ページ「OpenSSH 6.5p1(RPM)」と「OpenSSH 8.0p1(RPM)」の間の差分
(ページ間の差分)
ナビゲーションに移動
検索に移動
(ページの作成:「※RPMも参照の事。 <br/> <br/> ==準備== <syntaxhighlight lang="bash"> [root@XXXXX ~]# yum install openssl-devel [root@XXXXX ~]# yum install tcp_wrappers-devel [root@XXXXX ~]# yum install pam-devel </syntaxhighlight > <br> ==削除== <syntaxhighlight lang="bash"> [root@XXXXX ~]# yum -y remove openssh </syntaxhighlight > <br> ==RPM の作成・インストール== <ol> <li>'''ソースの取得'''<br/> <syntaxhighlight lang="bash"> [root @…」) |
(ページの作成:「※RPMも参照の事。 <br/> <br/> ==準備== <syntaxhighlight lang="bash"> [root@XXXXX ~]# yum install openssl-devel [root@XXXXX ~]# yum install tcp_wrappers-devel [root@XXXXX ~]# yum install pam-devel </syntaxhighlight > <br> ==削除== <syntaxhighlight lang="bash"> [root@XXXXX ~]# yum -y remove openssh </syntaxhighlight > <br> ==RPM の作成・インストール== <ol> <li>'''ソースの取得'''<br/> <syntaxhighlight lang="bash"> [root @…」) |
||
23行目: | 23行目: | ||
[root @XXXXX ~ ]# su - rpmdevel | [root @XXXXX ~ ]# su - rpmdevel | ||
[rpmdevel@XXXXX ~ ]$ cd ~/src | [rpmdevel@XXXXX ~ ]$ cd ~/src | ||
[rpmdevel@XXXXX src]$ wget http://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/openssh- | [rpmdevel@XXXXX src]$ wget http://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz | ||
[rpmdevel@XXXXX src]$ tar zxvf openssh- | [rpmdevel@XXXXX src]$ tar zxvf openssh-8.0p1.tar.gz | ||
</syntaxhighlight > | </syntaxhighlight > | ||
<br> | <br> | ||
31行目: | 31行目: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[rpmdevel@XXXXX ~ ]$ cd ~/src | [rpmdevel@XXXXX ~ ]$ cd ~/src | ||
[rpmdevel@XXXXX src]$ tar zxvf openssh- | [rpmdevel@XXXXX src]$ tar zxvf openssh-8.0p1.tar.gz | ||
</syntaxhighlight > | </syntaxhighlight > | ||
<br> | <br> | ||
37行目: | 37行目: | ||
<li>'''spec編集'''<br/> | <li>'''spec編集'''<br/> | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[rpmdevel@XXXXX src]$ vi openssh- | [rpmdevel@XXXXX src]$ vi openssh-8.0p1/contrib/redhat/openssh.spec | ||
%define no_x11_askpass 0 | %define no_x11_askpass 0 | ||
56行目: | 56行目: | ||
<li>openssh-6.1p1/contrib/ 以下の、redhat以外のディレクトリを削除<br/> | <li>openssh-6.1p1/contrib/ 以下の、redhat以外のディレクトリを削除<br/> | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[rpmdevel@XXXXX ~ ]$ cd ~/src/openssh- | [rpmdevel@XXXXX ~ ]$ cd ~/src/openssh-8.0p1/contrib | ||
[rpmdevel@XXXXX contrib]$ rm -rf aix/ | [rpmdevel@XXXXX contrib]$ rm -rf aix/ | ||
[rpmdevel@XXXXX contrib]$ rm -rf hpux/ | [rpmdevel@XXXXX contrib]$ rm -rf hpux/ | ||
[rpmdevel@XXXXX contrib]$ rm -rf suse/ | [rpmdevel@XXXXX contrib]$ rm -rf suse/ | ||
[rpmdevel@XXXXX contrib]$ rm -rf cygwin/ | [rpmdevel@XXXXX contrib]$ rm -rf cygwin/ | ||
69行目: | 68行目: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[rpmdevel@XXXXX ~ ]$ cd ~/src | [rpmdevel@XXXXX ~ ]$ cd ~/src | ||
[rpmdevel@XXXXX src]$ tar zcvf openssh- | [rpmdevel@XXXXX src]$ tar zcvf openssh-8.0p1.tar.gz openssh-8.0p1/ | ||
</syntaxhighlight > | </syntaxhighlight > | ||
<br> | <br> | ||
77行目: | 76行目: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[rpmdevel@XXXXX ~ ]$ cd ~/src | [rpmdevel@XXXXX ~ ]$ cd ~/src | ||
[rpmdevel@XXXXX src]$ rpmbuild -tb --clean openssh- | [rpmdevel@XXXXX src]$ rpmbuild -tb --clean openssh-8.0p1.tar.gz | ||
</syntaxhighlight > | </syntaxhighlight > | ||
<br> | <br> | ||
84行目: | 83行目: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[rpmdevel@XXXXX ~ ]$ cd /home/rpmdevel/rpm/RPMS/i686 | [rpmdevel@XXXXX ~ ]$ cd /home/rpmdevel/rpm/RPMS/i686 | ||
[rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh- | [rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-8.0p1-1.el6.i686.rpm | ||
[rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-server- | [rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-server-8.0p1-1.el6.i686.rpm | ||
[rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-clients- | [rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-clients-8.0p1-1.el6.i686.rpm | ||
[rpmdevel@XXXXX i686]$ exit | |||
</syntaxhighlight > | </syntaxhighlight > | ||
<br> | <br> | ||
98行目: | 98行目: | ||
</li> | </li> | ||
<li>'''自動起動設定'''<br/> | <li>'''自動起動設定'''<br/> | ||
(デフォルトでONになっているはず) | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[root@XXXXX ~]# chkconfig sshd on | [root@XXXXX ~]# chkconfig sshd on | ||
109行目: | 110行目: | ||
<li>'''sshd_confの設定'''<br/> | <li>'''sshd_confの設定'''<br/> | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[root@XXXXX ~]# vi / | [root@XXXXX ~]# vi /etc/ssh/sshd_config | ||
# Port 22 | # Port 22 | ||
133行目: | 134行目: | ||
<br> | <br> | ||
</li> | </li> | ||
<s> | |||
<li>'''起動スクリプトのコピー'''<br/> | <li>'''起動スクリプトのコピー'''<br/> | ||
ソースの中にある起動スクリプトをコピーする | ソースの中にある起動スクリプトをコピーする | ||
164行目: | 166行目: | ||
sshd 0:off 1:off 2:off 3:on 4:on 5:on 6:off | sshd 0:off 1:off 2:off 3:on 4:on 5:on 6:off | ||
</syntaxhighlight > | </syntaxhighlight > | ||
</s> | |||
<br> | <br> | ||
</li> | </li> | ||
173行目: | 176行目: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[root@XXXXX ~]# su - hoge | [root@XXXXX ~]# su - hoge | ||
[hoge@XXXXX ~]$ /usr | [hoge@XXXXX ~]$ /usr/bin/ssh-keygen -t rsa ← SSH2で公開鍵・秘密鍵を作成 | ||
Generating public/private rsa key pair. | Generating public/private rsa key pair. | ||
Enter file in which to save the key (/home/hoge/.ssh/id_rsa): ← 鍵のファイル名を入力(空EnterでOK) | Enter file in which to save the key (/home/hoge/.ssh/id_rsa): ← 鍵のファイル名を入力(空EnterでOK) | ||
218行目: | 221行目: | ||
<li>'''公開鍵の権限の変更'''<br/> | <li>'''公開鍵の権限の変更'''<br/> | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[ | [hoge@XXXXX ~]$ chmod 400 ~/.ssh/authorized_keys | ||
</syntaxhighlight > | </syntaxhighlight > | ||
<br> | <br> |
2023年5月11日 (木) 09:17時点における最新版
※RPMも参照の事。
準備
[root@XXXXX ~]# yum install openssl-devel
[root@XXXXX ~]# yum install tcp_wrappers-devel
[root@XXXXX ~]# yum install pam-devel
削除
[root@XXXXX ~]# yum -y remove openssh
RPM の作成・インストール
- ソースの取得
[root @XXXXX ~ ]# su - rpmdevel [rpmdevel@XXXXX ~ ]$ cd ~/src [rpmdevel@XXXXX src]$ wget http://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz [rpmdevel@XXXXX src]$ tar zxvf openssh-8.0p1.tar.gz
- ソースの解凍
[rpmdevel@XXXXX ~ ]$ cd ~/src [rpmdevel@XXXXX src]$ tar zxvf openssh-8.0p1.tar.gz
- spec編集
[rpmdevel@XXXXX src]$ vi openssh-8.0p1/contrib/redhat/openssh.spec %define no_x11_askpass 0 ↓ %define no_x11_askpass 1 ← (変更)x11_askpassの無効化 %define no_gnome_askpass 0 ↓ %define no_gnome_askpass 1 ← (変更)gnome_askpassの無効化 %configure \ --without-zlib-version-check \ ← (追加)zlibのバージョンチェック無効化
- ビルド用に再圧縮
- openssh-6.1p1/contrib/ 以下の、redhat以外のディレクトリを削除
[rpmdevel@XXXXX ~ ]$ cd ~/src/openssh-8.0p1/contrib [rpmdevel@XXXXX contrib]$ rm -rf aix/ [rpmdevel@XXXXX contrib]$ rm -rf hpux/ [rpmdevel@XXXXX contrib]$ rm -rf suse/ [rpmdevel@XXXXX contrib]$ rm -rf cygwin/ [rpmdevel@XXXXX contrib]$ rm -rf solaris/
- 再圧縮
[rpmdevel@XXXXX ~ ]$ cd ~/src [rpmdevel@XXXXX src]$ tar zcvf openssh-8.0p1.tar.gz openssh-8.0p1/
- openssh-6.1p1/contrib/ 以下の、redhat以外のディレクトリを削除
- RPM作成
[rpmdevel@XXXXX ~ ]$ cd ~/src [rpmdevel@XXXXX src]$ rpmbuild -tb --clean openssh-8.0p1.tar.gz
- インストール
[rpmdevel@XXXXX ~ ]$ cd /home/rpmdevel/rpm/RPMS/i686 [rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-8.0p1-1.el6.i686.rpm [rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-server-8.0p1-1.el6.i686.rpm [rpmdevel@XXXXX i686]$ sudo rpm -Uvh openssh-clients-8.0p1-1.el6.i686.rpm [rpmdevel@XXXXX i686]$ exit
- 起動テスト
[root@XXXXX ~]# /etc/rc.d/init.d/sshd start Starting sshd: [ OK ]
- 自動起動設定
(デフォルトでONになっているはず)[root@XXXXX ~]# chkconfig sshd on
設定
- sshd_confの設定
[root@XXXXX ~]# vi /etc/ssh/sshd_config # Port 22 ↓ Port 22 # SyslogFacility AUTH ↓ SyslogFacility AUTH # PermitRootLogin yes ↓ PermitRootLogin no ← rootでのログインを禁止 # PasswordAuthentication yes ↓ PasswordAuthentication no ← パスワードでのログインを禁止(鍵方式によるログインのみ許可) # PermitEmptyPasswords no ↓ PermitEmptyPasswords no ← パスワードなしでのログインを禁止
- 起動スクリプトのコピー
ソースの中にある起動スクリプトをコピーする[root@XXXXX ~]# cp /usr/local/src/openssh-6.1p1/contrib/redhat/sshd.init /etc/rc.d/init.d/sshd
- 起動スクリプトの編集
(OpenSSH 5.9p1のデフォルト起動スクリプト)[root@XXXXX ~]# vi /etc/rc.d/init.d/sshd SSHD=/usr/sbin/sshd ↓ SSHD=/usr/local/ssh/sbin/sshd
start()の中
/usr/bin/ssh-keygen -A ↓ /usr/local/ssh/bin/ssh-keygen -A
起動スクリプトの登録
[root@XXXXX ~]# chkconfig --add sshd [root@XXXXX ~]# chkconfig sshd on [root@XXXXX ~]# chkconfig --list sshd sshd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
鍵の作成
- 一般ユーザーで作成する
[root@XXXXX ~]# su - hoge [hoge@XXXXX ~]$ /usr/bin/ssh-keygen -t rsa ← SSH2で公開鍵・秘密鍵を作成 Generating public/private rsa key pair. Enter file in which to save the key (/home/hoge/.ssh/id_rsa): ← 鍵のファイル名を入力(空EnterでOK) Created directory '/home/hoge/.ssh' Enter passphrase (empty for no passphrase): ← パスフレーズの入力 Enter same passphrase again: ← パスフレーズの再入力 Your identification has been saved in /home/hoge/.ssh/id_rsa. Your public key has been saved in /home/hoge/.ssh/id_rsa.pub. The key fingerprint is: ~鍵情報が表示される~
- 作成された鍵の確認
[hoge@XXXXX ~]$ cd .ssh [hoge@XXXXX ~]$ ls -la 合計 16 drwx------ 2 XXXXX XXXXX 4096 3月 8 21:22 . drwx------ 16 XXXXX XXXXX 4096 3月 8 20:33 .. -rw------- 1 XXXXX XXXXX 951 3月 8 21:22 id_rsa ← 秘密鍵 -rw-r--r-- 1 XXXXX XXXXX 241 3月 8 21:22 id_rsa.pub ← 公開鍵
- 公開鍵の名前の変更
- authorized_keysが既存の場合
[hoge@XXXXX ~]$ cd ~/.ssh [hoge@XXXXX ~]$ cat id_rsa.pub >> authorized_keys [hoge@XXXXX ~]$ rm -f ~/.ssh/id_rsa.pub ← 元の鍵を削除
- authorized_keysがない場合
[hoge@XXXXX ~]$ cd ~/.ssh [hoge@XXXXX ~]$ mv id_rsa.pub authorized_keys
- authorized_keysが既存の場合
- 公開鍵の権限の変更
[hoge@XXXXX ~]$ chmod 400 ~/.ssh/authorized_keys
- フロッピーにコピー
id_rsaファイルをフロッピーにコピーする。
(フロッピーのマウント)[root@XXXXX ~]# cp /home/hoge/.ssh/id_rsa /mnt/floppy
フロッピーにコピーされたid_rsaファイルを使用してPuTTyの接続設定を行う。