X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/e93ee87aa24e6cff081dd7869227bb77ba3f0a96..5a64a938fa83bf2ee6cdc0b7ef1a20eaffc1480c:/INSTALL diff --git a/INSTALL b/INSTALL index bf7bc138..c1a7eb16 100644 --- a/INSTALL +++ b/INSTALL @@ -4,16 +4,16 @@ You will need working installations of Zlib and OpenSSL. Zlib: -http://www.cdrom.com/pub/infozip/zlib/ +http://www.freesoftware.com/pub/infozip/zlib/ OpenSSL 0.9.5a or greater: http://www.openssl.org/ -RPMs of OpenSSL are available in the support/ directory of the OpenSSH -mirror site. OpenSSH requires OpenSSL version 0.9.5 or later. +RPMs of OpenSSL are available at http://violet.ibs.com.au/openssh/files/support OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system -supports it. PAM is standard on Redhat and Debian Linux and on Solaris. +supports it. PAM is standard on Redhat and Debian Linux, Solaris and +HP-UX 11. PAM: http://www.kernel.org/pub/linux/libs/pam/ @@ -24,7 +24,7 @@ libraries and headers. GNOME: http://www.gnome.org/ -Alternatively, Jim Knoble has written an excellent X11 +Alternatively, Jim Knoble has written an excellent X11 passphrase requester. This is maintained separately at: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html @@ -41,6 +41,19 @@ ftp://ftp.gnu.org/gnu/make/ OpenSSH has only been tested with GNU make. It may work with other 'make' programs, but you are on your own. +pcre (POSIX Regular Expression library): +ftp://ftp.cus.cam.ac.uk/pub/software/programs/pcre/ + +Most platforms do not required this. However older 4.3 BSD do not +have a posix regex library. + +S/Key Libraries: +http://www.sparc.spb.su/solaris/skey/ + +If you wish to use --with-skey then you will need the above library +installed. No other current S/Key library is currently known to be +supported. + 2. Building / Installation -------------------------- @@ -68,12 +81,16 @@ make install This will install the binaries in /opt/{bin,lib,sbin}, but will place the configuration files in /etc/ssh. -If you are using PAM, you will need to manually install a PAM +If you are using PAM, you may need to manually install a PAM control file as "/etc/pam.d/sshd" (or wherever your system prefers to keep them). A generic PAM configuration is included as "contrib/sshd.pam.generic", you may need to edit it before using it on your system. If you are using a recent version of Redhat Linux, the -config file in contrib/redhat/sshd.pam should be more useful. +config file in contrib/redhat/sshd.pam should be more useful. +Failure to install a valid PAM file may result in an inability to +use password authentication. On HP-UX 11, the standard /etc/pam.conf +configuration will work with sshd (sshd will match the OTHER service +name). There are a few other options to the configure script: @@ -90,7 +107,7 @@ need a working installation of GNOME, including the development headers, for this to work. --with-random=/some/file allows you to specify an alternate source of -random numbers (the default is /dev/urandom). Unless you are absolutly +random numbers (the default is /dev/urandom). Unless you are absolutely sure of what you are doing, it is best to leave this alone. --with-egd-pool=/some/file allows you to enable Entropy Gathering @@ -114,8 +131,8 @@ Kerberos IV and the AFS libraries and header files installed for this to work. Use the optional PATH argument to specify the root of your AFS installation. AFS requires Kerberos support to be enabled. ---with-skey will enable S/Key one time password support. You will need -the S/Key libraries and header files installed for this to work. +--with-skey=PATH will enable S/Key one time password support. You will +need the S/Key libraries and header files installed for this to work. --with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny) support. You will need libwrap.a and tcpd.h installed. @@ -152,10 +169,10 @@ are installed. real (AF_INET) IPv4 addresses. Works around some quirks on Linux. If you need to pass special options to the compiler or linker, you -can specify these as enviornment variables before running ./configure. +can specify these as environment variables before running ./configure. For example: -CFLAGS="-O -m486" LFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure +CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure 3. Configuration ---------------- @@ -167,9 +184,10 @@ The default configuration should be instantly usable, though you should review it to ensure that it matches your security requirements. To generate a host key, run "make host-key". Alternately you can do so -manually using the following command: +manually using the following commands: -/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' + ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N "" + ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N "" Replacing /etc/ssh with the correct path to the configuration directory. (${prefix}/etc or whatever you specified with --sysconfdir during @@ -186,5 +204,5 @@ for sshd, ssh and ssh-agent. If you experience problems compiling, installing or running OpenSSH. Please refer to the "reporting bugs" section of the webpage at -http://violet.ibs.com.au/openssh/ +http://www.openssh.com/