tonywhitmore.co.uk  

 Project Homepage

OpenSSH

Preparation

• Perform this stage using your functioning PC.

1. Download the OpenSSH source code from www.openssh.org.
   • Visit www.openssh.org and click on the "Linux" link under the "For other OS's" [sic] section.
   • Scroll down the page and choose a mirror site to use. Choose one closest to you.
   • Click on the link for the source code of the latest version of OpenSSH. You will need the source code in .tar.gz format.
     • At the time of writing the latest version of OpenSSH was version 3.5p1, so the file downloaded was openssh-3.5p1.tar.gz.
   • You will be asked to where you wish to save the file. Chose a safe place and make a note of it.
   • The download is about 830Kb and will take less than ten minutes over a modem, and a lot less over a broadband connection.
   • If you are using a download accelerator program, it will save the file to your default download directory.
2. Download the OpenSSL source code from www.openssl.org.
   • Visit www.openssl.org and click on the link labelled "Sources".
   • Click on the link for the source code of the latest version of OpenSSL. You will need the source code in .tar.gz format.
     • At the time of writing the latest version of OpenSSH was version 0.9.6g, so the file downloaded was openssl-0.9.6g.tar.gz.
   • You will be asked to where you wish to save the file. Chose a safe place and make a note of it.
   • The download is about 2.06Mb and will take less than half an hour over a modem, and a lot less over a broadband connection.
   • If you are using a download accelerator program, it will save the file to your default download directory.
3. Download the zlib source code from www.gzip.org/zlib.
   • Visit www.gzip.org/zlib and scroll down the page for the list of mirrors.
   • Click on the link for the source code of the latest version of zlib. You will need the source code in .tar.gz format.
     • At the time of writing the latest version of zlib was version 1.1.4, so the file downloaded was zlib-1.1.4.tar.gz.
   • You will be asked to where you wish to save the file. Chose a safe place and make a note of it.
   • The download is about 176Kb and will only take a couple of mintues over over a modem, and a lot less over a broadband connection.
   • If you are using a download accelerator program, it will save the file to your default download directory.
4. Burn the downloaded files to a CD. This page assumes that the subdirectory /apps is used for the .tar.gz files. The CD-ROM can be a multi-session disk.
   • Use your CD burning software to create an ISO9660 disc image with the files openssh-3.5p1.tar.gz, openssl-0.9.6g.tar.gz, stable.tar.gz and zlib-1.1.4.tar.gz in the /apps directory.
   • Burn the CD and verify the data stored on it.

Back to simple version

Booting

• Perform this stage and subsequent stages, unless otherwise stated, using your Core Linux PC.

1. Boot your Core Linux PC.
2. Login as root. You will need to enter the password at the prompt.
   • Wait for the following text to appear:
     localhost login:
   • Type root and press Enter.
   • The screen will display this message:
     Password:
   • Enter the password for root that you set earlier.
   • You will be shown a prompt that looks like this:
     [~]#

Back to simple version

Copy the sources

1. Place the CD-R in the CD-ROM drive. Mount the CD-ROM drive under /mnt/cdrom.
   • At the prompt enter:
     mount /dev/hdb /mnt/cdrom
   • You will see the following line appear:
     mount: block device /dev/hdb is write-protected, mounting read-only
2. Change to the /apps directory on the CD-R.
   • At the prompt enter:
     cd /mnt/cdrom/apps
   • The prompt will change to:
     [/mnt/cdrom/apps]#
3. Copy the all the .tar.gz files to the directory /usr/src.
   • At the prompt enter:
     cp * /usr/src
   • The system will not display a message if everything is OK.
4. Change to the /usr/src directory.
   • At the prompt enter:
     cd /usr/src
   • The prompt will change to:
     [/usr/src]#

Back to simple version

• It is important to install the downloaded programs in the order given here, to ensure that the dependencies are satisfied. Details of the package dependencies for the programs needed to run OpenSSH can be seen here.

Configuring, compiling and installing OpenSSL

1. Change to the /usr/src directory.
   • At the system prompt enter:
     cd /usr/src
   • The system prompt will change to:
     [/usr/src]#
2. Extract the source code from the .tar.gz file.
   • At the prompt enter:
     tar -zxvf openssl-0.9.6g.tar.gz
   • A long stream of unzipping files and directories should scroll up the screen for about thirty seconds.
3. Change to the /usr/src/openssl-0.9.6g directory.
   • At the prompt enter:
     cd openssl-0.9.6g
   • The prompt will change to:
     [/usr/src/openssl-0.9.6g]#
4. Run the ./config script.
   • At the prompt enter:
     ./config
   • A long stream of processes should scroll up the screen for about a mintue.
   • The script finishes with the line:
     Configured for linux-elf.
5. Run the make program.
   • At the prompt enter:
     make
   • A long stream of processes should scroll up the screen for about ten mintues.
   • The program finishes with the line:
     make[1]: Leaving directory '/usr/src/openssl-0.9.6g/tools'
6. Run the make program with the argument test.
   • At the prompt enter:
     make test
   • A long stream of processes should scroll up the screen for about a mintue.
   • The program finishes with the line:
     compiler: gcc -fPIC -DTHREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
7. Run the make program with the argument install.
   • At the prompt enter:
     make install
   • A long stream of processes should scroll up the screen for about five minutes.
   • The program finishes with the line:
     installing libssl.a

Back to simple version

Configuring, compiling and installing zlib

1. Change to the /usr/src directory.
   • At the prompt enter:
     cd /usr/src
   • The prompt will change to:
     [/usr/src]#
2. Extract the source code from the .tar.gz file.
   • At the prompt enter:
     tar -zxvf zlib-1.1.4.tar.gz
   • A long stream of unzipping files and directories should scroll up the screen for a few seconds.
3. Change to the /usr/src/zlib-1.1.4 directory.
   • At the prompt enter:
     cd zlib-1.1.4
   • The prompt will change to:
     [/usr/src/zlib-1.1.4]#
4. Run the ./configure script.
   • At the prompt enter:
     ./configure
   • A long stream of processes should scroll up the screen for a couple of seconds.
   • The script finishes with the line:
     Checking for mmap support ... Yes.
5. Run the make program with the argument test.
   • At the prompt enter:
     make test
   • A long stream of processes should scroll up the screen for about thirty seconds.
   • The program finishes with the line:
     *** zlib test OK ***
6. Run the make program with the argument install.
   • At the prompt enter:
     make install
   • A long stream of processes should scroll up the screen for a couple of seconds.
   • The program finishes with the line:
     fi

Back to simple version

Configuring, compiling and installing OpenSSH

1. Change to the /usr/src directory.
   • At the prompt enter:
     cd /usr/src
   • The prompt will change to:
     [/usr/src]#
2. Extract the source code from the .tar.gz file.
   • At the prompt enter:
     tar -zxvf openssh-3.5p1.tar.gz
   • A long stream of unzipping files and directories should scroll up the screen for a few seconds.
3. Change to the /usr/src/openssh-3.5p1 directory.
   • At the prompt enter:
     cd openssh-3.5p1
   • The prompt will change to:
     [/usr/src/openssh-3.5p1]#
4. Run the ./configure script.
   • At the prompt enter:
     ./configure
   • A long stream of processes should scroll up the screen for about five minutes.
   • The script finishes with the line:
     Libraries: -lutil -lz -lnsl -lcrypto -lcrypt
5. Run the make program.
   • At the prompt enter:
     make
   • A long stream of processes should scroll up the screen for about five minutes.
   • The program finishes with the line:
     gcc -o sftp sftp.o sftp-client.o sftp-common.o sftp-int.o sftp-glob.o -L. -Lopen-bsd-compat/ -L/usr/local/ssl/lib -lssh -lopenbsd-compat -lutil -lz -lnsl -lcrypto -lcrypt

6. Run the make program with the argument install.
   • At the prompt enter:
     make install
   • A long stream of processes should scroll up the screen for a couple of seconds.
   • The program finishes with the line:
     make: [check-config] Error 255 (ignored)

Back to simple version

Using the SSH Client

1. At the command prompt enter the line:
   /usr/local/bin/ssh -p 22 user@192.168.0.1
   where user is a valid username on the remote system and 192.168.0.1 is the IP address or FQDN of the remote system. The value of -p 22 is the remote port on which the SSH server is listening.
2. Accept the authentication key when prompted.
   • The screen will show the message:
     Are you sure you want to continue connecting (yes/no)?
     Enter yes.
3. Enter the user password for the remote machine when prompted. You will be given the system prompt of the remote machine.
4. Enter logout at the remote prompt to finish the SSH session.

Back to simple version

Starting sshd

1. Add the user sshd to the system.
   • At the system prompt enter:
     useradd sshd
   • The system will not display a message is everything is OK.
2. Start the sshd daemon.
   • At the system prompt enter:
     /usr/local/sbin/sshd -p 22
     where the value of -p 22 is the local port on which sshd will listen.
3. Attempt to connect to sshd from your other computer using a SSH client.
   • How you do this will vary depending on which client you use and is beyond the scope of this guide.

Back to simple version

Stopping sshd

1. Stop the sshd using kill `cat /var/run/sshd.pid`.
   • At the prompt enter:
     kill `cat /var/run/sshd.pid`
   • The system will not display a message if everything is OK.

Back to simple version

Automating sshd

• This section details how to have your SSH server start automatically when the computer boots. The advantage of this method is that you do not have to log in to start sshd. If you wish to start sshd manually after each reboot then skip this section.

1. Append the following line to the /etc/rc.d/rc.mu script:
   /usr/local/sbin/sshd -p 22
   You can also add comments and echoes for your own information.
   • At the prompt enter:
     nano /etc/rc.d/rc.mu
   • The screen will show the contents of /etc/rc.d/rc.mu with information about the file at the top and bottom of the screen.
   • Add the following text to the end of the file:
     # Start sshd
/usr/local/sbin/sshd -p 22
echo sshd Started
   • Save the file and exit the text editor.
     • Press Ctrl+x on the keyboard.
     • The contents of the white line at the bottom of the screen will change to read:
       Save modified buffer (ANSWERING "No" WILL DESTROY CHANGES) ?
     • Type y.
     • The contents of the white line at the bottom of the screen will change to read:
       File Name to write: /etc/rc.d/rc.mu
     • Press Enter.
     • You will be returned to the system prompt.
2. Insert the following line at the second line of the /etc/rc.d/rc.rb script:
   kill `cat /var/run/sshd.pid`
   You can also add comments and echoes for your own information.
   • At the prompt enter:
     nano /etc/rc.d/rc.rb
   • The screen will show the contents of /etc/rc.d/rc.rb with information about the file at the top and bottom of the screen.
   • Insert the following text at the second line of the file:
     # Stop sshd
kill `cat /var/run/sshd.pid`
echo sshd Stopped
   • Save the file and exit the text editor.
     • Press Ctrl+x on the keyboard.
     • The contents of the white line at the bottom of the screen will change to read:
       Save modified buffer (ANSWERING "No" WILL DESTROY CHANGES) ?
     • Type y.
     • The contents of the white line at the bottom of the screen will change to read:
       File Name to write: /etc/rc.d/rc.rb
     • Press Enter.
     • You will be returned to the system prompt.
3. Insert the following line at the second line of the /etc/rc.d/rc.ha script:
   kill `cat /var/run/sshd.pid`
   You can also add comments and echoes for your own information.
   • At the prompt enter:
     nano /etc/rc.d/rc.ha
   • The screen will show the contents of /etc/rc.d/rc.ha with information about the file at the top and bottom of the screen.
   • Insert the following text at the second line of the file:
     # Stop sshd
kill `cat /var/run/sshd.pid`
echo sshd Stopped
   • Save the file and exit the text editor.
     • Press Ctrl+x on the keyboard.
     • The contents of the white line at the bottom of the screen will change to read:
       Save modified buffer (ANSWERING "No" WILL DESTROY CHANGES) ?
     • Type y.
     • The contents of the white line at the bottom of the screen will change to read:
       File Name to write: /etc/rc.d/rc.ha
     • Press Enter.
     • You will be returned to the system prompt.
4. Reboot the system and check that sshd is running.
   • At the system prompt enter:
     shutdown -r now
   • Wait for the system to reboot.
   • As the system reboots, watch for any error messages.
   • Once the system has rebooted, try to access the SSH daemon using the SSH client on your other PC.

Back to simple version

The text of this page is licensed under a Creative Commons License.