436 lines
7.1 KiB
HTML
436 lines
7.1 KiB
HTML
|
<HTML
|
||
|
><HEAD
|
||
|
><TITLE
|
||
|
>Linux SSH2 Client/Server</TITLE
|
||
|
><META
|
||
|
NAME="GENERATOR"
|
||
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
||
|
REL="HOME"
|
||
|
TITLE="Securing and Optimizing Linux"
|
||
|
HREF="index.html"><LINK
|
||
|
REL="UP"
|
||
|
TITLE="Software -Securties(commercial)"
|
||
|
HREF="softsec-com.html"><LINK
|
||
|
REL="PREVIOUS"
|
||
|
TITLE="Software -Securties(commercial)"
|
||
|
HREF="softsec-com.html"><LINK
|
||
|
REL="NEXT"
|
||
|
TITLE="Configure and Optimise SSH2"
|
||
|
HREF="chap16sec128.html"></HEAD
|
||
|
><BODY
|
||
|
CLASS="section"
|
||
|
BGCOLOR="#FFFFFF"
|
||
|
TEXT="#000000"
|
||
|
LINK="#0000FF"
|
||
|
VLINK="#840084"
|
||
|
ALINK="#0000FF"
|
||
|
><DIV
|
||
|
CLASS="NAVHEADER"
|
||
|
><TABLE
|
||
|
WIDTH="100%"
|
||
|
BORDER="0"
|
||
|
CELLPADDING="0"
|
||
|
CELLSPACING="0"
|
||
|
><TR
|
||
|
><TH
|
||
|
COLSPAN="3"
|
||
|
ALIGN="center"
|
||
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
WIDTH="10%"
|
||
|
ALIGN="left"
|
||
|
VALIGN="bottom"
|
||
|
><A
|
||
|
HREF="softsec-com.html"
|
||
|
>Prev</A
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="80%"
|
||
|
ALIGN="center"
|
||
|
VALIGN="bottom"
|
||
|
>Chapter 16. Software -Securties(commercial)</TD
|
||
|
><TD
|
||
|
WIDTH="10%"
|
||
|
ALIGN="right"
|
||
|
VALIGN="bottom"
|
||
|
><A
|
||
|
HREF="chap16sec128.html"
|
||
|
>Next</A
|
||
|
></TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
><HR
|
||
|
ALIGN="LEFT"
|
||
|
WIDTH="100%"></DIV
|
||
|
><DIV
|
||
|
CLASS="section"
|
||
|
><H1
|
||
|
CLASS="section"
|
||
|
><A
|
||
|
NAME="prt6ch2sc1ssh"
|
||
|
>16.1. Linux SSH2 Client/Server</A
|
||
|
></H1
|
||
|
><P
|
||
|
> Since Linux is all about choices we have provided as an alternative the commercial verion of OpenSSH, The SSH2 and these installation instructions assume
|
||
|
<P
|
||
|
></P
|
||
|
><UL
|
||
|
><LI
|
||
|
><P
|
||
|
> Commands are Unix-compatible.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> The source path is <TT
|
||
|
CLASS="filename"
|
||
|
>/var/tmp</TT
|
||
|
>, <EM
|
||
|
>other paths are possible</EM
|
||
|
>.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> Installations were tested on Red Hat Linux 6.1 and 6.2.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> All steps in the installation will happen in super-user account root.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> SSH2 version number is <TT
|
||
|
CLASS="literal"
|
||
|
>2.0.13</TT
|
||
|
>
|
||
|
</P
|
||
|
></LI
|
||
|
></UL
|
||
|
>
|
||
|
</P
|
||
|
><P
|
||
|
> Packages that you need can be downloaded from:
|
||
|
<P
|
||
|
></P
|
||
|
><TABLE
|
||
|
BORDER="0"
|
||
|
><TBODY
|
||
|
><TR
|
||
|
><TD
|
||
|
> SSH2 Homepage:<A
|
||
|
HREF="appendixa.html#prtinxfp14"
|
||
|
>http://www.ssh.org/</A
|
||
|
>
|
||
|
</TD
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
> You must be sure to download: <TT
|
||
|
CLASS="literal"
|
||
|
>ssh-2.0.13.tar.gz</TT
|
||
|
>
|
||
|
</TD
|
||
|
></TR
|
||
|
></TBODY
|
||
|
></TABLE
|
||
|
><P
|
||
|
></P
|
||
|
>
|
||
|
</P
|
||
|
><P
|
||
|
> once you have got the Tarballs, It is a good idea to make a list of files on the system before you install ssh2, and one afterwards, and then compare them using diff to find out what file it placed where. Simply run
|
||
|
<B
|
||
|
CLASS="command"
|
||
|
>find</B
|
||
|
> <TT
|
||
|
CLASS="userinput"
|
||
|
><B
|
||
|
>/* > SSH1</B
|
||
|
></TT
|
||
|
> before and <B
|
||
|
CLASS="command"
|
||
|
>find</B
|
||
|
> <TT
|
||
|
CLASS="userinput"
|
||
|
><B
|
||
|
>/* > SSH2</B
|
||
|
></TT
|
||
|
> after you install the software, and use <B
|
||
|
CLASS="command"
|
||
|
>diff</B
|
||
|
> <TT
|
||
|
CLASS="userinput"
|
||
|
><B
|
||
|
>SSH1 SSH2 > SSH-Installed</B
|
||
|
></TT
|
||
|
>
|
||
|
to get a list of what changed.
|
||
|
</P
|
||
|
><P
|
||
|
> Before you Compile, you need to decompress the tarball <TT
|
||
|
CLASS="literal"
|
||
|
>tar.gz</TT
|
||
|
>.
|
||
|
<TABLE
|
||
|
BORDER="0"
|
||
|
BGCOLOR="#E0E0E0"
|
||
|
WIDTH="100%"
|
||
|
><TR
|
||
|
><TD
|
||
|
><PRE
|
||
|
CLASS="screen"
|
||
|
> [root@deep] /#<B
|
||
|
CLASS="command"
|
||
|
>cp</B
|
||
|
> ssh-version.tar.gz /var/tmp
|
||
|
[root@deep] /#<B
|
||
|
CLASS="command"
|
||
|
>cd</B
|
||
|
> /var/tmp
|
||
|
[root@deep ]/tmp#<B
|
||
|
CLASS="command"
|
||
|
>tar</B
|
||
|
> xzpf ssh-version.tar.gz
|
||
|
</PRE
|
||
|
></TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
>
|
||
|
</P
|
||
|
><P
|
||
|
> You need to Compile and Optimize so move into the new SSH2 directory and type the following commands on your terminal:
|
||
|
|
||
|
<TABLE
|
||
|
BORDER="0"
|
||
|
BGCOLOR="#E0E0E0"
|
||
|
WIDTH="100%"
|
||
|
><TR
|
||
|
><TD
|
||
|
><PRE
|
||
|
CLASS="programlisting"
|
||
|
> CC="egcs" \
|
||
|
CFLAGS="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro -fomit-frame-pointer -fno-exceptions" \
|
||
|
./configure \
|
||
|
--prefix=/usr \
|
||
|
--without-ssh-agent1-compat \
|
||
|
--disable-suid-ssh-signer \
|
||
|
--disable-tcp-port-forwarding \
|
||
|
--disable-X11-forwarding \
|
||
|
--enable-tcp-nodelay \
|
||
|
--with-libwrap
|
||
|
</PRE
|
||
|
></TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
>
|
||
|
</P
|
||
|
><P
|
||
|
> This tells SSH2 to set itself up for this particular hardware setup as follows:
|
||
|
<P
|
||
|
></P
|
||
|
><UL
|
||
|
><LI
|
||
|
><P
|
||
|
> Leave out ssh-agent1 compatibility.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> Install ssh-signer without suid bit.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> Disable port forwarding support.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> Disable <TT
|
||
|
CLASS="literal"
|
||
|
>X11</TT
|
||
|
> forwarding support.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> Enable <TT
|
||
|
CLASS="envar"
|
||
|
>TCP_NODELAY</TT
|
||
|
> socket option.
|
||
|
</P
|
||
|
></LI
|
||
|
><LI
|
||
|
><P
|
||
|
> Compile in libwrap <TT
|
||
|
CLASS="literal"
|
||
|
>tcp_wrappers</TT
|
||
|
> support.
|
||
|
</P
|
||
|
></LI
|
||
|
></UL
|
||
|
>
|
||
|
</P
|
||
|
><P
|
||
|
> <TABLE
|
||
|
BORDER="0"
|
||
|
BGCOLOR="#E0E0E0"
|
||
|
WIDTH="100%"
|
||
|
><TR
|
||
|
><TD
|
||
|
><PRE
|
||
|
CLASS="screen"
|
||
|
> [root@deep ]/ssh-2.0.13#<B
|
||
|
CLASS="command"
|
||
|
>make clean</B
|
||
|
>
|
||
|
[root@deep ]/ssh-2.0.13#<B
|
||
|
CLASS="command"
|
||
|
> make</B
|
||
|
>
|
||
|
[root@deep ]/ssh-2.0.13#<B
|
||
|
CLASS="command"
|
||
|
> make install</B
|
||
|
>
|
||
|
[root@deep ]/ssh-2.0.13#<B
|
||
|
CLASS="command"
|
||
|
>rm</B
|
||
|
> -f /usr/bin/ssh-askpass
|
||
|
</PRE
|
||
|
></TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
>
|
||
|
<P
|
||
|
></P
|
||
|
><TABLE
|
||
|
BORDER="0"
|
||
|
><TBODY
|
||
|
><TR
|
||
|
><TD
|
||
|
> The <B
|
||
|
CLASS="command"
|
||
|
>make clean</B
|
||
|
>, command erase all previous traces of a compilation so as to avoid any mistakes,
|
||
|
</TD
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
> The <B
|
||
|
CLASS="command"
|
||
|
>make</B
|
||
|
> command compiles all source files into executable binaries,
|
||
|
</TD
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
> The <B
|
||
|
CLASS="command"
|
||
|
>make install</B
|
||
|
> command installs the binaries and any supporting files into the appropriate locations.
|
||
|
</TD
|
||
|
></TR
|
||
|
></TBODY
|
||
|
></TABLE
|
||
|
><P
|
||
|
></P
|
||
|
>
|
||
|
</P
|
||
|
><P
|
||
|
> Please don't forget to cleanup after work:
|
||
|
<TABLE
|
||
|
BORDER="0"
|
||
|
BGCOLOR="#E0E0E0"
|
||
|
WIDTH="100%"
|
||
|
><TR
|
||
|
><TD
|
||
|
><PRE
|
||
|
CLASS="screen"
|
||
|
> [root@deep] /#<B
|
||
|
CLASS="command"
|
||
|
>cd</B
|
||
|
> /var/tmp
|
||
|
[root@deep ]/tmp#<B
|
||
|
CLASS="command"
|
||
|
>rm</B
|
||
|
> -rf ssh-version/ ssh-version.tar.gz
|
||
|
</PRE
|
||
|
></TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
>
|
||
|
The <B
|
||
|
CLASS="command"
|
||
|
>rm</B
|
||
|
> command as used above will remove all the source files we have used to compile and install SSH2. It will also remove the SSH2 compressed archive from
|
||
|
the <TT
|
||
|
CLASS="filename"
|
||
|
>/var/tmp</TT
|
||
|
> directory.
|
||
|
</P
|
||
|
></DIV
|
||
|
><DIV
|
||
|
CLASS="NAVFOOTER"
|
||
|
><HR
|
||
|
ALIGN="LEFT"
|
||
|
WIDTH="100%"><TABLE
|
||
|
WIDTH="100%"
|
||
|
BORDER="0"
|
||
|
CELLPADDING="0"
|
||
|
CELLSPACING="0"
|
||
|
><TR
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="left"
|
||
|
VALIGN="top"
|
||
|
><A
|
||
|
HREF="softsec-com.html"
|
||
|
>Prev</A
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="34%"
|
||
|
ALIGN="center"
|
||
|
VALIGN="top"
|
||
|
><A
|
||
|
HREF="index.html"
|
||
|
>Home</A
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="right"
|
||
|
VALIGN="top"
|
||
|
><A
|
||
|
HREF="chap16sec128.html"
|
||
|
>Next</A
|
||
|
></TD
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="left"
|
||
|
VALIGN="top"
|
||
|
>Software -Securties(commercial)</TD
|
||
|
><TD
|
||
|
WIDTH="34%"
|
||
|
ALIGN="center"
|
||
|
VALIGN="top"
|
||
|
><A
|
||
|
HREF="softsec-com.html"
|
||
|
>Up</A
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="right"
|
||
|
VALIGN="top"
|
||
|
>Configure and Optimise SSH2</TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
></DIV
|
||
|
></BODY
|
||
|
></HTML
|
||
|
>
|