source: postlfs/security/ssh-askpass.xml

trunk
Last change on this file was 5461893, checked in by Bruce Dubbs <bdubbs@…>, 2 months ago

Tag security chapter and qemu
  • Property mode set to 100644
File size: 5.0 KB
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY ssh-askpass-download-http
8 "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&ssh-askpass-version;.tar.gz">
9 <!ENTITY ssh-askpass-download-ftp " ">
10 <!ENTITY ssh-askpass-md5sum "&openssh-md5sum;">
11 <!ENTITY ssh-askpass-size "1.8 MB">
12 <!ENTITY ssh-askpass-buildsize "10 MB">
13 <!ENTITY ssh-askpass-time "less than 0.1 SBU">
14]>
15
16<sect1 id="ssh-askpass" xreflabel="ssh-askpass-&ssh-askpass-version;">
17 <?dbhtml filename="ssh-askpass.html"?>
18
19
20 <title>ssh-askpass-&ssh-askpass-version;</title>
21
22 <indexterm zone="ssh-askpass">
23 <primary sortas="a-ssh-askpass">ssh-askpass</primary>
24 </indexterm>
25
26 <sect2 role="package">
27 <title>Introduction to ssh-askpass</title>
28
29 <para>
30 The <application>ssh-askpass</application> is a generic executable name for
31 many packages, with similar names, that provide a interactive X service to
32 grab password for packages requiring administrative privileges to be run.
33 It prompts the user with a window box where the necessary password can be
34 inserted. Here, we choose Damien Miller's package distributed in the
35 <application>OpenSSH</application> tarball.</para>
36
37 &lfs121_checked;
38
39 <bridgehead renderas="sect3">Package Information</bridgehead>
40 <itemizedlist spacing="compact">
41 <listitem>
42 <para>
43 Download (HTTP): <ulink url="&ssh-askpass-download-http;"/>
44 </para>
45 </listitem>
46 <listitem>
47 <para>
48 Download (FTP): <ulink url="&ssh-askpass-download-ftp;"/>
49 </para>
50 </listitem>
51 <listitem>
52 <para>
53 Download MD5 sum: &ssh-askpass-md5sum;
54 </para>
55 </listitem>
56 <listitem>
57 <para>
58 Download size: &ssh-askpass-size;
59 </para>
60 </listitem>
61 <listitem>
62 <para>
63 Estimated disk space required: &ssh-askpass-buildsize;
64 </para>
65 </listitem>
66 <listitem>
67 <para>
68 Estimated build time: &ssh-askpass-time;
69 </para>
70 </listitem>
71 </itemizedlist>
72
73 <bridgehead renderas="sect3">ssh-askpass Dependencies</bridgehead>
74
75 <bridgehead renderas="sect4">Required</bridgehead>
76 <para role="required">
77 <xref linkend="gtk3"/>,
78 <xref role="runtime" linkend="sudo"/> (runtime),
79 <xref linkend="xorg7-lib"/>, and
80 <xref role="runtime" linkend="x-window-system"/> (runtime)
81 </para>
82
83 </sect2>
84
85 <sect2 role="installation">
86 <title>Installation of ssh-askpass</title>
87
88 <para>
89 Install <application>ssh-askpass</application> by running the following
90 commands:
91 </para>
92
93<screen><userinput>cd contrib &amp;&amp;
94make gnome-ssh-askpass3</userinput></screen>
95
96 <para>
97 Now, as the <systemitem class="username">root</systemitem> user:
98 </para>
99
100<screen role="root"><userinput>install -v -d -m755 /usr/libexec/openssh/contrib &amp;&amp;
101install -v -m755 gnome-ssh-askpass3 /usr/libexec/openssh/contrib &amp;&amp;
102ln -sv -f contrib/gnome-ssh-askpass3 /usr/libexec/openssh/ssh-askpass</userinput></screen>
103
104 <para>
105 The use of /usr/libexec/openssh/contrib and a symlink is justified by the
106 eventual necessity of a different program for that service.
107 </para>
108
109 </sect2>
110
111 <sect2 role="configuration">
112 <title>Configuring ssh-askpass</title>
113
114 <sect3 id="ssh-askpass-config">
115 <title>Configuration Information</title>
116
117 <para>
118 As the <systemitem class="username">root</systemitem> user, configure
119 <xref linkend="sudo"/> to use <application>ssh-askpass</application>:
120 </para>
121
122<screen role="root"><userinput>cat &gt;&gt; /etc/sudo.conf &lt;&lt; "EOF" &amp;&amp;
123<literal># Path to askpass helper program
124Path askpass /usr/libexec/openssh/ssh-askpass</literal>
125EOF
126chmod -v 0644 /etc/sudo.conf</userinput></screen>
127
128 <para>
129 If a given graphical &lt;application&gt; requires administrative
130 privileges, use <command>sudo -A &lt;application&gt;</command> from an
131 x-terminal, from a Window Manager menu and/or replace
132 "Exec=&lt;application&gt; ..." by
133 "Exec=sudo -A &lt;application&gt; ..." in the
134 &lt;application&gt;.desktop file.
135 </para>
136
137 </sect3>
138
139 </sect2>
140
141 <sect2 role="content">
142 <title>Contents</title>
143
144 <segmentedlist>
145 <segtitle>Installed Programs</segtitle>
146 <segtitle>Installed Library</segtitle>
147 <segtitle>Installed Directory</segtitle>
148
149 <seglistitem>
150 <seg>
151 gnome-ssh-askpass3, ssh-askpass (symlink to
152 <filename>gnome-ssh-askpass3</filename>)
153 </seg>
154 <seg>
155 None
156 </seg>
157 <seg>
158 /usr/libexec/openssh/contrib
159 </seg>
160 </seglistitem>
161 </segmentedlist>
162
163 </sect2>
164
165</sect1>
Note: See TracBrowser for help on using the repository browser.