We have built the last few versions of openssh for Solaris using the
following config.
./configure
--prefix=/software/ssh-openssh-5.2
--with-kerberos5=/software/krb5-1.6 --without-kerberos4
--without-egd-pool --without-prngd-port --without-prngd-socket
--disable-etc-default-login
--with-entropy-timeout=200 --with-rand-helper
--with-pam --with-random=/dev/random
5.0 worked fine, but 5.1 and 5.2 sshd seems to hang when people do a
paste of more than about 1k under vim.
We've also had some problems with 5.1 and 5.2 with a few programs that
start up a remote program and chat with them - we get both sides waiting
for the other to respond.
They all work fine with rsh or ssh as long as sshd isn't 5.1 or later.
Has anyone seen something like this?
Sample ssh_config and sshd_config file attached.
Jeff Voskamp
javoskam@xxxxxxxxxxxx
---snip sshd_config ---
# we're not using ipV6, but solaris offers it anyway (in all cases)
AddressFamily INET
Port 22
Protocol 2
ListenAddress 0.0.0.0
IgnoreRhosts yes
RhostsRSAAuthentication no
IgnoreUserKnownHosts no
X11Forwarding yes
X11UseLocalhost yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes
Subsystem sftp /software/ssh/maintenance/sftp-server
# to be pulled from previous incarnations and stashed above
# these are the defaults in case they weren't previously mentioned.
UsePam yes
StrictModes yes
PermitRootLogin no
HostbasedAuthentication yes
PubkeyAuthentication yes
GSSAPIAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
UsePrivilegeSeparation yes
---snip ssh_config ---
# Site-wide defaults for various options
Host *
Port 22
Protocol 2
RSAAuthentication no
RhostsRSAAuthentication no
ChallengeResponseAuthentication yes
PasswordAuthentication yes
HostBasedAuthentication yes
PreferredAuthentications
hostbased,publickey,keyboard-interactive,password
ForwardAgent no
ForwardX11 yes
ForwardX11Trusted yes
UsePrivilegedPort no
CheckHostIP yes
EnableSSHKeysign yes