Overview
Last Updated 9th April 2003 - install OpenSSH 3.6.1p1 SSH is a encryption protocol/program for sending and receiving information via possibly insecure networks. This allows you to login to remote machines in a way where the passwords and information are encrypted against possible sniffers/intrusion, that can detect the plain ASCII user names passwords that would normally flow using standard telnet, ftp and other unencrypted protocols. OpenSSH is the Open source completely free alternative to the psuedo-commercial SSH. In early March 2001, OpenSSL was compiled and installed (replacing SSH) due to security problems with ssh 1.2.x which did not seem to be getting fixed in a timely manner.
An old version of installing Secure Shell 1.2.30 with manual application of patches is still viewable (but has security exploits that hackers can use to gain entry to systems) An old version of installing Secure Shell 1.2.27 with manual application of patches is still viewable (but has security exploits that hackers can use to gain entry to systems) |
Related Links
|
Installation(If compiling on an SGI, use "cc" - not "gcc" due to the bugs in gcc when compiling internet applications)
Download, Compile and Install ZLIB
Download, Compile and Install OpenSSL
Download and Install OpenSSH
|
Enhancing the Security of the system by disabling unneccessary deamonsOverall, the idea here is that any unneccessary deamon that runs is a possible entry point for a hacker. Thus only running what you require in a safe manner lessens the chance you system will be compromised and data ruined. The following primarily consists of killing off unneeded deamons in the /etc/inetd.conf. They can always be enabled later on if you find that you do need some of them to run.
Getting ssh to run on startup on an SGI running IRIXFrom: werner@visaw.rus.uni-stuttgart.de (Andreas Werner) Newsgroups: comp.sys.sgi.admin Subject: Re: sshd Date: 8 Apr 2000 19:42:51 GMT Organization: Comp.Center (RUS), U of Stuttgart, FRG there are lots of ways to do this, but the SGI typical way is: 1. Create a file /etc/init.d/sshd containing the following: ==================================== #! /bin/sh # # start up ssh server at boot # case "$1" in 'start') if /sbin/chkconfig sshd ; then if test -x /usr/local/sbin/sshd; then /usr/local/sbin/sshd fi fi ;; 'stop') /sbin/killall sshd sshd1 ;; *) echo "usage: $0 {start|stop}" ;; esac # ==================================== 2. Create two links: # ln -s ../init.d/sshd /etc/rc0.d/K01sshd # ln -s ../init.d/sshd /etc/rc2.d/S99sshd 3. Create a config variable: # chkconfig -f sshd on That's all, including the possibility to configure the daemon on or off woth the 'chkconfig' command. For the experts: Yes, I know that the 'killall' command will kill user ssh daemons, too, but that's exactly the thing I want when the machine shuts down ;-)
Getting ssh to run on startup on LinuxQuick way to do this is edit the /etc/rc.d/rc.local file and add the line:/usr/local/sbin/sshd |