SSH (Secure Shell) Remote Login Program

These are the steps to upgrade to the latest ssh on a Red Hat 7.x Linux installation.

Get the latest source from OpenSSH.
Add privsep user
mkdir /var/empty
chown root:sys /var/empty
chmod 755 /var/empty
/usr/sbin/groupadd sshd
/usr/sbin/useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd
Compile and install:
cd into the source directory and become root
./configure --prefix=/usr --sysconfdir=/etc/ssh
make
make install
Restart sshd:
/etc/rc.d/init.d/sshd restart

To enable login using public/private key authentication:

On the local machine:

$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_dsa):
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/username/.ssh/id_dsa.
Your public key has been saved in /home/username/.ssh/id_dsa.pub.
The key fingerprint is:
0f:0f:0f:0f:0f:0f:0f:0f:0f:0f:0f:0f:0f:0f:0f:0f username@local.domain.com

You can enter a passphrase at the prompts or you can merely press return twice. If you do not enter a passphrase, anyone who gains control of your local machine will be able to execute commands on the target machine without at passphrase.

Copy your public key to the distant machine:

$ scp -p /home/username/.ssh/id_dsa.pub username@distant.domain.com:/home/username/local.pub

On the distant machine:
```
cat ~/local.pub >> ~/.ssh/authorized_keys
```
(Note: The file authorized_keys must be owned by the user and mode must be 600. The directory .ssh should be owned by the user and the mode should be 700.)

www.macssh.com - free ssh client for Mac OS 8 and 9.

Author: John Neuhaus, email address: < john at jneuhaus.com >, last revised: Thu, Oct 13, 2005 at 10:09 PM ET