Skip to content
Özgür Kazanççı edited this page Nov 23, 2021 · 13 revisions

This page documents how to deploy ssh-chat using various methods.

You can run ssh-chat on port 22, but then you'll need to change the port of OpenSSH to something else like 2022. You can do this in /etc/ssh/sshd_config. Two services can't run on the same port like this.

There are two popular Service Managers for Unix-Like systems, OpenRC (BSD systems) and systemd (Linux). Either one must be set up to run ssh-chat as a service (in the background). ssh-chat can be run as a user (not a daemon) but will stop servicing once the running user exits the terminal instance.

OpenRC

/etc/init.d/openrc:

#!/sbin/openrc-run

name="$RC_SVCNAME"
description="Chat server over SSH"
command="/usr/local/bin/ssh-chat"
command_args="-i '$server_ident' --bind='$port' --admin='$admin_fingerprint' --whitelist='$whitelist' --motd='$motdfile' --log=$logfile"
pidfile="/run/$RC_SVCNAME.pid"
command_background="yes"
command_user="nobody"  # If you want to secure your keyfile, you should change this to a
                       # user specifically for running ssh-chat

/etc/conf.d/openrc:

# Config for /etc/init.d/ssh-chat
# See `/usr/bin/ssh-chat --help` for more details

# The admin's key fingerprint
#admin_fingerprint=SHA256:[INSERT HERE]

# The server's private key (path)
server_ident=[INSERT HERE]

# The port to bind to
# port=22

# The whitelist file
# whitelist=""

# The MOTD (Message Of The Day) file
# motd=""

# The logfile location
log="/var/log/ssh-chat.log"

systemd

(Replace /PATH/TO/)

/etc/systemd/system/ssh-chat.service:

[Unit]
Description=ssh-chat
After=network.target

[Service]
Type=simple
User=root
#You can store keys ouside of root and comment out 'User=root' then uncomment 'User=nobody'
#User=nobody

ExecStart=/PATH/TO/ssh-chat --bind=":22" -i="/PATH/TO/host_key" --admin="/PATH/TO/authorized_keys"
AmbientCapabilities=CAP_NET_BIND_SERVICE
Restart=always

[Install]
WantedBy=multi-user.target

Make sure all your paths are readable by the user you're running as. If it's User=nobody, then they need to be readable by everyone!

It's best to make a separate user just for your ssh-chat service and store all files on this user.

Installation Steps:

The following installation steps can be used to automate the installation on Ubuntu Linux 16 (LTS), some slight modifications may be required for other distributions.

$ export LATEST_SSHCHAT=$(curl -s https://api.github.com/repos/shazow/ssh-chat/releases | grep -om1 "https://.*/ssh-chat-linux_amd64.tgz")
$ wget "${LATEST_SSHCHAT}"
$ sudo tar -xf ssh-chat-linux_amd64.tgz -C /opt                     # extracts ssh-chat to /opt
$ sudo ln -sf /opt/ssh-chat/ssh-chat /usr/local/bin/ssh-chat        # creates a symlink in /usr/local/bin for convenience
$ sudo ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa                 # generates a key/fingerprint for your server
$ sudo sed -i -e '/^Port/s/^.*$/Port 2222/' /etc/ssh/sshd_config    # ensures that system sshd runs on port 2222
$ sudo service ssh restart                                          # restarts sshd (now on port 2222)
- create /etc/systemd/system/ssh-chat.service based on the instructions above
$ sudo systemctl daemon-reload                                      # restarts systemd daemon
$ sudo systemctl enable ssh-chat                                    # ensures ssh-chat will start up after a reboot
$ sudo systemctl start ssh-chat                                     # starts the ssh-chat daemon

Additional resources:

Clone this wiki locally