|< Free Open Study >|| |
The following sections describe the process of installing OpenSSH. They discuss not only the mechanics of installation, but also the details and decisions—for example, how to choose an installation directory. After reading this material, you'll be able to install OpenSSH on any system.
Like all examples in this book, you will compile OpenSSH from source code. The first step in building software is, as discussed in Chapter 7, to decide on compiletime options. This section will discuss the compile-time options supported by OpenSSH and provide an actual detailed configuration appropriate for a real-world system.
The first option that is relevant to almost every software package is the installation directory—that is, the directory where the compiled program is to be installed. Chapters 3 and 7 discussed some typical options for installation directories, namely the /opt and /usr/local directories. Chapter 7 provides complete details, but in general the /opt directory is appropriate for software that might need to be upgraded regularly or need more than one version installed, while /usr/local is more appropriate for software that is upgraded infrequently. Since OpenSSH is typically upgraded infrequently, this example will install it into /usr/local.
OpenSSH supports a wide variety of configuration options. Generally these configuration options relate to whether to enable various authentication mechanisms (such as Kerberos or "smart card" support) and a few other things, such as whether to support the new IPv6 Internet protocol standard. These options, meanwhile, generally boil down to whether or not the operating system supports them; for example, if the operating system doesn't have or use Kerberos libraries, then it doesn't make sense for OpenSSH to enable Kerberos support (and in fact the process will fail if you try). Since the ./configure program will automatically detect whether each of these options is available on the system and enable or disable the option appropriately, there's no need for you to worry about them.
That isn't a general rule, though: Many programs come with options that enable or disable actual features in the program. In such cases, there's no way for the program to do any autodetection; after all, how does a program automatically detect whether you want a certain feature disabled? In those cases, features can be explicitly disabled and enabled. (See the section later in Part Three on the Apache web server for an example of this type of installation.)
Additionally, even though most OpenSSH features get autodetected, under some circumstances you might actually not want this behavior. For example, you may not want OpenSSH to use Kerberos authentication, even if it's installed on the system. In such cases, you can consult the documentation and the ./configure –help command to find out how to disable the unneeded features.
In a nutshell, your OpenSSH installation probably needs no custom options, except to set the installation path. Use the following command to configure it. (This command will change if you choose to explicitly enable or disable one or more of the automatically detected features.)
$ ./configure --prefix=/usr/local
Note that the –prefix option indicates /usr/local as the installation directory. This means that the program binaries will be installed in /usr/local/bin, configuration files in /usr/local/etc, and so on. If the command completes without any errors, the software should be ready for compilation.
Once the ./configure program has been run as discussed in the previous section, the software can actually be built. This is very simple; it consists of running the make command followed by the make install command, as shown here:
(Information on the build process will scroll by.)
$ make install
(Information on the installation process will scroll by.)
In addition to copying files, the make install command will also run a few scripts that set up cryptographic server keys and other basic details. If the make instal command (and the make command before it) both complete successfully, then OpenSSH is installed! If either failed, it probably means that something went wrong in the configuration process; check to see if the ./configure command actually completed successfully and that the various options you may have passed to it are correct. (For example, watch for possible typos in path names.)
|< Free Open Study >|| |