Securing-Optimizing-RH-Linux-1_2_182
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
182
Linux SSH2 Client/Server
Overview
This is the SSH2 commercial version of SSH software. We provide it configuration steps for
people that still use it. In our configuration we have also configured sshd2 to support tcp-
wrappers (the inetd super server) for security reason.
These installation instructions assume
Commands are Unix-compatible.
The source path is /var/tmp (other paths are possible).
Installations were tested on RedHat Linux 6.1.
All steps in the installation will happen in superuser account root.
Ssh2 version number is 2.0.13
Packages
SSH2 Homepage: http://www.ssh.fi/
You must be sure to download: ssh-2.0.13.tar.gz
Tarballs
It is a good idea to make a list of files on the system before you install ssh2, and one afterwards,
and then compare them using diff to find out what file it placed where. Simply run find /* >
ssh1 before and find /* > ssh2 after you install the software, and use diff ssh1 ssh2 > ssh to
get a list of what changed.
Compilation
Decompress the tarball (tar.gz).
[root@deep /]# cp ssh-version.tar.gz /var/tmp
[root@deep /]# cd /var/tmp
[root@deep tmp]# tar xzpf ssh-version.tar.gz
Compile and Optimize
Cd into the new Ssh2 directory and type the following commands on your terminal:
CC="egcs" \
CFLAGS="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro -fomit-
frame-pointer -fno-exceptions" \
./configure \
--prefix=/usr \
--without-ssh-agent1-compat \
--disable-suid-ssh-signer \
--disable-tcp-port-forwarding \
--disable-X11-forwarding \
--enable-tcp-nodelay \
--with-libwrap
This tells SSH2 to set itself up for this particular hardware setup with:
- Leave out ssh-agent1 compatibility.