Peter's Blog

This article gets many google hits for 'Ubuntu sshd'. I am not sure what precisely people are searching for but my experiences with sshd in Ubuntu have been very simple and not worth commenting on. I just installed open-sshd and the ssh client packages and that was it, it Just Worked.

Tips for using ssh:

• Enable ssh version 2 support and disable version 1 support in sshd.conf. Version 2 is more secure and everything seems to support it.
• Putty is a very good windows client. It's only problem for me is that it's key format is incompatible with open-ssh so you can't get it to automatically log in for you, you have to enter a password. Cygwin can log in for you using keys, making it easy to integrate ssh into other tools, such as Vim.
• Make sure your firewall is open. If the ssh port (22) is blocked, you may find that your https port (443) is still open. The server has to be expecting a connection from that port or you have to switch ports in the server's router.
• Give ssh tunnelling a try: open ssh connection and use it to forward ports from one machine to another. It's way cool.

More of my ssh experience.

Peter

As one of the people googling for "Ubuntu sshd", I can answer this question. Out of the box, Ubuntu (at least Warty Warthog) didn't include sshd, and a naive "apt-get install sshd" didn't find an sshd package, and searching for "sshd" in the documentation at ubuntulinux.org didn't find anything (somewhat surprisingly). So I was googling to figure out how to get an sshd on my Ubuntu box, and the answer seems to be "apt-get install openssh-server".

Cheers,

Jay

Thank you Jay, you made my day. (ryme not intended)

Bzzlink

Unsurprisingly, I found this entry googling for "sshd ubuntu" as well. Thanks for the tip! Who says blogs are useless?

I try to help.

Peter

I must say from my more recent experience that you are probably much better off using vnc than trying to do this through X. It is much more reliable and you can remotely access both Windows PCs and Linux PCs using the same tool. Vnc works nicely through an ssh tunnel.

Peter

For the record I got here by searching google for "sshd ubuntu". It's true, Ubuntu didn't have sshd, and apt had no clue what "sshd" was. I eventually figured it out by installing "ssh" with apt-get, which installed, get this, sshd.

Meh. :)

Someone clued me in on the apt-cache search command:

$ apt-cache search sshd
hsftp - Ssh client with look and feel of a FTP client
libjsch-java - java secure channel
libjsch-java-doc - java secure channel examples
openssh-server - Secure shell server, an rshd replacement
ssh-krb5 - Secure rlogin/rsh/rcp replacement (OpenSSH with Kerberos)
webmin-sshd - SSH server control module for webmin
$

apt-cache search works much better than the search function in dselect.

Peter

Am I the only person who's a little afraid of things like "apt-get" and "apt-cache"? It's one thing to download, virus-scan, and run software. But it's another thing to run a program from your own computer that has a private conversation with home base.

I suppose it's a little less-scary on an open source program like these apt-programs are where you could theoretically go through the code yourself to see what it's doing, but that could be a rather long research project! And then at some point the apt-programs would be patched and you'd have to do it again...

That being said, what's the standard, manual way of finding and downloading programs (like these apt-programs do) for computers that aren't attached to the Internet?

PS: I love your blog! I've never touched any of the X-aspects of cygwin. I've always used it as a UNIX shell script interpreter and and sshd server. Say, I've got the strangest sshd problem that I can't find a solution too... I just dunno how to search for it! I've got the problem on *2* Win2k boxes, so surely someone else has had this too: When logging in via ssh or sftp using password authentication, my first password entry Always fails. The second one goes through fine. This renders a lot of clients (like Filezilla) useless b/c they try the password once, then disconect/reconnect. What one earth's going on with it?

The idea is to only list 'trusted' archives in your /etc/apt/sources.list file. At a minimum you should have one of the security sources, e.g.

deb http://security.ubuntu.com/ubuntu hoary-security universe
deb-src http://security.ubuntu.com/ubuntu hoary-security universe

to make sure that security fixes are applied promptly.

The manual way of doing this is to download the '.deb' files from a trusted source (ubuntulinux.org directly maybe), check the md5 checksums to make sure that they haven't been tampered with and install them using dpkg: this is what apt uses to install packages.

Regarding your password problem, I'm not sure what it could be, you might want to make sure you have the latest software installed (use cygwin setup to update the software: if you trust it!). One solution is to sidestep passwords entirely and set up authentication using dsa keys: I mention how to do this here, although you only need the first three steps if you don't plan to use putty.

Peter

Ah, dpkg is the .deb handler! Looking at the man page for dpkg, it seems to push you towards using 'dselect'. That's another one I'm not familar with. Generally the little bit of package-dealing with in the past has all been resorting to the GUI and double clicking on .rpm files. The Ubuntu Hedgehog release opens .rpm's and .deb's in the "File Roller" which looks like a graphical un-archiver/un-compressor and doesn't seem to have the smarter that a 'package manager' would.

Say, in a nutshell, what are the differences between the .deb and .rpm formats? I'm guessing RPM is a little more proprietary/closed source or has the potential to be?

And I want to squeeze in one final question hopefully before your patience at answering my questions completely evaporates! Ubuntu Hedgehog is using this Nautilus graphical file manager. I can't seem to get Nautilus to work in a way that doesn't drive me crazy. Any time I double click on a folder, it opens in a new window. And there's no full path displayed anywhere. And the ".." directory isn't listed and there doesn't seem to be a toolbar I can put an "up a level" button on. I've been through the options as best I can and I can't find what I'm looking for there. So, my questions are: what are some popular graphical file managers for Linux other than Nautilus, what's your fav, and is replacing the default graphical file manager in Linux a bad idea? (I know these days at least one popular OS uses the same program as its shell, Desktop manager, file manager, and who knows what else and replacing it is a sketchy proposition!)

As for the passwd problem, I actually let Cygwin go do its network thing and auto-update a slew of packages at one point but it didn't change anything. I'll figure it out some day; it's not a huge priority for me

Thanks for the chatter; it's comforting to find a human out here in "Cyberspace".

Dselect is a command-line type of package manager. If you prefer GUI you should use the 'Synaptic Package Manager' which is listed under system setup. Both are just front ends for apt/dpkg.

I'm not sure what the real differences are between .rpm and .deb they are basically different ways to do the same thing. My preference is for .deb, the organisation, particulary the way it handles dependancies upon other packages, seems to be better organised. My past experience with rpm's is that you try to install one and get a list of other rpm's you should have installed first.

Unfortunately I don't use linux GUIs enough to be be able to help with the file manager problem. I mostly use ssh terminals, if I want a file manager I use 'Midnight Commander' which is a text-based thing.

I have replaced 'gnome' with 'kde' on one of my ubuntu boxes (easier than it sounds: see here). I haven't spent much time using it though.

Peter

Thanks a ton! I'm a deadhat user by trade, and the apt-get for openssh-server wasn't native for me. Might be a nice FAQ topic on the ubuntu site.

For ubuntu with kde try kubuntu.org

Hi Peter,

This is a really dumb question, but how do you turn on the ssh server? How do you have it run with each startup on Ubuntu?

Thanks

If you install the openssh server package using dselect or

sudo apt-get openssh-server

then the server daemon will automatically be started every time your system boots.

You can see it running by going:

ps aux | grep sshd

this should show two lines of results, something like:

root   1568 0.0 0.4 4476 1140 ?    Ss  2005  0:00 /usr/sbin/sshd
peter  621  0.0 0.2 1652 512 pts/0 S+  20:00 0:00 grep sshd

the second line will always appear, even if you had no sshd server, because it just shows the grep command running.

Peter

er uh just installed cygwin and the only thing in that directory is run.exe

did I maybe not select the right things during Cygwin install, I did a net install selecting the defaults

Try installing the "x-startup-scripts" package in cygwin.

Peter

the reason your x-forwarding died is because it was only using x forwarding instead of trusted x forwarding. try with -Y instead of -X and it'll work much better.

hey, thanks Jay! i was googling exactly for this!

try:

1. sudo apt-get install ssh

seems to install the openssh-server package as a dependancy

I googled apt-get install ssh, which is precisely what I did and it went in sweet on my dapper. Thanks Peter

I'm one of the "Ubuntu sshd" searchers. I did it because my Ubuntu install does not have sshd. apt-cache search sshd returns nothing.

What do I need to do to get a place with the sshd packages in my sources.list (assuming this is done in the usual debian way)

Guessing somewhat here but sounds like your distro CD does not include ssh.

You need to edit /etc/apt/sources.list and make sure it points at a comprehensive ubuntu archive.

Here is mine:

## Major bug fix updates produced after the final release of the
## distribution.
deb http://archive.ubuntu.com/ubuntu breezy-updates main restricted
deb-src http://archive.ubuntu.com/ubuntu breezy-updates main restricted

## Uncomment the following two lines to add software from the 'universe'
## repository.
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## universe WILL NOT receive any review or updates from the Ubuntu security
## team.
deb http://archive.ubuntu.com/ubuntu breezy main universe multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu breezy main universe multiverse restricted

deb http://security.ubuntu.com/ubuntu breezy-security main restricted
deb-src http://security.ubuntu.com/ubuntu breezy-security main restricted

deb http://security.ubuntu.com/ubuntu breezy-security universe
deb-src http://security.ubuntu.com/ubuntu breezy-security universe

Peter

You may need to install xauth if you installed from the netboot or other minimalist installation method.

sudo apt-get install xauth

Here is how you do it.

Stop remote connections (systems->administration->remote desktop (uncheck) install vnc4server run vnc4server (add password) reboot your box ssh to your box start vnc4server (port is most likely 5902 but check the log) vnc to that box with the port number found, enter password Wow you have a ugly grey screen… welcome :) OK now type “gnome-session &” redirect output to dev/null if you want guess what you have it running now. email greg_myers@hotmail.com if this works for you. This worked on ubuntu gutsy running gnome.

Hum, I very rarely need to reboot my box, certainly not to install vnc. I run vncserver as a user, don't even need to /etc/init.d it.

Peter