Dec 051999

Installing OpenSSH – less restrictive than ssh

OpenSSH is now part of the base system of FreeBSD. Don’t bother with this article unless you really want to install the port. In which case, you’ll want to add the following line to /etc/rc.conf

This article talks about how I installed OpenSSH.  SSH is a secure shell.

The home page for OpenSSH is

OpenSSH is an implementation of the ssh protocol with a less restrictive license.   Read the full details at but in short, OpenSSH "can be used for any and all purposes, and that explicitly includes commercial use".  So, if you want secure communcations, I recommend OpenSSH.

OpenSSH uses the SSH protocol.  SSH is more secure than telnet, which uses clear text (even for your password!).

To see more about ssh, please read

Why OpenSSH?

The main reason is the license.  I wanted the freedom to use SSH for commercial purposes.  I had previously installed ssh as my secure shell.  So I removed ssh and installed.

The removal

To remove ssh, I did the following:
cd /usr/ports/security/ssh
make deinstall

The install

Remember, I have the entire ports tree installed.  So it was easy:
cd /usr/ports/security/openssh
make install

Running OpenSSH

This was very hard!
# ssh ducky
The authenticity of host '' can't be established.
Key fingerprint is 1024 be:2f:f5:17:b5:aa:c8:73:7d:18:10:d0:14:2e:3d:64.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ',' to the 
                                                     list of known hosts.'s password: 
Last login: Sat Dec  4 13:45:19 1999 from
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
      The Regents of the University of California.   All rights reserved.

FreeBSD 3.1-STABLE (IPFILTER3) #1: Tue Nov 16 00:49:44 NZDT 1999

Welcome to FreeBSD!

If the doc distribution has been loaded on this machine, the FreeBSD
Handbook will be in file:/usr/share/doc/handbook and the FAQ in

Type /stand/sysinstall to re-enter the installation and 
                                                   configuration utility.

[root@ducky:~] #

OK.  That works for outgoing connections.  Now what about incoming connections?

# ssh synergy
Secure connection to synergy refused; reverting to insecure method.
Using rsh.  WARNING: Connection will not be encrypted. Connection refused

Well, that’s probably because sshd is not running on synergy.  So let’s check and see if it is running:

#  ps -auwx | grep sshd
root   20717  0.0  5.7   948  492  p0  S+   12:50PM   0:00.10 grep sshd

No, it’s not running. So let’s start sshd.

[root@synergy:/usr/ports/security/openssh] # cd /usr/local/etc/rc.d
[root@synergy:/usr/local/etc/rc.d] # ls                      

Above you can see the scripts in the local startup directory.   So let’s use the one for sshd.

[root@synergy:/usr/local/etc/rc.d] # ./

We check again to see if sshd is now running..

[root@synergy:/usr/local/etc/rc.d] #  ps -auwx | grep sshd
root 20724 88.4 12.2 1624 1060 ?? Rs 12:51PM 0:08.08 /usr/local/sbin/sshd
root 20728  0.0  5.7  948  492 p0 S+ 12:51PM 0:00.07 grep sshd

Trying connection again:

# ssh synergy -l dan
Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)? yes
Host 'synergy' added to the list of known hosts.
dan@synergy's password: 
Last login: Sun Dec  5 11:44:48 1999 from ducky
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
       The Regents of the University of California.  All rights reserved.
FreeBSD 3.3-RELEASE (SYNERGY) #0: Sat Dec  4 17:43:41 NZDT 1999

OK!  There we go.  Up and running just fine.


I’ve not done any configuration of OpenSSH, but I did notice the following two files during the install:

My uneducated guess is these are for the ssh and sshd programs respectively.

Klaus A. Brunner wrote to tell me about the blowfish option on OpenSSH.  Klause wrote:

I change the preferred ssh cipher to blowfish.  By default, ssh uses 3DES, which is MUCH slower and probably not safer anyway.  If you’re doing lots of large scp transfers over moderately fast networks, you’ll definitely notice a difference.


Cipher blowfish

ssh clients

I’ve seen several Windows clients which do ssh.

  2 Responses to “Installing OpenSSH – less restrictive than ssh”

  1. I have sshd running on an Intel Box loaded with RED HAT 7.3
    When I try to ssh to this box from somw other box on the same network, I keep getting connection refused; reverting to insecure method. Please advise on how to eliminate this error.


    • 1 – This is really a FreeBSD resource
      2 – This area is for comments / addenda.
      3 – Questions should be asked in the <A HREF="/phorum/">Support Forum</A>