The OpenSSH package contains ssh clients and the sshd daemon. This is useful for encrypting all traffic over a network.
Download (HTTP): http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-3.7.1p2.tar.gz
Download (FTP): ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.7.1p2.tar.gz
Download size: 780 KB
Estimated Disk space required: 28.6 MB
Estimated build time: 0.32 SBU
OpenSSH runs as two processes when connecting to other computers. The first process is a privileged process and controls the issuance of privileges as necessary. The second process communicates with the network. Additional installation steps are necessary to set up the proper environment which are performed by the following commands:
mkdir /var/empty && chown root:sys /var/empty && groupadd sshd && useradd -c 'sshd privsep' -d /var/empty -g sshd -s /bin/false sshd |
Install OpenSSH by running the following commands:
./configure --prefix=/usr --sysconfdir=/etc/ssh \ --libexecdir=/usr/sbin --with-md5-passwords && make && make install |
--sysconfigdir=/etc/ssh: This prevents the configuration files from going to /usr/etc.
--with-md5-passwords: This is required if you made the changes recommended by the shadowpasswd_plus LFS hint on your SSH server when you installed the Shadow Password Suite or if you access a SSH server that authenticates by user passwords encrypted with md5.
--libexecdir=/usr/sbin: OpenSSH puts programs called by programs in /usr/libexec . sftp-server is a sshd utility and ssh-askpass is a ssh-add utility that is installed as a link to X11-ssh-askpass. Both of these should go in /usr/sbin not /usr/libexec.
/etc/ssh/ssh_config, /etc/ssh/sshd_config
There are no required changes in either of these files. However you may wish to view them to make changes for appropriate security to your system. Configuration information can be found in the man pages for sshd, ssh and ssh-agent
Note that you only want to start the sshd server if you want to be able to ssh into your machine. The ssh client doesn't need this script to be used. Having said that, if you want to run the ssh daemon, the OpenSSH daemon init.d script can be created using the following commands:
cat > /etc/rc.d/init.d/sshd << "EOF"
#!/bin/sh
# Begin $rc_base/init.d/sshd
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
source /etc/sysconfig/rc
source $rc_functions
case "$1" in
start)
echo "Starting SSH Server..."
loadproc /usr/sbin/sshd
;;
stop)
echo "Stopping SSH Server..."
killproc /usr/sbin/sshd
;;
reload)
echo "Reloading SSH Server..."
reloadproc /usr/sbin/sshd
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/sbin/sshd
;;
*)
echo "Usage: $0 {start|stop|reload|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/sshd
EOF
chmod 755 /etc/rc.d/init.d/sshd |
Create the symbolic links to this file in the relevant rc.d directories with the following commands:
cd /etc/rc.d/init.d && ln -sf ../init.d/sshd ../rc0.d/K30sshd && ln -sf ../init.d/sshd ../rc1.d/K30sshd && ln -sf ../init.d/sshd ../rc2.d/K30sshd && ln -sf ../init.d/sshd ../rc3.d/S30sshd && ln -sf ../init.d/sshd ../rc4.d/S30sshd && ln -sf ../init.d/sshd ../rc5.d/S30sshd && ln -sf ../init.d/sshd ../rc6.d/K30sshd |
The OpenSSH package contains ssh, sshd, ssh-agent, ssh-add, sftp, scp, ssh-keygen, sftp-server and ssh-keyscan.