OpenSSH SSH SSHD.NLM SFTP SFTP-SVR.NLM SCP
There have been numerous very important fixes in SSHD.NLM over time, the minimum level to use is that which comes with NetWare 6.5 SP6. However, the current recommendation is to use NetWare 6.5 SP8 plus post-SP8 update NWsshd8a.zip (which could incrememt to NWsshd8b.zip or later).
- Proper LIBC.NLM functionality is crucial to SSH/SFTP, so this is another reason to insure NetWare 6.5 Support Pack 8.
- SYS:\ETC\SSH\SSHD_CONFIG needs to be set to search the contexts for both the user objects AND the servers whose file systems need to be reached. For example, "eDirNameContext o=novell" (without the quotes) will look for objects only at o=novell and not any lower. "eDirNameContext o=novell?scope=subtree" (without the quotes) will search for the objects at or below o=novell. You can put multiple eDirNameContext lines in the SSHD_CONFIG if necessary.
- Servers running SSHD.NLM needs to have LDAP (NLDAP.NLM) running.
- LDAP needs to be configured to allow anonymous simple binds.
- Edit the SYS:\ETC\SSH\SSH_CONFIG file.
- Change the "Loglevel INFO" line to read "LogLevel DEBUG3" (without the quotes).
- Unload and reload SSHD.NLM (which can also be done by running SYS:\ETC\SSH\UTILS\SSHDRSET.NCF).
- Reproduce failure and view the SYS:\ETC\SSH\LOGS\SSHD.LOG for more information.
Also, DSTRACE.NLM is very helpful in troubleshooting LDAP authentication issues:
- LOAD DSTRACE.NLM
- DSTRACE -ALL
- DSTRACE SCREEN ON FILE ON +TIME +LDAP +AUTH
- Switch to the DSTrace Console screen to view activity.
- Alternately, you may view the same information in the SYS:\SYSTEM\DSTRACE.LOG file by first switching FILE OFF on DSTRACE (DSTRACE FILE OFF).