Wednesday, September 2, 2009

How to Install OpenSSH on CentOS 5.3 Server

I would like to make it clear that the below instruction were found by me after a considerable search plus I ran into little problem with them so I thought I should do a write up quick as well. I am not trying to steal anything just redoing some instructions as I did during my installation process.

We are going to install OpenSSH, since this is going to be compiled from source, hereafter when ever OpenSSL, OpenSSH, or Zlib have a security issues you can quickly patch without much difficulty. The versions for each of these I am using now are the most current ones, you might have to update them to the latest ones when your installing them.

  1. Download & install zlib by using the following commands:
    1. # cd /tmp
    2. # mkdir -p /opt/zlib
    3. # mkdir zlib1.23
    4. # cd zlib1.23/
    5. # wget http://www.zlib.net/zlib123.zip
    6. # unzip zlib123.zip
    7. # make
    8. # make install prefix=/opt/zlib/
  2. Download & install OpenSSL by using the following commands:
    1. # cd /tmp
    2. # mkdir -p /opt/openssl
    3. # wget http://www.openssl.org/source/openssl-0.9.8k.tar.gz
    4. # tar xvzf openssl-0.9.8k.tar.gz
    5. # cd openssl-0.9.8k
    6. # ./config --prefix=/opt/openssl --openssldir=/opt/openssl
    7. # make
    8. # make test
    9. # make install
  3. Now we are going to install OpenSSH. In the configure section of this installation we'll havet o point to the OpenSSL and Zlib installs we did earlier. We also have want to point to our xauth file, to check the location of the xauth file use the command -- # which xauth -- if this doesnt work then you might have to do -- # find / -name xauth -- if this also doent work then your probably missing the xauth file. If your miss the xauth file you'll have to install it using the following command:
    1. # yum install -xorg-x11-xauth
  4. Download & install OpenSSH by using the following commands:
    1. # cd /tmp
    2. # mkdir -p /opt/openssh
    3. # wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-5.2p1.tar.gz
    4. # tar xvzf openssh-5.2p1.tar.gz
    5. # cd openssh-5.2p1
    6. # ./configure --prefix=/opt/openssh --with-ssl-dir=/opt/openssl --with=xauth=/usr/bin/xauth --with-zlib=/opt/zlib
    7. # make
    8. # make install
  5.  We have to make few changes to the sshd init.d script, which is included with CentoOS 5.3. To be able to use this script to start and stop our version of SSH we'll have to change some paths in the /etc/init.d/sshd file. Make sure that the below variables in the file point to correct path of OpenSSH.
    1. # Some functions to make the below more readable
      KEYGEN=/opt/openssh/bin/ssh-keygen
      SSHD=/opt/openssh/sbin/sshd
      RSA1_KEY=/opt/openssh/etc/ssh_host_key
      RSA_KEY=/opt/openssh/etc/ssh_host_rsa_key
      DSA_KEY=/opt/openssh/etc/ssh_host_dsa_key
  6. After you make the above appropriate path changes you'll have to restart SSH, as follows:
    1. /etc/init.d/sshd restart
  7. After this check the version your telnet is showing, it should be the OpenSSH  5.2 you just installed. Give the command as follows:
    1. # telnet Localhost 22
  8. The output should be something similar to:
    1. Trying 127.0.0.1...
      Connected to localhost.localdomain (127.0.0.1).
      Escape character is '^]'.
      SSH-2.0-OpenSSH_5.2
  9. This conculdes our OpenSSH installation on CentOS 5.3 Server.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)