RPMs of OpenSSL are available at http://violet.ibs.com.au/openssh/files/support
OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system
-supports it. PAM is standard on Redhat and Debian Linux and on Solaris.
+supports it. PAM is standard on Redhat and Debian Linux, Solaris and
+HP-UX 11.
PAM:
http://www.kernel.org/pub/linux/libs/pam/
OpenSSH has only been tested with GNU make. It may work with other
'make' programs, but you are on your own.
-GNU rx:
-ftp:://ftp.gnu.org/gnu/rx/
+pcre (POSIX Regular Expression library):
+ftp://ftp.cus.cam.ac.uk/pub/software/programs/pcre/
Most platforms do not required this. However older 4.3 BSD do not
have a posix regex library.
+S/Key Libraries:
+http://www.sparc.spb.su/solaris/skey/
+
+If you wish to use --with-skey then you will need the above library
+installed. No other current S/Key library is currently known to be
+supported.
2. Building / Installation
--------------------------
This will install the binaries in /opt/{bin,lib,sbin}, but will place the
configuration files in /etc/ssh.
-If you are using PAM, you will need to manually install a PAM
+If you are using PAM, you may need to manually install a PAM
control file as "/etc/pam.d/sshd" (or wherever your system
prefers to keep them). A generic PAM configuration is included as
"contrib/sshd.pam.generic", you may need to edit it before using it on
your system. If you are using a recent version of Redhat Linux, the
config file in contrib/redhat/sshd.pam should be more useful.
Failure to install a valid PAM file may result in an inability to
-use password authentication.
+use password authentication. On HP-UX 11, the standard /etc/pam.conf
+configuration will work with sshd (sshd will match the OTHER service
+name).
There are a few other options to the configure script:
to work. Use the optional PATH argument to specify the root of your
AFS installation. AFS requires Kerberos support to be enabled.
---with-skey will enable S/Key one time password support. You will need
-the S/Key libraries and header files installed for this to work.
+--with-skey=PATH will enable S/Key one time password support. You will
+need the S/Key libraries and header files installed for this to work.
--with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny)
support. You will need libwrap.a and tcpd.h installed.