Secure SHell 2.4.0

This page covers installing and configuring Secure Shell version 2.4.   You can obtain the latest source and a client for Windoze from ssh.com. You can download a client for free providing you are an individual who is using ssh for your personal use and not for any kind of profit.

1. Put the new source in a directory to decompress and untar (I used /home/admin, but you can use any directory)
2. Next change to the directory, decompress/Untar the source, and change to the new ssh-2.4.0 directory.

      suse:/ # cd /home/admin
      suse:/home/admin # gzip -cd ssh-2.4.0.tar.gz | tar xvf -
      suse:/home/admin# cd ssh-2.4.0
   

3. Run ./configure to set the environment options for your server. You can specify options to use with ./configure, such as setting installation directories and disabling or enabling support for certain elements.

      suse:/home/admin/ssh-2.4.0 # ./configure --prefix=/usr/local
   

4. Compile the source and read the README while you wait.

      suse:/home/admin/ssh-2.4.0 # make
   

5. Install the compiled binaries. (You need to be root to install the system binaries) This sets everything up and creates the host key.

      suse:/home/admin/ssh-2.4.0 # make install
   

6. After the binaries are installed, you need to create a startup script to start ssh every time the computer starts. You can run sshd2 from inetd or you can start it directly with a script, in the /etc/rc.d directory, like the one below called ssh2 (/etc/rc.d/ssh2).

    #! /bin/sh
    # Script to start SSH2 Daemon
   
    if [ -x /usr/local/sbin/sshd2 ]; then
        echo -n " sshd "
        /usr/local/sbin/sshd2
    fi
   
    # end script
   

   Next create a symbolic link in /etc/rc.d/rc*.d (replace * with the run level for full network support)

      suse:/etc/rc.d/rc2.d # ln -s ../ssh2 S15sshd2
   

7. The installation of the daemon is complete.

Client Access

1. Read user and system configuration files.
   1. First reads user configuration files located in $HOME/.ssh2
   2. If none exist in the directory, the Secure Shell client looks at the system-wide configuration settings stored in /etc/ssh2/ssh_config
   3. If that file doesn't exist, the client sets up some defaults such as the username (uses client's local hostname)
2. Negotiates connection.
   1. The $HOME/ssh2 directory is created if it doesn't exist on the local host.
   2. This also creates several files for the user, such as the private and public key pairs and the random seed for the user.
3. Authenticates user account (against public key, password, rhosts or any combination thereof).
   1. The key pair is exchanged and if it is successful a connection is established.
   2. When the connection is established, the private key is removed from memory in case of a core dump.
   3. The only event that is logged is the the connection attempt unless otherwise specified in the ssh_config file.
4. Forks process (if running in the background).
5. Run on a TTY or standard input, depending on the type of connection.
6. Close connection.
   1. You can exit from the server and end the session by exiting from the client.
   2. When the session is closed, the connection to the server is severed.

   admin@suse:~ > ssh suse
   Host key not found from database.
   Key fingerprint:
   xokoh-regus-fakyh-gefeg-hydus-bolaz-vodaz-ryfek-tehun-hahic-nuxux
   You can get a public key's fingerprint by running
   % ssh-keygen -F publickey.pub
   on the keyfile.
   Are you sure you want to continue connecting (yes/no)? yes
   Host key saved to /home/admin/.ssh2/hostkeys/key_22_suse.pub
   host key for suse, accepted by admin Wed May 30 2001 13:01:29 -0600
   admin's password:
   Authentication successful.
   Last login: Wed May 30 2001 13:00:46 -0600 from 192.168.1.75
   No mail.
   admin@suse:~ > exit
   logout
   Connection to suse closed.

   admin@suse:~ > ssh suse
   admin's password: 
   Authentication successful.
   Last login: Wed May 30 2001 13:10:29 -0600 from 192.168.1.75
   No mail.
   admin@suse:~ >