Installing OpenSSH on Different Distributions

The previous section discussed the configuration of the OpenSSH client and server programs. Since OpenSSH has a server component, however, that server has to be hooked into the operating system's bootup process. The following sections describe how to accomplish that on each of the sample distributions.

Installing OpenSSH on Red Hat Linux

As discussed in the "System Startup Scripts" section of Chapter 4, Red Hat Linux uses the SysV model of system initialization scripts. In this model, a special directory contains many scripts, each of which manages a specific server or service. When the system starts up, it is configured to execute these scripts. This section describes how to configure the OpenSSH server for use with Red Hat's implementation of the SysV model. Actually, the OpenSSH source code distribution includes such a script ready-made; however, it's useful to see how one of these scripts works, so a less sophisticated and simpler version is presented.

To be compatible with the SysV model, a script minimally needs to support three arguments: stop, start, and restart. Installing OpenSSH on Red Hat Linux, then, involves writing a shell script that understands these three commands. The stop command shuts down the sshd daemon, the start command starts it up, and the restart command both shuts it down and starts it up again. The script in Listing 8-1 demonstrates a very basic SysV-compatible init script.

Listing 8-1: SysV-compatible Script for OpenSSH sshd

 #!/bin/sh # chkconfig: 345 25 25 # description: Manages the OpenSSH sshd server. [ -x /usr/local/sbin/sshd ] || exit 0 RC=0 start () {    echo $"Starting sshd."    /usr/local/sbin/sshd    return 0 } stop () {    echo $"Stopping sshd."    [ -e /var/run/sshd.pid ] && kill -TERM 'cat /var/run/sshd.pid`    RC=$?    return $RC } restart () {    stop    start    RC=$?    return $RC } # See how we were called. case "$1" in    start)       start       ;;    stop)       stop       ;;    restart)       restart       ;;    *)       echo $"Usage: $0 {start|stop|restart}"       RETVAL=1 esac exit $RETVAL 

Particularly noteworthy in Listing 8-1 are the first two lines, which enable the script to be used with Red Hat's chkconfig and service tools. This means that the file can simply be placed (or a link to it created) in /etc/rc.d/init.d, and then chkconfig can be used to manage it. The following commands demonstrate how to install and use the sshd script in Listing 8-1:

 $ cp listing-8x.sh /etc/rc.d/init.d/sshd $ chkconfig –add sshd $ service sshd start 

Listing 8-1 is minimal: It doesn't include many niceties, but it does get the basic job done. A good script programmer will immediately spot additional ways in which the script could be more robust or useful. However, the objective of Listing 8-1 is to demonstrate how to construct a basic SysV-compatible script, not to teach advanced scripting, so it is very basic.

Recall that OpenSSH itself actually includes a vastly more robust version of Listing 8-1 in the contrib/redhat/sshd.init file of the source code package. This script is the one Red Hat uses in their RPM-packaged version of OpenSSH, and there is absolutely no reason not to use the official OpenSSH script instead of Listing 8-1. The goal of Listing 8-1 is to demonstrate a basic script. If someone gives you a better script, by all means use it.

Installing OpenSSH on Slackware Linux

As discussed in the "System Startup Scripts" section of Chapter 5, Slackware Linux uses the BSD model for its initialization scripts. In this model, there is essentially a single script that is responsible for most system startup tasks; however, Slackware's version of this system also includes very basic support for SysV-compatible scripts. This section discusses how to configure the OpenSSH sshd server to be started on bootup on a Slackware Linux system.

Recall that there are two ways to configure OpenSSH's server to run on Slackware Linux. One way is to modify the system's /etc/rc.d/rc.M or /etc/rc.d/rc.inet2 script and directly include script code similar to that in Listing 8-1. This would indeed cause the server to be started when the system boots up.

However, as mentioned in the previous section, OpenSSH actually includes a SysV-compatible script for starting and stopping the server. Since Slackware also provides basic support for SysV, it might also make sense to simply use the file provided for Red Hat Linux with Slackware's /etc/rc.d/rc.sysvinit mechanism. Unfortunately, the file provided with OpenSSH requires files specific to Red Hat Linux's implementation of the SysV model, so that file can't be used on Slackware Linux without modification.

However, Listing 8-1 is much simpler, and so it could be used on Slackware, without modification. Simply place Listing 8-1 into the appropriate subdirectory of /etc/rc.d and it will be handled automatically by Slackware's startup process.

Either option (directly editing /etc/rc.d/rc.M or /etc/rc.d/rc.inet2, or using the SysV approach) is a perfectly serviceable solution. Which one an administrator will prefer is really a matter of taste; for example, one administrator may prefer to keep all startup activities in /etc/rc.d/rc.M to avoid accidentally overlooking one, while another may prefer to recycle SysV scripts that have already been written in order to save labor. There's more than one way to do it, as is typical of Slackware Linux.

Installing OpenSSH on Debian GNU/Linux

Installing OpenSSH on Debian GNU/Linux is very similar to installing it on Red Hat Linux. Since Debian GNU/Linux uses the same initscripts model as Red Hat Linux—namely, the SysV model—then the material discussed previously that applies to Red Hat Linux also applies to Debian GNU/Linux.

Also as with Red Hat Linux, Debian GNU/Linux includes a package for OpenSSH with the base distribution. This means that you can probably just use the Debian package (with your own custom configurations as discussed throughout this Chapter, of course) as is, unless you need to upgrade it yourself.

About the only substantial difference between installing OpenSSH on Debian GNU/Linux and Red Hat Linux is that Debian doesn't include Red Hat's service and chkconfig tools; instead, you'll have to use Debian's own update-rc.d program, as discussed in the "Working with Debian's Tools" section of Chapter 6.