Securing-Optimizing-RH-Linux-1_2_171
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
171
Linux SSH1 Client/Server
Overview
As illustrated in chapter 2 Installation of your Linux Server many network services including but
not limited to telnet, rsh, rlogin, and rexec are vulnerable to electronic eavesdropping.
Telnet is indispensable for daily administration task but are insecure, so we must find another
way or program to replace it. Fortunately SSH is a truly seamless and secure replacement of old,
insecure remote login programs such as telnet, rlogin, rsh, rdist, or rcp.
According to the official SSH (Secure Shell) site:
SSH is the secure login program that revolutionized remote management of networks hosts over
the Internet. It is a powerful, very easy-to-use program that uses strong cryptography for
protecting all transmitted confidential data, including passwords, binary files, and administrative
commands. The major benefit of SSH1 is that it is completely free for both end users and
commercial companies.
In our configuration we are configured sshd1 to support tcp-wrappers (the inetd super server) for
more security. SSH2 was originally free but is now under a commercial license, it is
recommended to use SSH1 (free) instead of SSH2 (commercial). We provide in our book the
both versions.
These installation instructions assume
Commands are Unix-compatible.
The source path is /var/tmp (other paths are possible).
Installations were tested on RedHat Linux 6.1.
All steps in the installation will happen in superuser account root.
Ssh1 version number is 1.2.27
Packages
SSH1 Homepage: http://www.ssh.fi/
You must be sure to download: ssh-1.2.27.tar.gz
Tarballs
It is a good idea to make a list of files on the system before you install ssh1, and one afterwards,
and then compare them using diff to find out what file it placed where. Simply run find /* >
ssh1 before and find /* > ssh2 after you install the software, and use diff ssh1 ssh2 > ssh to
get a list of what changed.
Compilation
Decompress the tarball (tar.gz).
[root@deep /]# cp ssh-version.tar.gz /var/tmp
[root@deep /]# cd /var/tmp
[root@deep tmp]# tar xzpf ssh-version.tar.gz
Compile and Optimize
Cd into the new Ssh1 directory and type the following commands on your terminal:
CC="egcs" \