Changeset 0931098 for server/other/openssh.xml
- Timestamp:
- 06/13/2004 05:38:30 AM (20 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 60384c68
- Parents:
- 08254fc
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
server/other/openssh.xml
r08254fc r0931098 1 <?xml version="1.0" encoding="ISO-8859-1"?> 2 <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" 3 "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [ 4 <!ENTITY % general-entities SYSTEM "../../general.ent"> 5 %general-entities; 6 7 <!ENTITY openssh-download-http "http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz"> 8 <!ENTITY openssh-download-ftp "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz"> 9 <!ENTITY openssh-size "799 KB"> 10 <!ENTITY openssh-buildsize "37 MB"> 11 <!ENTITY openssh-time "0.49 SBU"> 12 13 ]> 14 1 15 <sect1 id="openssh" xreflabel="OpenSSH-&openssh-version;"> 2 16 <?dbhtml filename="openssh.html"?> 3 17 <title>Open<acronym>SSH</acronym>-&openssh-version;</title> 4 18 5 &openssh-intro; 6 &openssh-inst; 7 &openssh-exp; 8 &openssh-config; 9 &openssh-desc; 19 <sect2> 20 <title>Introduction to <application>Open<acronym>SSH</acronym></application></title> 21 22 <para>The <application>Open<acronym>SSH</acronym></application> package 23 contains <command>ssh</command> clients and the <command>sshd</command> daemon. 24 This is useful for encrypting authentication and subsequent traffic over a network.</para> 25 26 <sect3><title>Package information</title> 27 <itemizedlist spacing='compact'> 28 <listitem><para>Download (HTTP): <ulink url="&openssh-download-http;"/></para></listitem> 29 <listitem><para>Download (FTP): <ulink url="&openssh-download-ftp;"/></para></listitem> 30 <listitem><para>Download size: &openssh-size;</para></listitem> 31 <listitem><para>Estimated Disk space required: &openssh-buildsize;</para></listitem> 32 <listitem><para>Estimated build time: &openssh-time;</para></listitem></itemizedlist> 33 </sect3> 34 35 <sect3><title><application>Open<acronym>SSH</acronym></application> dependencies</title> 36 <sect4><title>Required</title> 37 <para><xref linkend="openssl"/></para></sect4> 38 <sect4><title>Optional</title> 39 <para> 40 <xref linkend="Linux_PAM"/>, 41 <xref linkend="tcpwrappers"/>, 42 X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>), 43 <xref linkend="mitkrb"/> or <xref linkend="heimdal"/>, and 44 <ulink url="http://www.opensc.org/">OpenSC</ulink> 45 </para></sect4> 46 </sect3> 47 48 </sect2> 49 50 <sect2> 51 <title>Installation of <application>Open<acronym>SSH</acronym></application></title> 52 53 <para><application>Open<acronym>SSH</acronym></application> runs as two 54 processes when connecting to other 55 computers. The first process is a privileged process and controls the 56 issuance of privileges as necessary. The second process communicates 57 with the network. Additional installation steps are necessary to set up 58 the proper environment which are performed by the following 59 commands:</para> 60 61 <screen><userinput><command>mkdir /var/empty && 62 chown root:sys /var/empty && 63 groupadd sshd && 64 useradd -c 'sshd privsep' -d /var/empty -g sshd -s /bin/false sshd</command></userinput></screen> 65 66 <para><application>OpenSSH</application> is very sensitive to changes in the 67 linked <application>OpenSSL</application> libraries. If you recompile 68 <application>OpenSSL</application>, <application>OpenSSH</application> may 69 fail to startup. An alternative is to link against the static <application>OpenSSL</application> 70 library. To link against the static library, execute the following command:</para> 71 72 <screen><userinput><command>sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" configure</command></userinput></screen> 73 74 <para>Install <application>Open<acronym>SSH</acronym></application> by running 75 the following commands:</para> 76 77 <screen><userinput><command>./configure --prefix=/usr --sysconfdir=/etc/ssh \ 78 --libexecdir=/usr/sbin --with-md5-passwords && 79 make && 80 make install</command></userinput></screen> 81 82 </sect2> 83 84 <sect2> 85 <title>Command explanations</title> 86 87 <para><parameter>--sysconfdir=/etc/ssh</parameter>: This prevents the 88 configuration files from going to <filename class="directory">/usr/etc</filename>.</para> 89 90 <para><parameter>--with-md5-passwords</parameter>: This is required 91 if you made the changes recommended by the shadowpasswd_plus 92 <acronym>LFS</acronym> hint on 93 your <acronym>SSH</acronym> server when you installed the Shadow Password 94 Suite or if you access a <acronym>SSH</acronym> server that authenticates by 95 user passwords encrypted with md5. </para> 96 97 <para><parameter>--libexecdir=/usr/sbin</parameter>: 98 <application>Open<acronym>SSH</acronym></application> installs 99 programs called by programs in <filename class="directory">/usr/libexec</filename>. 100 <command>sftp-server</command> is a <command>sshd</command> 101 utility and <command>ssh-askpass</command> is a <command>ssh-add</command> 102 utility that is installed as a link to <command>X11-ssh-askpass</command>. 103 Both of these should go in <filename class="directory">/usr/sbin</filename> 104 not <filename class="directory">/usr/libexec</filename>.</para> 105 106 </sect2> 107 108 <sect2> 109 <title>Configuring <application>Open<acronym>SSH</acronym></application></title> 110 111 <sect3><title>Config files</title> 112 113 <para><filename>/etc/ssh/ssh_config</filename>, 114 <filename>/etc/ssh/sshd_config </filename></para> 115 <para>There are no required changes in either of these files. However 116 you may wish to view them to make changes for appropriate security to 117 your system. Configuration information can be found in the man pages for 118 <command>sshd</command>, <command>ssh</command> and <command>ssh-agent 119 </command></para> 120 </sect3> 121 122 <sect3><title>sshd init.d script</title> 123 124 <para>To start the SSH Server at boot, install the <filename>/etc/rc.d/init.d/sshd</filename> 125 init script included in the <xref linkend="intro-important-bootscripts"/> package.</para> 126 127 <screen><userinput><command>make install-sshd</command></userinput></screen> 128 129 </sect3> 130 131 </sect2> 132 133 <sect2> 134 <title>Contents</title> 135 136 <para>The <application>Open<acronym>SSH</acronym></application> package contains <command>ssh</command>, 137 <command>sshd</command>, <command>ssh-agent</command>, 138 <command>ssh-add</command>, <command>sftp</command>, 139 <command>scp</command>, <command>ssh-keygen</command>, 140 <command>sftp-server</command> and 141 <command>ssh-keyscan</command>.</para> 142 143 </sect2> 144 145 <sect2><title>Description</title> 146 147 <sect3><title>ssh</title> 148 <para>The basic rlogin/rsh-like client program.</para></sect3> 149 150 <sect3><title>sshd</title> 151 <para>The daemon that listens for ssh login requests.</para></sect3> 152 153 <sect3><title>ssh-agent</title> 154 <para>An authentication agent that can store private keys.</para></sect3> 155 156 <sect3><title>ssh-add</title> 157 <para>Tool which adds keys to the <command>ssh-agent</command>.</para></sect3> 158 159 <sect3><title>sftp</title> 160 <para><acronym>FTP</acronym>-like program that works over 161 <acronym>SSH</acronym>1 and <acronym>SSH</acronym>2 protocols.</para></sect3> 162 163 <sect3><title>scp</title> 164 <para>File copy program that acts like rcp.</para></sect3> 165 166 <sect3><title>ssh-keygen</title> 167 <para>Key generation tool.</para></sect3> 168 169 <sect3><title>sftp-server</title> 170 <para><acronym>SFTP</acronym> server subsystem.</para></sect3> 171 172 <sect3><title>ssh-keyscan</title> 173 <para>Utility for gathering public host keys from a number of hosts.</para></sect3> 174 175 </sect2> 10 176 11 177 </sect1>
Note:
See TracChangeset
for help on using the changeset viewer.