Question & Answer
Question
Answer
- OpenSSH: https://www.ibm.com/resources/mrs/assets?source=aixbp&S_PKG=openssh
- OpenSSL: https://www.ibm.com/resources/mrs/assets?source=aixbp&S_PKG=openssl
% mkdir /tmp/newOpenSSL
% mkdir /tmp/newOpenSSH
|
- Transfer the compressed OpenSSL tar file to the /tmp/newOpenSSL directory.
- Transfer the compressed OpenSSH tar file to the /tmp/newOpenSSH directory.
3) If /etc/ssh exists before the upgrade of OpenSSH or AIX, make a backup of the directory. Skip steps 3 and 9-10 if OpenSSH is not installed.
Important Notes |
---|
A) If you have an existing ssh configuration, make a copy of the /etc/ssh directory before installing the new ssh to preserve the ssh host keys. If this is a new installation of ssh, there will not be an /etc/ssh directory.
% cp -pr /etc/ssh /etc/ssh_backup B) Read the following technote for details about changes in OpenSSH Version 7.
|
4) Prepare the OpenSSL software for installation.
% cd /tmp/newOpenSSL
% uncompress openssl-N.N.NNN.NNNN.tar.Z
% tar -xvf openssl-N.N.NNN.NNNN.tar
% cd <newly created OpenSSL directory if one was created>
|
% smitty install_all INPUT device / directory for software [.]
<enter> * INPUT device / directory for software . * SOFTWARE to install []
<....>
Select F4 or esc+4 to list the OpenSSL software.
Select with F7: openssl.base openSSL.license openSSL.man.en_US
<enter> ACCEPT new license agreements? yes
<enter>
Or use the command line:
% installp -qaXFY -d . openssl.base openssl.license openssl.man.en_US
|
% cd /tmp/newOpenSSH
% uncompress OpenSSH_N.N.NNN.NNNN.tar.Z
% tar -xvf OpenSSH_N.N.NNN.NNNN.tar
|
% cd <newly created OpenSSH directory if one was created>
% smitty install_all INPUT device / directory for software [.]
<enter>
* INPUT device / directory for software .
* SOFTWARE to install []
<....>
Select F4 or esc+4 to list the OpenSSL software.
Select with F7: openssh.base openssh.license openssh.man.en_US openssh.msg.EN_US openssh.msg.en_US
<enter> ACCEPT new license agreements? yes
<enter>
Or use the command line:
% installp -qaXFY -d . openssh.base openssh.license openssh.man.en_US openssh.msg.EN_US openssh.msg.en_US
|
% lssrc -g ssh |
- This should result in an "active" status, indicating it is ready to accept ssh connections
- NOTE: SSHD is called from /etc/rc.d/rc2.d/Ssshd script at boot up.
- The Ssshd script is called from the l2 entry in /etc/inittab --> l2:2:wait:/etc/rc.d/rc2.d
- NOTE: SSHD is called from /etc/rc.d/rc2.d/Ssshd script at boot up.
% /usr/sbin/updtvpkg |
% cd /etc/ssh |
- Back up the newly installed ssh_config and sshd_config files.
% cp -p ssh_config ssh_config.orig_<today's_date>
% cp -p sshd_config sshd_config.orig_<today's_date>
|
- Restore the /etc/ssh_backup host keys directory
% cd /etc/ssh_backup
% cp -pr ssh_host_*_key* /etc/ssh
|
- Update (or restore previous) sshd_config and ssh_config files
- Alternatively (not recommended), you can restore the previous config files:
% cd /etc/ssh_backup
% cp -pr sshd_config ssh_config /etc/ssh
|
- To stop sshd from the command line:
% stopsrc -s sshd |
- To start sshd from the command line:
% startsrc -s sshd % lssrc -g ssh |
SUPPORT |
---|
If you require more assistance, use the following step-by-step instructions to contact IBM to open a case for software with an active and valid support contract. 1. Document (or collect screen captures of) all symptoms, errors, and messages related to your issue. 2. Capture any logs or data relevant to the situation. 3. Contact IBM to open a case: -For electronic support, see the IBM Support Community: 4. Provide a clear, concise description of the issue. 5. If the system is accessible, collect a system snap, and upload all of the details and data for your case. - For guidance, see: Working with IBM AIX Support: Collecting snap data |
Related Information
Was this topic helpful?
Document Information
Modified date:
14 January 2025
UID
isg3T1027135