As mentioned in a previous post, I recently purchased a SunBlade 100 workstation off eBay. The first operating system I installed on it was Solaris 8, as this was the only version of Solaris I had CD ISOs for and it only has a CD-ROM drive (later I was able to install Solaris 9 on it over the network). I was disappointed to find out that Solaris 8 didn’t come with OpenSSH preinstalled; it wasn’t until Solaris 9 that SSH was installed with the base OS. I also had an x86 Solaris 8 virtual machine running in VirtualBox that I wanted to be able to access from my Linux systems (installed using the steps here: https://github.com/mac-65/Solaris_8_x86_VM). I decided to try installing OpenSSH on the VM first, as I could take snapshots and revert to a working state if a step failed. Prior to starting these steps, I applied the below patches per mac-65’s guide:
- The Solaris 8 x86 recommended patch cluster, found here.
- Patch 112439-02, which provides /dev/random and /dev/urandom (needed to generate SSH keys), found here.
I didn’t have to apply any patches to my SunBlade 100.
As is the case with anything I’ve tried to do with Solaris 8, there isn’t a detailed guide out there for installing OpenSSH on it. I’ve had to piece together fragments of information from old pages and forum posts. First, I needed to find the packages for OpenSSH and any dependencies. Per this guide, the packages can be found in the OpenCSW Solaris package archive. Knowing the tendency for stuff like this to disappear, I rsync’d down all of the packages and shared them out on my local network with an Nginx web server (running in a Docker container, no less; old meets new!) I downloaded the OpenCSW pkgutil (found here) and copied it to an NFS share, which I was able to mount on the Solaris 8 VM. I then changed directories to the NFS mount (I mounted it to /mnt) and installed pkgutil with: pkgadd -d pkgutil.pkg.
After installing pkgutil, I needed to update the configuration to point to my local mirror and specify the release version. This is done in /etc/opt/csw/pkgutil.conf. Note: you don’t need to mirror the packages locally like I did, but you will need to uncomment out the below line and change the release name to dublin, the latest available release of OpenCSW Solaris 8 packages. Your system will also need to be able to connect out to the Internet, which is something I avoided by mirroring the packages locally.
After this was done, I tried installing OpenSSH with /opt/csw/bin/pkgutil -y -i openssh.
And … it failed. The dependency CSWcommon requires the patch 112757 for libm to be installed.
I Googled “Solaris patch 112757” and “Solaris 8 libm patch.” I found a few pages referencing this patch, but no downloads for it. Finally, on a hunch, I decided to browse the Latvian FTP site from which I downloaded the 112439-02 patch, http://ftp.lanet.lv/ftp/unix/sun-info/sun-patches/. I then searched the page and there it was!
Thank you to the person hosting these historic files out on the Internet! I copied the patch to my NFS share and installed it on the VM with patchadd 112757-01:
/opt/csw/bin/pkgutil -y -i openssh now completes successfully.
In order to be able to SSH to a Solaris system from a modern Linux system, you will likely need to add the following to your ~/.ssh/config file:
Host * HostKeyAlgorithms +ssh-rsa PubkeyAcceptedKeyTypes +ssh-rsa
Or add it on a per-host base if you are uncomfortable with allowing this for all hosts:
Host sol8vm1 HostKeyAlgorithms +ssh-rsa PubkeyAcceptedKeyTypes +ssh-rsa
Once this has been added, you should be able to SSH into your Solaris system:
If you get errors about xterm-256color: Unknown terminal type, SSH with TERM=xterm ssh user@host. Of course you may find it a good idea to disable root login. All configuration changes are made in /opt/csw/etc/ssh/sshd_config and require restarting the service with /etc/init.d/cswopenssh restart. I didn’t bother with this, as this is 15-year-old software running on a 25-year-old OS.