HostedDB - Dedicated UNIX Servers

Securing-Optimizing-RH-Linux-1_2_182
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 182 Linux SSH2 Client/Server Overview This is the SSH2 commercial version of SSH software. We provide it configuration steps for people that still use it. In our configuration we have also configured sshd2 to support tcp- wrappers (the inetd super server) for security reason. These installation instructions assume  Commands are Unix-compatible. The source path is “/var/tmp”  (other paths are possible). Installations were tested on RedHat Linux 6.1. All steps in the installation will happen in superuser account “root”. Ssh2 version number is 2.0.13 Packages SSH2 Homepage: http://www.ssh.fi/ You must be sure to download: ssh-2.0.13.tar.gz Tarballs It is a good idea to make a list of files on the system before you install ssh2, and one afterwards, and then compare them using ‘diff’ to find out what file it placed where. Simply run ‘find /* > ssh1’ before and ‘find /* > ssh2’ after you install the software, and use ‘diff ssh1 ssh2 > ssh’ to get a list of what changed. Compilation Decompress the tarball (tar.gz). [root@deep /]# cp ssh-version.tar.gz /var/tmp [root@deep /]# cd /var/tmp [root@deep tmp]# tar xzpf ssh-version.tar.gz Compile and Optimize Cd into the new Ssh2 directory and type the following commands on your terminal: CC="egcs" \ CFLAGS="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro -fomit- frame-pointer -fno-exceptions" \ ./configure \ --prefix=/usr \ --without-ssh-agent1-compat \ --disable-suid-ssh-signer \ --disable-tcp-port-forwarding \ --disable-X11-forwarding \ --enable-tcp-nodelay \ --with-libwrap This tells SSH2 to set itself up for this particular hardware setup with: - Leave out ssh-agent1 compatibility.