1、下载openssl-0.9.8e.tar.gz和openssh-4.6p1.tar.gz,前者为ssl协议,后者为shell
转贴
========================================================================
2、2.2 安装openssl
#cd /usr/local/src
#tar zxvf openssl-0.9.8e.tar.gz
#cd openssl-0.9.8e
#./config shared zlib
#make
#make test
#make install
mv /usr/bin/openssl /usr/bin/openssl.OFF
mv /usr/include/openssl /usr/include/openssl.OFF
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
2.3 配置库文件搜索路径
#echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
#ldconfig -v
2.4 查看openssl的版本号,以验正是否安装正确
#openssl version -a
OpenSSL 0.9.8e 11 Apr 2007
built on: Sat Mar 24 21:24:41 CST 2007 重生之大文豪
platform: linux-elf
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM
OPENSSLDIR: "/usr/local/ssl"
三、下载安装最新的openssh
3.1 下载相关软件包至/usr/local/src目录
ftp://openbsd.nsysu.edu.tw/BSD/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz
3.2 安装
#cd /usr/local/src
#tar zxvf openssh-4.6p1.tar.gz
#cd openssh-4.6p1
#./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man
#make
#make install
3.3 查看openssh版本号,验正安装结果
# ssh -v
OpenSSH_4.6p1, OpenSSL 0.9.8e 11 Apr 2007
usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-e escape_char] [-F configfile]
[-i identity_file] [-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-R [bind_address:]port:host:hostport] [-S ctl_path]
[-w local_tun[:remote_tun]] [user@]hostname [command]
四、启动并验正服务的开启状况
4.1 调试启动,如果以下显示均正常,就可以正常启动sshd了。
#/usr/sbin/sshd -d
debug1: sshd version OpenSSH_4.6p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
4.2 启动服务
#/usr/sbin/sshd
4.3 查看监听端口中是否有22
#netstat -tnlp | grep :22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 21018/sshd
4.4 尝试从本机通过ssh登录
# ssh root@localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 03:eb:80:fe:07:d9:9d:00:1c:15:37:93:d1:d3:8e:6d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
root@localhost's password:
Last login: Wed Apr 11 11:29:04 2007 from localhost.localdomain
================================================================================
这种方法在Ubuntu桌面版安装不成功 !!