You will need working installations of Zlib and OpenSSL.
Zlib:
-http://www.cdrom.com/pub/infozip/zlib/
+http://www.freesoftware.com/pub/infozip/zlib/
OpenSSL 0.9.5a or greater:
http://www.openssl.org/
-RPMs of OpenSSL are available in the support/ directory of the OpenSSH
-mirror site. OpenSSH requires OpenSSL version 0.9.5 or later.
+RPMs of OpenSSL are available at http://violet.ibs.com.au/openssh/files/support
OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system
-supports it. PAM is standard on Redhat and Debian Linux and on Solaris.
+supports it. PAM is standard on Redhat and Debian Linux, Solaris and
+HP-UX 11.
PAM:
http://www.kernel.org/pub/linux/libs/pam/
GNOME:
http://www.gnome.org/
-Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11
+Alternatively, Jim Knoble <jmknoble@jmknoble.cx> has written an excellent X11
passphrase requester. This is maintained separately at:
http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html
OpenSSH has only been tested with GNU make. It may work with other
'make' programs, but you are on your own.
+pcre (POSIX Regular Expression library):
+ftp://ftp.cus.cam.ac.uk/pub/software/programs/pcre/
+
+Most platforms do not required this. However older 4.3 BSD do not
+have a posix regex library.
+
+S/Key Libraries:
+http://www.sparc.spb.su/solaris/skey/
+
+If you wish to use --with-skey then you will need the above library
+installed. No other current S/Key library is currently known to be
+supported.
+
2. Building / Installation
--------------------------
This will install the binaries in /opt/{bin,lib,sbin}, but will place the
configuration files in /etc/ssh.
-If you are using PAM, you will need to manually install a PAM
+If you are using PAM, you may need to manually install a PAM
control file as "/etc/pam.d/sshd" (or wherever your system
prefers to keep them). A generic PAM configuration is included as
"contrib/sshd.pam.generic", you may need to edit it before using it on
your system. If you are using a recent version of Redhat Linux, the
-config file in contrib/redhat/sshd.pam should be more useful.
+config file in contrib/redhat/sshd.pam should be more useful.
+Failure to install a valid PAM file may result in an inability to
+use password authentication. On HP-UX 11, the standard /etc/pam.conf
+configuration will work with sshd (sshd will match the OTHER service
+name).
There are a few other options to the configure script:
headers, for this to work.
--with-random=/some/file allows you to specify an alternate source of
-random numbers (the default is /dev/urandom). Unless you are absolutly
+random numbers (the default is /dev/urandom). Unless you are absolutely
sure of what you are doing, it is best to leave this alone.
--with-egd-pool=/some/file allows you to enable Entropy Gathering
to work. Use the optional PATH argument to specify the root of your
AFS installation. AFS requires Kerberos support to be enabled.
---with-skey will enable S/Key one time password support. You will need
-the S/Key libraries and header files installed for this to work.
+--with-skey=PATH will enable S/Key one time password support. You will
+need the S/Key libraries and header files installed for this to work.
--with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny)
support. You will need libwrap.a and tcpd.h installed.
real (AF_INET) IPv4 addresses. Works around some quirks on Linux.
If you need to pass special options to the compiler or linker, you
-can specify these as enviornment variables before running ./configure.
+can specify these as environment variables before running ./configure.
For example:
-CFLAGS="-O -m486" LFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure
+CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure
3. Configuration
----------------
review it to ensure that it matches your security requirements.
To generate a host key, run "make host-key". Alternately you can do so
-manually using the following command:
+manually using the following commands:
-/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ''
+ ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ""
+ ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N ""
Replacing /etc/ssh with the correct path to the configuration directory.
(${prefix}/etc or whatever you specified with --sysconfdir during
If you experience problems compiling, installing or running OpenSSH.
Please refer to the "reporting bugs" section of the webpage at
-http://violet.ibs.com.au/openssh/
+http://www.openssh.com/