Banner

If you're tired of worrying about viruses, want more control over how your computer works or tired of paying for software that should be free it's time to dump Microsoft and switch to Linux.
Need to chat live with me for tips and tricks with your computer or crafts? Click the LIVE CHAT menu link above. Check out the all new accessibility feature. Look for this icon in the bottom left corner

How to Compile and Install OpenSSH from Source in Linux

How to Compile and Install OpenSSH from Source in Linux


OpenSSH is a free and open source, full implementation of the SSH protocol 2.0, which provides a number of tools for securely accessing and managing remote computer systems, and managing authentications keys, such as ssh (a secure replacement for telnet), scp, sftp (secure replacement for ftp), ssh-keygen, ssh-copy-id, ssh-add, and more.

In this article, we will explain how to install and configure the latest version of the OpenSSH server and client on a Linux system from sources. We assume that you have an existing installation of the OpenSSH suite.

Requirements:

  • A Debian/Ubuntu or RHEL/CentOS Linux system
  • C compiler
  • Zlib 1.1.4 or 1.2.1.2 or greater
  • LibreSSL or OpenSSL >= 1.0.1 < 1.1.0

Install OpenSSH Server from Source

Before installing the latest version of SSH, make sure to check the current version of SSH installed on your system using the following command.

Copy Code 
$ ssh -V

OpenSSH_7.7p2 Ubuntu-4ubuntu2.5, OpenSSL 1.0.2g	1 Mar 2016

From the above result, the installed OpenSSH version is 7.7, to install the latest OpenSSH version, first, you need to install a few dependencies, i.e development tools or build essentials and the other required packages, as follows.

Copy Code 
-------------- On RedHat-based Distros --------------
$ sudo yum update
$ sudo yum group install 'Development Tools'
$ sudo yum install zlib-devel openssl-devel

-------------- On Debian-based Distros --------------
$ sudo apt update 
$ sudo apt install build-essential zlib1g-dev libssl-dev

To create a proper environment for installing the OpenSSH server, we need to create a new system user and group named “sshd”, as well as a safe place to chroot.

Note: Generally, if you have an existing installation, this environment should already be in place, you can skip this section and go to the next. Otherwise, run the following commands to set it up.

Copy Code 
$ sudo mkdir /var/lib/sshd
$ sudo chmod -R 700 /var/lib/sshd/
$ sudo chown -R root:sys /var/lib/sshd/
$ sudo useradd -r -U -d /var/lib/sshd/ -c "sshd privsep" -s /bin/false sshd

Explaining the flags in the useradd command above:

  • -r – tells useradd to create a system user
  • -U – instructs it to create a group with the same name and group ID
  • -d – specifies the user’s directory
  • -c – used to add a comment
  • -s – specifies the user’s shell

Now, download the tarball of OpenSSH version 9.3 from any of the available HTTP mirrors or you can use the following wget command to download directly in your terminal.

Copy Code 
$ wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.3p1.tar.gz
$ tar -xzf openssh-9.3p1.tar.gz
$ cd openssh-9.3p1/

Now we will build and install the OpenSSH server using the --with-md5-passwords, --with-privsep-path and --sysconfdir options, which will install all the files in /usr/local/ (this is the default installation PREFIX).

You can see all available options by running ./configure -h and customizing your installation further.

Copy Code 
$ ./configure -h

For instance, to enable PAM and SELinux support, add the --with-pam and --with-selinux options, respectively, you need to install all the necessary header files for them to work.

Copy Code 
## Install PAM and SELinux Headers ##
$ sudo apt install libpam0g-dev libselinux1-dev   [On Debian/Ubuntu]
$ sudo yum install pam-devel libselinux-devel     [On CentOS/RHEL]

## Compile and Install SSH from Sources ##
$ ./configure --with-md5-passwords --with-pam --with-selinux --with-privsep-path=/var/lib/sshd/ --sysconfdir=/etc/ssh 
$ make
$ sudo make install

Once you have installed OpenSSH, restart SSH or open another terminal window and check the version of OpenSSH now installed on your system.

Copy Code 
$ ssh -V

OpenSSH_9.3p1, OpenSSL 3.0.1 14 Dec 2021

The various OpenSSH configuration files are located at:

  • ~/.ssh/* – this directory stores user-specific ssh client configurations (ssh aliases) and keys.
  • /etc/ssh/ssh_config – this file contains system-wide ssh client configurations.
  • /etc/ssh/sshd_config – contains sshd service configurations.

That’s it! In this article, we’ve explained how to install and configure the latest version of the OpenSSH server from a source on a Linux system.

No comments:

Post a Comment

Subscribe to: Posts (Atom)