMMANDS

       semanage fcontext can also be used to manipulate default file context mappings.

       semanage permissive can also be used to manipulate whether or not a process type is permissive.

       semanage module can also be used to enable/disable/install/remove policy modules.

       semanage boolean can also be used to manipulate the booleans

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was auto-generated using sepolicy manpage .

SEE ALSO

       selinux(8), ssh_keysign(8), semanage(8), restorecon(8), chcon(1), sepolicy(8) , setsebool(8)

ssh_keysign							     14-06-10						    ssh_keysign_selinux(8)
All times are GMT -4. The time now is 01:16 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy