Download location (HTTP): http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-3.6.1p1.tar.gz Download location (FTP): ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.6.1p1.tar.gz Version used: 3.6.1p1 Package size: 855 KB Estimated Disk space required: 8.3 MB |
The OpenSSH package contains ssh clients and the sshd daemon. This is useful for encrypting all traffic over a network.
OpenSSH depends on: openssl-0.9.7a OpenSSH will utilize: X11-ssh-askpass and Linux_PAM-0.77 |
OpenSSH runs as two processes when connecting to other computers. The first process is a priviledged process and controls the issuance of privileges as necessary. The second process communicates with the network. Additional installation steps are necessary to set up the proper environment which are performed by the following commands:
mkdir /var/empty && chown root:sys /var/empty && groupadd sshd && useradd -g sshd sshd |
Install OpenSSH by running the following commands:
./configure --prefix=/usr --sysconfdir=/etc/ssh \ --libexecdir=/usr/sbin --with-md5-passwords && make && make install |
--sysconfigdir=/etc/ssh : This prevents the configuration files from going to /usr/etc.
--with-md5-passwords : This is required if you made the changes recommended by the shadowpasswd_plus lfs hint on your ssh server when you installed the Shadow Password Suite or if you access a ssh server that authenticates by user passwords encrypted with md5.
--libexecdir=/usr/sbin : OpenSSH puts programs called by programs in /usr/libexec. sftp-server is a sshd utility and ssh-askpass is a ssh-add utility that is installed as a link to X11-ssh-askpass. Both of these should go in /usr/sbin not /usr/libexec.
/etc/ssh/ssh_config, /etc/ssh/sshd_config
There are no required changes in either of these files. However you may wish to view them to make changes for appropriate security to your system. Configuration information can be found in the man pages for sshd, ssh and ssh-agent
Note that you only want to start the sshd server if you want to be able to ssh into your machine. The ssh client doesn't need this script to be used. Having said that, if you want to run the ssh daemon, the sshd init.d script can be created using the following commands:
cat > /etc/rc.d/init.d/sshd << "EOF"
#!/bin/sh
# Begin $rc_base/init.d/sshd
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
source /etc/sysconfig/rc
source $rc_functions
case "$1" in
start)
echo "Starting SSH Server..."
loadproc /usr/sbin/sshd
;;
stop)
echo "Stopping SSH Server..."
killproc /usr/sbin/sshd
;;
reload)
echo "Reloading SSH Server..."
reloadproc /usr/sbin/sshd
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/sbin/sshd
;;
*)
echo "Usage: $0 {start|stop|reload|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/sshd
EOF
chmod 755 /etc/rc.d/init.d/sshd |
Create the symbolic links to this file in the relevant rc.d directories with the following commands:
cd /etc/rc.d/init.d && ln -sf ../init.d/sshd ../rc0.d/K30sshd && ln -sf ../init.d/sshd ../rc1.d/K30sshd && ln -sf ../init.d/sshd ../rc2.d/K30sshd && ln -sf ../init.d/sshd ../rc3.d/S30sshd && ln -sf ../init.d/sshd ../rc4.d/S30sshd && ln -sf ../init.d/sshd ../rc5.d/S30sshd && ln -sf ../init.d/sshd ../rc6.d/K30sshd |
The OpenSSH package contains ssh, sshd, ssh-agent, ssh-add, sftp, scp, ssh-keygen, sftp-server and ssh-keyscan.
The basic rlogin/rsh-like client program.
The daemon that permits you to login.
An authentication agent that can store private keys.
Tool which adds keys to the ssh-agent.
FTP-like program that works over SSH1 and SSH2 protocol.
File copy program that acts like rcp.
Key generation tool.
SFTP server subsystem.
Utility for gathering public host keys from a number of hosts.