[TriLUG] ssh install

Jeff Bollinger jeff01 at email.unc.edu
Thu Mar 21 11:33:27 EST 2002 

The sshd_config file is under /usr/local/etc when I installed from 
source.  Try the following (using the source, not the RPM)

rpm -qa |grep openssh

The above command will search your RPM database for the word "openssh" 
and display the results.  To remove all your old SSH packages:

rpm -e openssh

Note that you may need to remove three other OpenSSH related packages 
first.  These will be displayed after running rpm -qa | grep openssh. 
You will then want to download the most recent version from 
http://www.openssh.org/ and install as usual:

tar zxvf openssh-3.0.2p1.tar.gz  (or whatever the newest version is)

cd openssh-3.0.2p1

./configure

make

make install

You will then need to change some of your options in the sshd_config 
file to reflect a tighter security.  You will want to disable support 
for SSH protocol 1 and only allow protocol 2.  You will also want to 
disallow root from logging in via SSH.  If you need to become root 
remotely, first login as a normal user, then use the "su" command to 
switch to root:


Good Luck!
Jeff

JoJo Almario wrote:

> Alright I screwed up again.  I needed to install a newer version os ssh on
> one of my servers running redhat 7.0 (I know...evil release).  here are the
> steps i took.
> 
> 1.rpm -qa | grep openssh to see what version i was running.
> 
> 2. rpm -e --no depsssh*
> 
> 	it gave me an error message that /usr/libexec/ssh folder was not empty so I
> emptied it.
> 
> 3. ran rpm -e openssh* again seemed to do fine.
> 
> 4. grabbed the tar.gz file for the latest ssh and confgiured make, and make
> install on it.  seemed to do fine.  The sshd was no where to be found.  i
> found an sshd.init and put that in /etc/rc.d/init.d/ then did a
> chkconfig --level 345 sshd.init on, and that seemed to be fine.  tried to do
> an /etc/rc.d/init.d/sshd.init start and a /etc/rc.d/init.d/sshd start
> neither of which worked.
> 
> Is there anywhere I missed looking for the sshd?
> Would the rpm work better?
> If so which ones should I grab?
> 
> TIA
> JoJo
> 
> _______________________________________________
> TriLUG mailing list
>     http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
>     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
> 


-- 
Jeff Bollinger
University of North Carolina
IT Security Analyst
105 Abernethy Hall
mailto: jeff_bollinger at unc dot edu

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8jl4RsjlZ7iAc5YQRAmKDAJwOjbcOzgRmv7StkrkQ65wc2fr/CACeKSin
vReOfDypM1ZZRt2TxOqNBoM=
=iNi7
-----END PGP SIGNATURE-----

More information about the TriLUG mailing list