[Bug 44] openssh-3.1p1

blfs-bugs at linuxfromscratch.org blfs-bugs at linuxfromscratch.org
Mon Mar 11 12:18:01 PST 2002


http://blfs-bugs.linuxfromscratch.org/show_bug.cgi?id=44

markh at linuxfromscratch.org changed:

           What    |Old Value                   |New Value
----------------------------------------------------------------------------
            Summary|openssh-3.0p1               |openssh-3.1p1



------- Additional Comments From markh at linuxfromscratch.org  2002-03-11 12:18 -------
updating bug version to 3.1p1 (note that previous versions were the subject of 
a security advisory last week).

By the way, here are my openssh install instructions in case it helps with 
writing them

./configure --prefix=/usr --libexecdir=/usr/sbin --sysconfdir=/etc/ssh &&

(mention possiblity of using --with-md5-passwords if you've used them
 **** This is important; I forgot to use it and spent a couple of hours  
 wondering why I couldn't ssh into my machine..)


make &&
make install

Note that the install routine is clever enough NOT to overwrite the keys
if you already have them meaning it's safe to upgrade this way.

Explanation:
--sysconfdir=/etc/ssh ; Normal reasoning

--libexecdir=/usr/sbin ; ssh-askpass is an X11 utility which ssh thinks
should go in /usr/libexec.  It'll only be compiled if you have X
installed (I think - check this) but should go in /usr/sbin anyways not
/usr/libexec

Configuration:
ssh itself doesn't really need configuration

/etc/ssh_config can be done on a per-user basis but can be overriden on
the command line anyways so it isn't usually necessary to set it up.

sshd script:
cat > /etc/init.d/sshd << EOF
#!/bin/sh
# Begin /etc/init.d/sshd

#
# Include the functions declared in the /etc/init.d/functions file
#

source /etc/init.d/functions

case "$1" in
        start)
                echo -n "Starting sshd..."
                loadproc /usr/sbin/sshd
                ;;

        stop)
                echo -n "Stopping sshd..."
                killproc /usr/sbin/sshd
                ;;

        restart)
                $0 stop
                /usr/bin/sleep 1
                $0 start

        status)
                statusproc /usr/sbin/sshd
                ;;

        *)
                echo "Usage: $0 {start|stop|restart|status}"
                exit 1
                ;;

esac

# End /etc/init.d/sshd
EOF
chmod 755 /etc/init.d/sshd
cd /etc
ln -s ../init.d/sshd rc0.d/K750sshd
ln -s ../init.d/sshd rc1.d/K750sshd
ln -s ../init.d/sshd rc2.d/K750sshd
ln -s ../init.d/sshd rc3.d/S250sshd
ln -s ../init.d/sshd rc4.d/S250sshd
ln -s ../init.d/sshd rc5.d/S250sshd
ln -s ../init.d/sshd rc6.d/K750sshd


==> Also, user must check /etc/ssh/sshd_config file.  You may wish to
restrict access; e.g. root access or by ip address.  LIST OF POSSIBLE
SETTINGS TO EXAMINE:
ListenAddress 0.0.0.0
PermitRootLogin yes
X11Forwarding no
#PrintLastLog no

More info on configuration can be found in man sshd, ssh and ssh-agent.


PROVIDES:
scp, sftp, ssh, ssh-add, ssh-agent, ssh-keygen, ssh-keyscan,
sftp-server, sshd

Can also provide ssh-askpass if X is installed
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-book' in the subject header of the message



More information about the blfs-book mailing list