Securities Software (Network Services).Linux OpenSSH Client/Server
To verify that the zlib-devel package is installed on your Linux system, use the following
command:
[root@deep /]# rpm -qi zlib-devel package zlib-devel is not installed
• To install the zlib-devel package on your Linux system, use the following command:
[root@deep /]# mount /dev/cdrom /mnt/cdrom/
[root@deep /]# cd /mnt/cdrom/RedHat/RPMS/ [root@deep RPMS]# rpm -Uvh zlib-devel-version.i386.rpm
gd ###//////////////////////////////////////////////////////////////////////////////////////////////
[root@deep RPMS]# rpm -Uvh gd-devel-version.i386.rpm
zlib-devel IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
[root@deep RPMS]# cd /; umount /mnt/cdrom/
s OpenSSL, which enables support for SSL functionality, must already be installed on your system to be able to use the OpenSSH software.
NOTE: For more information on OpenSSL server, see its related chapter in this book. Even if you don’t need to use OpenSSL software to create or hold encrypted key files, it’s important to note that OpenSSH program require its libraries files to be able to work properly on your system.
Tarballs
It is a good idea to make a list of files on the system before you install OpenSSH, and one afterwards, and then compare them using ‘diff’ to find out what files it placed where. Simply run ‘find /* > OpenSSH 1′ before and ‘find /* > OpenSSH2′ after you install the software, and use diff OpenSSHI OpenSSH2 > OpenSSH-lnstalled’ to get a list of what changed.
Compilation
Decompress the tarball (tar.gz).
[root@deep /]# cp openssh-version.tar.gz /var/tmp
[root@deep /]# cd /var/tmp
[root@deep tmp]# tar xzpf openssh-version.tar.gz
Compile and Optimize
Stepi
Move into the new OpenSSH directory and type the following commands on your terminal:
CC=”egcs” \
CFLAGS=”-09 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro -fomit-
frame-pointer -fno-exceptions” \
./configure \
~prefix=/usr \
~sysconfdir=/etc/ssh \
–with-tcp-wrappers \
~with-ipv4-default \
~with-ssl-dir=/usr/include/openssl
This tells OpenSSH to set itself up for this particular hardware setup with:
- Compiled-in libwrap and enabled TCP Wrappers (/etc/hosts.allow|deny) support.
- Disabled long delays in name resolution under Linux/glibc-2.1.2 to improve connection time.
- Specified locations of OpenSSL libraries required by OpenSSH program to work.