===================================
SSHproxy installation documentation
===================================


.. include:: menu.inc


SSHproxy installation documentation
===================================

Prerequisites
-------------

Here is the list of prerequisite software to run sshproxy. The versions are
the ones I develop with. It may work with earlier versions, but I can't
guaranty anything.

* `mysql <http://www.mysql.com/>`_ 4.1.14
* `openssh <http://www.openssh.com/>`_ 4.2_p1
* `python <http://www.python.org/>`_ 2.4.2

  - `pycrypto <http://www.amk.ca/python/code/crypto.html>`_ 2.0 (indirect dependency from paramiko)
  - `paramiko <http://www.lag.net/paramiko/>`_ 1.5.2
  - `MySQLdb <http://sourceforge.net/projects/mysql-python/>`_ 1.2.0

Installation
------------

Get `SSHproxy <download.html>`_

Untar the tarball in the directory of your choice::

    tar zxvf sshproxy-0.2.tar.gz

Now enter in the sshproxy-0.2 directory.

Install the database
--------------------

It is strongly recomended to use the wizard script installdb.

Run the script, and answer all the questions::

  ./installdb


Run the server
--------------

Issue the following command::

    ./sshproxy

This runs the sshproxy server which listens on the port 2242 (or the port
you configured with the wizard).


Run the client
--------------

Issue the following command::

    ssh -tp 2242 admin@localhost remote_site

You also have convenient wrappers for ssh and scp (pssh and pscp) in the
./misc/ folder.

You may change the user *admin* to reflect the one you put in
the *login* table.
At the password prompt, enter the password you put
into the *login* table.

You're now connected.


Configuration files
-------------------

If you ever need to change configuration, the files are placed in ~/.sshproxy::

 ~/.sshproxy
 ~/.sshproxy/id_dsa
 ~/.sshproxy/id_dsa.pub
 ~/.sshproxy/sshproxy.ini

Of course, '~' here represents the home directory of the user running the
daemon.

Troubleshooting
---------------

If you experience locks when you try to connect to a remote site,
change the /etc/ssh/sshd_config file on the remote site to read::

 PasswordAuthentication yes

This is a known bug of SSHproxy, and will hopefully be fixed soon.

The **sshproxy** daemon is not verbose on the console, but it logs thru syslog
(protocol udp on localhost, facility daemon), so you may check for errors in
your /var/log/syslog or /var/log/message by the following command::

 tail -f /var/log/{syslog,messages} | grep sshproxy
 
The log system will be enhanced in the next version.
Of course you need to configure your syslog to accept udp from localhost.
There is an example syslog-ng.conf file in ./misc/

::

    -- 
    David Guerizec <david@guerizec.net>