Pick a Free OS

User login

Navigation

Home

Replacing Telnet; OpenSSH, a secure alternative

Tue, 11/21/2000 - 13:04 |  admin
Email: 
mayank@freeos.com

tar zxvf openssl-0.9.5a.tar.gz

cd openssl-0.9.5a

./configure

make

su -c "make install"

OpenSSH

RPM: rpm -ivh openssh-2.3.0p1-1.i386.rpm <- Should be installed first

rpm -ivh openssh-clients-2.3.0p1-1.i386.rpm

rpm -ivh openssh-server-2.3.0p1-1.i386.rpm

For the tar.gz

tar zxvf openssh-2.3.0p1.tar.gz

cd openssh-2.3.0p1

./configure --sysconfdir=/etc/ssh

By default OpenSSH places the configuration files under /usr/local/etc. Using

the --sysconfdir allows you to set your own.

make

su -c "make install"

su -c "make host-key"

This will create the RSA and DSA host keys for your system. SSH works on

the public/private key pair method. RSA is the older format whereas DSA is

the new format and the one used by SSH2.

Enter the contrib sub-directory. There are a few files of importance here.

First is ssh.pam.generic. Most new Linux distributions use PAM for

authentication. This is a generic file that suits most distributions. A

version for Red Hat can be found in the redhat sub-directory. Copy this

file to /etc/pam.d as sshd.

cp sshd.pam.generic /etc/pam.d/sshd

Also provided here are init script for use with SuSE and Red Hat. The SuSE

directory also contains a configuration file that you should copy to

/etc/rc.config.d

cat rc.config.sshd >> /etc/rc.config

You can use these scripts across most distributions with a few changes.

One of the changes that we needed to make to the SuSE script was to change

the path from /usr/sbin to /usr/local/sbin. Copy the startup script to

/etc/rc.d/init.d (Red Hat) /sbin/init.d (SuSE).

Now you can start the ssh daemon by

/etc/rc.d/init.d/sshd start (Red Hat)

or

/sbin/init.d/sshd start (SuSE)

To check whether SSH is running, telnet to port 22 on your machine. You

should see the following.

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

SSH-1.99-OpenSSH_2.3.0p1

Usage

First thing that each user needs to do is create a public/private key

pair. This is done using the ssh-keygen program.

ssh-keygen -d

The command ssh-keygen is enough to prepare an RSA key for usage. The '-d'

bit makes a DSA key instead for use with SSH2. You will be asked for the

filename to store the key as. This allows you to have different

private/public key pairs for the various hosts that you will be connecting

Login to post comments |   |  Tags: Articles - Howtos, Linux

Contact Us | Terms of Use | Trademarks | Privacy Statement
Copyright © Freeos.com | Contact Us: info@freeos.com