Table of Contents
NetBSD ships with a Secure Shell implementation based on OpenBSD's. The default configuration of Secure Shell is done quite well, and there is little an administrator needs to actually do in most cases. Turning on the Secure Shell daemon is required, however. For posterity, we are going to take a short look at configuring it.
The ssh client's configuration file is located in
/etc/ssh/ssh_config.
The options contained in it are named intuitively and are rather verbose.
Documentation can be found in the ssh_config(5) manpage.
The server side of SSH is configured via
/etc/ssh/sshd_config. The defaults are set to
high security levels by default. To enable the ssh server, put
sshd=yes into /etc/rc.conf and
run sh /etc/rc.d/sshd restart to start the server
daemon and create any host keys if they are not already present.
One item to take note of is that the server config does not allow X11 forwarding by default, which of course on a firewall is a good thing. To enable it the administrator must change the following lines:
StrictModes no X11Forwarding yes
Again, there is little to nothing the administrator needs to do with the Secure Shell setup unless they wish to alter the default config.