OpenSSH is primarily developed by the OpenBSD Project, and its first inclusion into an operating system was in OpenBSD 2.6. The software is developed outside the USA, using code from roughly 10 countries, and is freely useable and re-useable by everyone under a BSD license.
OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed (to external libraries), all known security bugs fixed, new features reintroduced and many other clean-ups. More information about SSH itself can be found in the file README.Ylonen.
OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4].
OpenSSH for linux
http://www.openssh.com/portable.html
Linux RPMs, from Alberta, Canada
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/rpm/
OpenSSH installation guide
http://www.openssh.com/install.html
SSH Frequently Asked Questions
http://snailbook.oankali.net/faq/
these RPMs have been built with the rpm-3.0.5 release of RPM and may not install cleanly on systems which use earlier versions.
mine is rpm-3.0.3, which need many upgrades before I can make use of the packages.
After upgrading my rpm to 3.0.5, and installed the damn rpm package, I found what is installed is just scp and ssh-kengen. Where the heck is ssh, sshd?
./configure --with-tcp-wrappers make
pkg=ssh make -n install | tee ../../logs/$pkg.log.0 make install | tee ../../logs/$pkg.log.1
— "make install" has included "make host-key"
--with-ssl-dir=PATH Specify path to OpenSSL installation
- —with-tcp-wrappers
- will enable TCP Wrappers (/etc/hosts.allow|deny) support. You will need libwrap.a and tcpd.h installed.
- —with-md5-passwords
- will enable the use of MD5 passwords. Enable this if your operating system uses MD5 passwords without using PAM.
- —enable-group-writeability
- yes|no (no)
Normally sshd verifies that the user authentication files are only modifiable by the owner. Setting this option allows group write access to the files. This should be used with caution as it is a systemwide change.
![[Tip]](../../../../../asciidoc/images/icons/tip.png){kind=icon} | |
!! |
Generating RSA keys: ...................ooooooO.........ooooooO Key generation complete. Your identification has been saved in /usr/local/etc/ssh_host_key. Your public key has been saved in /usr/local/etc/ssh_host_key.pub. The key fingerprint is: 49:e0:e5:37:de:6c:10:0f:22:2c:1e:e8:5d:b5:ae:ef root@sunny Generating DSA parameter and key. Your identification has been saved in /usr/local/etc/ssh_host_dsa_key. Your public key has been saved in /usr/local/etc/ssh_host_dsa_key.pub. The key fingerprint is: c2:49:74:eb:b3:92:fd:e4:32:92:e4:14:bc:6b:de:3f root@sunny
generate server key: done in
make install
deliberate setting:
make host-key
SSH does password authentication via PAM, which means that you must configure PAM on your system to know about SSH.
cp openssh-2.1.1p3/contrib/redhat/sshd.pam /etc/pam.d/sshd
# ./configure
[...]
checking for OpenSSL directory... configure: error: Could not find working SSLeay / OpenSSL libraries, please install
./configure --with-ssl-dir=/usr & ./configure --with-ssl-dir=/usr/lib
won't work, has to install openssl-devel-0.9.5a-3.i386.rpm instead of
openssl-0.9.5a-3.i386.rpm beforehand.
OpenSSH configured has been configured with the following options.
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /usr/local/etc
Askpass program: /usr/local/libexec/ssh/ssh-askpass
Manual pages: /usr/local/man/manX
PID file: /var/run
Random number collection: Device (/dev/urandom)
Manpage format: man
PAM support: yes
KerberosIV support: no
AFS support: no
S/KEY support: no
TCP Wrappers support: no
MD5 password support: no
IP address in $DISPLAY hack: no
Use IPv4 by default hack: no
Translate v4 in v6 hack: yes
