Troubleshooting NIM OpenSSL

Edit online

A description of troubleshooting an error installing the OpenSSL package.

Problem

The NIM installation fails because it cannot find the libssl.a file. The libssl.a file is part of the OpenSSL package.

Solution

The error is a result of the mismatch between the AIX® version of OpenSSL versus the RedHat Package Manager (RPM) version of OpenSSL. You should remove the AIX fileset and install the RPM version of OpenSSL on the NIM Client system.

Use the following information to resolve the problem.

OpenSSH is based on client and server architecture. OpenSSH runs the sshd daemon process on the AIX host and waits for the connection from clients. OpenSSH supports public-key and private-key pairs for authentication and encryption of access to ensure secure network connections and host-based authentication.

To download the latest installp format packages for the AIX operating system, go to the AIX Web Download Pack Programs website.

The following information explains how to install and configure OpenSSH on a system running the AIX operating system.

The OpenSSH software is shipped on the AIX base media. The installp packages include the man pages and the translated message filesets.

The following OpenSSH binary files are installed as a result of the preceding procedure:

scp
A file copy program that is similar to the remote copy (rcp) file.
sftp
A program similar to FTP that works over SSH1 and SSH2 protocol
sftp-server
The SFTP server subsystem, which is started automatically by the sshd daemon
ssh
This is similar to the rlogin and rsh client programs
ssh-add
A tool that adds keys to thessh-agent command
ssh-agent
An agent that can store private keys
ssh-keygen
A key generation tool
ssh-keyscan
A utility for gathering public host keys from a number of hosts
ssh-keysign
A utility for host-based authentication
ssh-rand-helper
A program used by OpenSSH to gather random numbers
Note: It is used only on AIX 5.1 installations.
sshd
A daemon that permits you to log in
The following general information pertains to OpenSSH:
  • The /etc/ssh directory contains the sshd daemon and the configuration files for the ssh client command.
  • The /usr/openssh directory contains the readme file and the original OpenSSH open source license information. This directory also contains the ssh protocol and the Kerberos license information.
  • The sshd daemon is under AIX SRC control. You can start, stop, and view the status of the daemon by issuing the following commands:
    Command Alternative 
    startsrc -s sshd
    		 
    startsrc -g ssh  (group)
    		 
    stopsrc -s sshd
    		 
    stopsrc -g ssh
    		 
    lssrc -s sshd
    		 
    lssrc -s ssh
    You can also start and stop the daemon by issuing one of the following commands: 
    • /etc/rc.d/rc2.d/Ksshd start

    • /etc/rc.d/rc2.d/Ssshd start
      /etc/rc.d/rc2.d/Ksshd stop

    • /etc/rc.d/rc2.d/Ssshd stop
  • When the OpenSSH server fileset is installed, an entry is added to the /etc/rc.d/rc2.d directory. An entry is in the inittab file to start run-level 2 processes (l2:2:wait:/etc/rc.d/rc 2) so that the sshd daemon will start automatically at boot time. To prevent the daemon from starting at boot time, remove the /etc/rc.d/rc2.d/Ksshd and /etc/rc.d/rc2.d/Ssshd files.
  • OpenSSH software logs information to the SYSLOG log.
  • OpenSSH supports long user names of 256 bytes, the same as the AIX operating system.
  • Some keywords, such as AllowUsers, DenyUsers, AllowGroups, and DenyGroups, are not available by default in the ssh_config file or the sshd_config file. You must add these keywords to the configuration files to use them.