Completing Installation
After a successful build, install the server
using the following steps:
- Copy SSHEXEC.COM, SSH_LOGIN.COM, and SSH_LOGINOUT.EXE to the directory
containing the command procedure pointed to by the SYS$SYLOGIN.COM logical,
setting protection on these files to world read+execute.
- Invoke the ssh_server_startup.com command procedure with a P1 value
of "INITIAL_KEY" to cause it to generate the 2 RSA private key files hkey.pem
and skey.pem. You may alternatively generate these files using SSLeay's
genrsa utility, the key lengths must differ by at least 256 bits and the
files must NOT be password protected. Move these files to sys$manager and
protect against access by non-privileged users.
- Modify your system startup procedures to invoke ssh_server_startup.com
during boot and to install ssh_loginout.exe with sysprv. Install
ssh_loginout.exe manually now as well if you plan to start the server without
rebooting the system.
- Modify sys$sylogin procedure to include ssh_login.com so that logins via
SSH mimic the informational displays of conventional logins and correctly
assign DECwindows display devices when X11 forwarding requested.
- Edit the ssh_parameters.dat parameter
file to customize for your site. You should change the 'host_key' and
'server_key' key lines to reflect the sys$manager location of the key
files.
- Test the server by invoking ssh_server_startup.com with a P1 value of
test. While running in test mode, attempt to login to the server from an
SSH client. The output lines written to sys$output during test mode
are written to ssh_server.log during normal (detached) server operation.
- Start a detached server by invoking ssh_server_startup.com with no
parameters.