Server & OS

openssl 과 ssh 의 설치과정과

컨텐츠 정보

본문

다음은 openssl 과 ssh 의 설치과정과 실행방법입니다.
LAN환경에서 Packet Sniffing을 방지하기 위해 telnet통신을 ssh로 대처하는 것도
보안에 대한 대비책이라고 생각합니다. 
먼저 ssh 설치전에 ssl이 설치되어야 한다는 군요..



ftp.openssl.org/source/openssl-0.9.6.tar.gz

[선결요건]
------------------------------------
* Perl 5
* an ANSI C compiler
* a supported Unix operating system
------------------------------------

[설치]
---------------------------------------
$ ./config --prefix=/usr/local/openssl
$ make
$ make test
$ make install
--------------------------------------- 


[설치되는 디렉토리]
----------------------------------------------------------------------------------
certs      Initially empty, this is the default location for certificate files.
man/man1    Manual pages for the 'openssl' command line tool
man/man3    Manual pages for the libraries (very incomplete)
misc        Various scripts.
private    Initially empty, this is the default location for private key files.
bin        Contains the openssl binary and a few other utility programs.
include/openssl 
Contains the header files needed if you want to compile programs with libcrypto or
libssl.
lib        Contains the OpenSSL library files themselves. 
-----------------------------------------------------------------------------------












ftp.ssh.com/pub/ssh-2.4.0.tar.gz


[설치]
---------------------------------------
$ ./config --prefix=/usr/local/ssh
$ make
$ make test
$ make install
--------------------------------------- 



[설치되는 파일들]
-------------------------------------------------------------------------------------
ssh2            The SSH2 client.
sshd2          The SSH2 daemon.
sftp2          The SFTP client (needs ssh2). Type "?" in the command line for help.
sftp-server2    The SFTP server (executed by sshd2).
scp2            The SCP client.
ssh-keygen2    The utility for generating keys. Use -h for help.
ssh-add2        Add identities to the authentication agent.
ssh-agent2      The authentication agent.
ssh-askpass2    X11 utility for querying passwords.
ssh-signer2    A small program that signs "hostbased" authentication
                packets. Executed by ssh2, and for proper function,
                must be suid root. (This is done by 'make install'.)
ssh-pam-client  Helper program, that the server uses with PAM authentication.
ssh-probe2      Program to probe a given network for ssh2
                servers. See ssh-probe(1) and sshd2_config(5)
                for MaxBroadcastsPerSecond.
ssh-pubkeymgr  Utility script for generating user public keys and
                uploading them and setting up the ~/.ssh2/authorization
                and ~/.ssh2/identification files.
ssh-chrootmgr  Utility to ease setting up chrooted environment for users. 
-----------------------------------------------------------------------------------


[StartUp 파일]

# cp /usr/local/src/ssh-2.4.0/sshd2.startup /etc/rc.d/init.d/sshd
# ln -s /etc/rc.d/init.d/sshd /etc/rc.d/rc3.d/S??sshd //??는 적당한 숫자

vi로 /etc/rc.d/init.d/sshd 파일을 열어 /usr/local/sbin/sshd2 라고 되어 있는 
부분을 /usr/local/ssh/sbin/sshd2 로 모두 변경해 준다.


[Secure Shell Deamon의 실행]

# /etc/rc.d/init.d/sshd start

Starting sshd2 in port 22: sshd2: SSH Secure Shell 2.4.0 (non-commercial version
) on i586-pc-linux-gnu
done. 


[ssh 를 사용한 접속]


# ssh -l root localhost

Host key not found from database.
Key fingerprint:
124334dr-4235g-balot-rroh-kinep-cy656v-878l-v656575-ty6557in-m56g-va75757x
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes <Enter>
   
Host key saved to /root/.ssh2/hostkeys/key_22_localhost.pub
host key for localhost, accepted by root Fri Apr 06 2001 16:18:24 +0900

root's password: ************ <Enter>

Authentication successful.
Last login: Thu Apr 05 2001 19:54:43 +0900 from
No mail.
#

관련자료

댓글 0
등록된 댓글이 없습니다.
Today's proverb
불가능은 소심한자의 환상이요, 비겁한 자의 도피처이다. (나폴레옹)