SSH Installation on Solaris 8 without Reboot

Posted January 30, 2006 by lordmac in Solaris

The following tutorial contains tips and tricks you can use to install SSH without rebooting the system.


On the Sunfreeware site, you can find useful instructions for installing SSH (http://sunfreeware.tpnet.pl/openssh.html). However, I had several problems installing the required patch 112438 without rebooting the server.

Here is the solution.
1. Download the patch, and unzip it.
2. Install the following patch:

patchadd 112438-xx

where xx is current version. For me, it was 112438-03.

3. Now, download the script setup_random.ksh from this site http://linbox.free.fr/ssh.html
Here is a copy of it just in case the site has been removed.


#!/usr/bin/ksh
# Set up Solaris random device from patch 112438-01 without reboot
# Moderate error checking only since this should be straightforward.
#
# (c) 2002 Andrew J. Caines. Permission to modify and distribute is
# granted on condition the copyright message is included and modifications
# are clearly identified.
#
# Incoporating suggestions and changes from these SunManager list members:
# Thomas Anders , Dan Astoorian ,
# Pr|mm Gerd , Adam Mazza .
# Script rewrite for functional changes and reliability improvement based
# on contribution from from Jeff Bledsoe.

PATH=/usr/bin:/usr/sbin

Patch=${Patch:-112438} # Just in case it ever changes

# Set up tempfile
TmpFile=/tmp/.$$.$RANDOM ; rm -f $TmpFile ; touch $TmpFile; chmod 600 $TmpFile

function bailout
{ echo "$*. Exiting" >&2 ; exit 1
}

# Check patch is installed
echo "Checking for patch $Patch...\c"
if showrev -p | egrep -s "^Patch: ${Patch}-"
then echo " installed."
else bailout " not installed. Install it and try again."
fi

# Activate random kernel module with workaround for module dependency problem
echo "Removing random device from name_to_major"
name_to_major=$( /etc/name_to_major

# Add driver to create device nodes and load module
echo "Adding driver to system"
add_drv -m '* 0644 root sys' random || bailout "Driver random failed to add"

# Report results
echo "Finished. You now have the following random devices:"
ls -l /dev/*random /devices/pseudo/[email protected]:*random

# Test
echo "Do you want to test the new device? (y/n) \c"
read yn
case $yn in
[Yy]*) echo "Running: dd if=/dev/random of=$TmpFile bs=512 count=1"
dd if=/dev/random of=$TmpFile bs=512 count=1
echo "Running: strings $TmpFile"
echo "You should see a few lines of random garbage:"
;;
[Nn]*) echo "Your blind faith will be rewarded in the next life."
echo "Your reward confiration code is:"
;;
esac

strings $TmpFile
rm -f $TmpFile

exit 0

################################################################################
# The remainder of this script never runs, but is left as refernce for use
# and locations of the relvant data and commands.

# Find device major
major=$(nawk '/^random/{print $2}' /etc/name_to_major)

# Make pseudodevices for both devices
echo "Making device nodes."
mknod /devices/pseudo/[email protected]:random c $major 0
mknod /devices/pseudo/[email protected]:urandom c $major 1

mode=$(nawk '/^random/{print $2}' /etc/minor_perm)
user=$(nawk '/^random/{print $3}' /etc/minor_perm)
group=$(nawk '/^random/{print $4}' /etc/minor_perm)

chown $user:$group /devices/pseudo/[email protected]:*random
chmod $mode /devices/pseudo/[email protected]:*random

# Make dev links
echo "Making device links."
cd /dev
ln -s ../devices/pseudo/[email protected]:random /dev/random
ln -s ../devices/pseudo/[email protected]:urandom /dev/urandom

# load the module
echo "Loading driver."
modload /kernel/drv/random

# Prime the pump with half-decent data source
echo "Priming entropy pool."
alias primepool='dd if=/dev/mem bs=512 count=16 2>&- | crypt $RANDOM'
primepool > /dev/random 2>&- # Gives "/dev/random: cannot create"
primepool > /dev/random # Runs fine

Now, go through the installation instructions on Sunfreeware site.

Note: In the end, there is a key generation. This can last about 5-10 minutes on a slow and heavy loaded server.

The Conversation

Follow the reactions below and share your own thoughts.