Linux SSH2 Client/Server
Overview
It’s now clear that all Linux users must use OpenSSH instead of SSH2 from Datafellows Company. However, for the users or organizations that want to use the non-free version of this software, we provide here steps to follow. This is the SSH2 commercial version of SSH software. In our configuration we have also configured sshd2 to support tcp-wrappers (the inetd super server) for security reason.
These installation instructions assume
Commands are Unix-compatible.
The source path is 7var/tmp” (other paths are possible).
Installations were tested on Red Hat Linux 6.1 and 6.2.
All steps in the installation will happen in super-user account “root”.
SSH2 version number is 2.0.13
Packages
SSH2 Homepage: http://www.ssh.org/
You must be sure to download: ssh-2.0.13.tar.gz
Tarballs
It is a good idea to make a list of files on the system before you install ssh2, and one afterwards, and then compare them using ‘diff’ to find out what file it placed where. Simply run ‘find I* > SSH1′ before and ‘find I* > SSH2′ after you install the software, and use ‘diff SSH1 SSH2 > SSH-lnstalled’ to get a list of what changed.
Compilation
Decompress the tarball (tar.gz).
[root@deep /]# cp ssh-version.tar.gz /var/tmp
[root@deep /]# cd /var/tmp
[root@deep tmp]# tar xzpf ssh-version.tar.gz
Compile and Optimize
Move into the new SSH2 directory and type the following commands on your terminal:
CC=”egcs” \
CFLAGS=”-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro -fomit-
frame-pointer -fno-exceptions” \
./configure \
~prefix=/usr \
~without-ssh-agent1 -com pat \
-disable-suid-ssh-signer \
–disable-tcp-port-forwarding \
—disable-X11-forwarding \
–enable-tcp-nodelay \
-with-libwrap
This tells SSH2 to set itself up for this particular hardware setup as follows:
- Leave out ssh-agent1 compatibility.
- Install ssh-signer without suid bit.
- Disable port forwarding support.
- Disable X11 forwarding support.
- Enable TCP_NODELAY socket option.
- Compile in libwrap (tcp_wrappers) support.
[root@deep ssh-2.0.13]# make clean [root@deep ssh-2.0.13]# make [root@deep ssh-2.0.13]# make install [root@deep ssh-2.0.13]# rm -f/usr/bin/ssh-askpass
The “make clean”, command erase all previous traces of a compilation so as to avoid any mistakes, the “make” command compiles all source files into executable binaries, and finally, the “make install” command installs the binaries and any supporting files into the appropriate locations.