/*  UberLinux.org - Procedures - SSH */

Welcome to storm.uberlinux.org
Linux Mandrake release 7.0 (Air)
Kernel 2.2.14-15mdksecure on an i586
login:


home/
procedures/
>ssh2/
stories/
archive/
links/
portfolio/
about/

>SSH Secure Shell v3.2.9.1 www.ssh.com

This procedure, newly rewritten from the original 2003 ssh v1.2.33 and ssh2 v3.2.5, will outline the installation and setup of the SSH Secure Shell for most Linux systems. The original procedure can be found at http://www.uberlinux,org/procedures/ssh_old.htm. SSH is meant to replace insecure terminal emulators such as telnet and other remote login standards with an encrypted connection.

The first step is to create the ssh directory. It is best to login as root to perform these operations. In my installation, I have placed the directory ssh/ and in the /etc directory. Next, I switched to the ssh/ directory by issuing the cd /etc/ssh command. I then started an ftp session with the ssh ftp server  ftp.ssh.com by entering ftp ftp.ssh.com at the command line. The files are located in the /pub/ssh directory. To change to this directory type cd /pub/ssh.

In order to download the file, issue the get ssh-3.2.9.1.tar.gz command. Once this has been completed you may exit the ftp server by entering the bye at the ftp prompt. Once back at the command line, input the following commands:

$ gunzip ssh-3.2.9.1.tar.gz
$ tar -xvf ssh-3.2.9.1.tar
$ cd ssh-3.2.9.1
$ ./configure
$ make
$ make install

The README/INSTALL procedures did not work for me for one reason or another, it gave me a missing pipe error so I used the standard commands above. Once the installation of ssh has been completed, issue the /usr/local/sbin/sshd2 command and your server is now ready to accept secure ssh and ssh2 connections. 

To set the ssh daemon to run automatically at startup, edit /etc/rc.d/rc.local and add the following line to the bottom of the file. /usr/local/sbin/sshd2.

*Security Note - By default ssh will accept root access as a user. It is wise to deny root ssh login privledges. In the ssh directory edit the sshd_config file and add the line PermitRootLogin   no. It should already be there in the file and just needs to be uncommented. Restart sshd with kill -hup sshd2pid.

To open an ssh connection, you will need cipher technologies such as Blowfish, DES, 3DES, and RC4. For my UNIX servers I connect using the ssh2 -l username hostname command. From my Windows workstations I use SSH's free SSH Secure Shell Client v3.2.9 which is a really nice program and includes a secure FTP program both of which utilize port 22 and not the default FTP port 23. The software is available in the same directory as the ssh downloads. Once the connection is initiated the host computer issues a key for the connection through username and password authentication. When successfully connected, all traffic between the client and host is encrypted through one of the aforementioned cipher technologies.


Last login: Thu July 17 16:06:33 from uberlinux.org
********************
Hello. Welcome to Storm!
********************
[chris@storm chris]$

home/    procedures/    stories/    archive/    links/    portfolio/    about/

Last Updated 10/12/2006

Copyright 2003-2006 uberlinux.org