This page documents how to deploy ssh-chat using various methods.
You can run ssh-chat on port 22, but then you'll need to change the port of OpenSSH to something else like 2022. You can do this in /etc/ssh/sshd_config. Two services can't run on the same port like this.
There are two popular Service Managers for Unix-Like systems, OpenRC (BSD systems) and systemd (Linux). Either one must be set up to run ssh-chat as a service (in the background). ssh-chat can be run as a user (not a daemon) but will stop servicing once the running user exits the terminal instance.
OpenRC
/etc/init.d/openrc:
#!/sbin/openrc-run
name="$RC_SVCNAME"
description="Chat server over SSH"
command="/usr/local/bin/ssh-chat"
command_args="-i '$server_ident' --bind='$port' --admin='$admin_fingerprint' --whitelist='$whitelist' --motd='$motdfile' --log=$logfile"
pidfile="/run/$RC_SVCNAME.pid"
command_background="yes"
command_user="nobody" # If you want to secure your keyfile, you should change this to a
# user specifically for running ssh-chat
/etc/conf.d/openrc:
# Config for /etc/init.d/ssh-chat
# See `/usr/bin/ssh-chat --help` for more details
# The admin's key fingerprint
#admin_fingerprint=SHA256:[INSERT HERE]
# The server's private key (path)
server_ident=[INSERT HERE]
# The port to bind to
# port=22
# The whitelist file
# whitelist=""
# The MOTD (Message Of The Day) file
# motd=""
# The logfile location
log="/var/log/ssh-chat.log"
systemd
(Replace /PATH/TO/)
/etc/systemd/system/ssh-chat.service:
[Unit]
Description=ssh-chat
After=network.target
[Service]
Type=simple
User=root
#You can store keys ouside of root and comment out 'User=root' then uncomment 'User=nobody'
#User=nobody
ExecStart=/PATH/TO/ssh-chat --bind=":22" -i="/PATH/TO/host_key" --admin="/PATH/TO/authorized_keys"
AmbientCapabilities=CAP_NET_BIND_SERVICE
Restart=always
[Install]
WantedBy=multi-user.target
Make sure all your paths are readable by the user you're running as. If it's User=nobody, then they need to be readable by everyone!
It's best to make a separate user just for your ssh-chat service and store all files on this user.
Installation Steps:
The following installation steps can be used to automate the installation on Ubuntu Linux 16 (LTS), some slight modifications may be required for other distributions.
$ export LATEST_SSHCHAT=$(curl -s https://api.github.com/repos/shazow/ssh-chat/releases | grep -om1 "https://.*/ssh-chat-linux_amd64.tgz")
$ wget "${LATEST_SSHCHAT}"
$ sudo tar -xf ssh-chat-linux_amd64.tgz -C /opt # extracts ssh-chat to /opt
$ sudo ln -sf /opt/ssh-chat/ssh-chat /usr/local/bin/ssh-chat # creates a symlink in /usr/local/bin for convenience
$ sudo ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa # generates a key/fingerprint for your server
$ sudo sed -i -e '/^Port/s/^.*$/Port 2222/' /etc/ssh/sshd_config # ensures that system sshd runs on port 2222
$ sudo service ssh restart # restarts sshd (now on port 2222)
- create /etc/systemd/system/ssh-chat.service based on the instructions above
$ sudo systemctl daemon-reload # restarts systemd daemon
$ sudo systemctl enable ssh-chat # ensures ssh-chat will start up after a reboot
$ sudo systemctl start ssh-chat # starts the ssh-chat daemon
Running on OpenBSD
Building ssh-chat on OpenBSD is the same as in other systems. All we need is to install Go.
# pkg_add go
Running as a service
It's perfectly valid to not run ssh-chat as a service. Simply running $ ssh-chat yourself or running it inside Tmux works great. For example, you can add the following to run ssh-chat whenever your computer boots by putting the following in your crontab:
@reboot tmux new-session -d '/path/to/ssh-chat [...]'
But if you want to run it as a service, you can try the following:
Put the executable in a standard location
You can create a link to the existing binary or move it completely to /usr/local/bin.
# ln -s ~/ssh-chat/ssh-chat /usr/local/bin/ssh-chat
Create the user that will run this service
You can use useradd or adduser. For example:
# useradd -m chat
Create the directory where ssh-chat configuration will live
Let's make sure to set the right permissions as well.
# mkdir /var/ssh-chat
# chown chat:chat /var/chat
Create the service
Finally, let's create the service. Create a file called /etc/rc.d/ssh_chat with the following contents:
#!/bin/ksh
daemon="/usr/local/bin/ssh-chat"
daemon_logger="daemon.info"
daemon_flags="--verbose --bind ':PORT' --identity PRIVATE_KEY --admin=ADMIN_FILE --motd=MOTD_FILE"
daemon_user="USER"
. /etc/rc.d/rc.subr
rc_bg=YES
rc_reload=NO
rc_cmd $1
Modify the values in daemon_flags and daemon_user based on your configurations. Alternately, you can set the flags directly with rcctl:
# rcctl set ssh_chat flags --verbose --bind [...] --identity [...]
After that, you can enable and run the service:
# rcctl enable ssh_chat
# rcctl start ssh_chat
Logs
The logs will be found in /var/log/daemon so monitor that file if you run into any issues.