SSH Documentation

1. on client: # chown root:root /usr/local/bin/ssh
2. on client: # chmod u+s /usr/local/bin/ssh
3. on client: # ln -s /usr/local/etc/ssh_host_key /etc/ssh_host_key
   
   
4. on server: $ ssh -l user client
   server: $ ssh -l user client.women.net
   server: $ ssh -l user <ip-address of client>
   (ie: make sure client's ssh_host_key is in the users' .ssh/known_hosts on the server)
   
5. on server: make sure these values are set in /etc/sshd_config
   
   
   • IgnoreRhosts no
   • IgnoreRootRhosts yes
   • RhostsAuthentication no
   • RhostsRSAAuthentication yes
   • AllowSHosts client
   
   
6. on server: echo "client user" > ~user/.shosts
   
7. on server: chown user:group ~user ~user/.shosts
   
8. on server: chmod 0755 ~user
   
9. on server: chmod 0600 ~user/.shosts
   
10. on client: ssh -v -l user server
    The response should be:
    
    

    client: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
    client: Remote: Accepted by .shosts.
    client: Received RSA challenge for host key from server.
    client: Sending response to host key RSA challenge.
    client: Remote: Rhosts with RSA host authentication accepted.
    client: Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.
    

1. Install SecureCRT 2.4 (other versions/ssh programs have the same functionality, `but you'll have to brave it alone on that...)
   
   
2. Setup a connetion to the remote relay server (in this case gwenhwyfar.dorsai.org) and modify the Advanced settings as follows:
   
   Local port: 3128
   Remote hostname: localhost
   Remote port: 3128
   
   
   
   
3. Once connected to the relay, re-tunnel port 3128 to ops1 through your machine:
   
   

   ssh -l username -L 3128:ops1.women.net:3128 emotion.women.net

   where "emotion.women.net" is you sparc at the office and "username" is your account there.
   
   
4. You have the port forward setup, now you just need the proxy. Goto Netscape's "Edit -> Preferences" and...
   
   
   
   
5. You're done - you're now browsing with the Squid proxy on ops1.women.net, port 3128. Test it out.

1. Install SecureCRT 2.4 (other versions/ssh programs have the same functionality, `but you'll have to brave it alone on that...)
   
   
2. Insert this registry key on your local PC (at home) which allows pcANYWHERE 9.2 (with other versions, your mileage may vary) to connect to a host via TCP even if the initial UDP probe fails. For those PC-knowledgable people, the registry key is:
   
   

   [HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\pcAnywhere\CurrentVersion\System]
   "TCPIPConnectIfUnknown"=dword:00000001
   

   Also check out the Symantec Knowledge Base Article on "How to troubleshoot pcAnywhere TCP/IP connections"
   
   
3. Setup in SecureCRT a connetion to the remote relay server (in this case gwenhwyfar.dorsai.org) and modify the Advanced settings as follows:
   
   Local port: 5631
   Remote hostname: localhost
   Remote port: 5631
   
   See screen-shot above if you're unsure how to do this
   
   
4. Once connected to the relay, re-tunnel port 5631 to your PC through your Sparc:
   
   

   ssh -l username -L 5631:pc.women.net:5631 sparc.women.net

   where "sparc.women.net" is you Sparc at the office, "pc.women.net" is you Windows machines and "username" is your account on the Sparc.
   
   
5. Now in pcANYWHERE, setup a new "Remote Control" connection as follows:
   
   
   • Under "Connection Info", select "TCP/IP"
   • Under "Settings", set "Network host PC to control or IP address" to "127.0.0.1"
   • Optionally under "Security Options", set "Encryption" > "Level" to "pcAnywhere"
   • Rename the newly created connection "ssh port-forwarded"
   
   
6. Connect to your new "ssh port-forwarded" host, and you should be good-to-go.

Copyright (c) 2001 Anthony Tonns
Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License,
Version 1.1 or any later version published by the Free Software
Foundation; with no Invariant Sections, no Front-Cover Texts and
no Back-Cover Texts.  A copy of the license is included in the
section entitled "GNU Free Documentation License".