[네트워크] ssh 사용하기

다음은 openssl 과 ssh 의 설치과정과 실행방법입니다.

LAN환경에서 Packet Sniffing을 방지하기 위해 telnet통신을 ssh로 대처하는 것도

보안에 대한 대비책이라고 생각합니다.

먼저 ssh 설치전에 ssl이 설치되어야 한다는 군요..

ftp.openssl.org/source/openssl-0.9.6.tar.gz

[선결요건]

————————————

* Perl 5

* an ANSI C compiler

* a supported Unix operating system

————————————

[설치]

—————————————

$ ./config –prefix=/usr/local/openssl

$ make

$ make test

$ make install

—————————————

[설치되는 디렉토리]

——————————————————————————

certs Initially empty, this is the default location for certificate files.

man/man1 Manual pages for the ‘openssl’ command line tool

man/man3 Manual pages for the libraries (very incomplete)

misc Various scripts.

private Initially empty, this is the default location for private key files.

bin Contains the openssl binary and a few other utility programs.

include/openssl

Contains the header files needed if you want to compile programs with

libcrypto or libssl.

lib Contains the OpenSSL library files themselves.

——————————————————————————

ftp.ssh.com/pub/ssh-2.4.0.tar.gz

[설치]

—————————————

$ ./config –prefix=/usr/local/ssh

$ make

$ make test

$ make install

—————————————

[설치되는 파일들]

—————————————————————————–

ssh2 The SSH2 client.

sshd2 The SSH2 daemon.

sftp2 The SFTP client (needs ssh2). Type “?” in the command line for help.

sftp-server2 The SFTP server (executed by sshd2).

scp2 The SCP client.

ssh-keygen2 The utility for generating keys. Use -h for help.

ssh-add2 Add identities to the authentication agent.

ssh-agent2 The authentication agent.

ssh-askpass2 X11 utility for querying passwords.

ssh-signer2 A small program that signs “hostbased” authentication

packets. Executed by ssh2, and for proper function,

must be suid root. (This is done by ‘make install’.)

ssh-pam-client Helper program, that the server uses with PAM authentication.

ssh-probe2 Program to probe a given network for ssh2

servers. See ssh-probe(1) and sshd2_config(5)

for MaxBroadcastsPerSecond.

ssh-pubkeymgr Utility script for generating user public keys and

uploading them and setting up the ~/.ssh2/authorization

and ~/.ssh2/identification files.

ssh-chrootmgr Utility to ease setting up chrooted environment for users.

—————————————————————————-

[StartUp 파일]

# cp /usr/local/src/ssh-2.4.0/sshd2.startup /etc/rc.d/init.d/sshd

# ln -s /etc/rc.d/init.d/sshd /etc/rc.d/rc3.d/S??sshd //??는 적당한 숫자

vi로 /etc/rc.d/init.d/sshd 파일을 열어 /usr/local/sbin/sshd2 라고 되어 있는

부분을 /usr/local/ssh/sbin/sshd2 로 모두 변경해 준다.

[Secure Shell Deamon의 실행]

# /etc/rc.d/init.d/sshd start

Starting sshd2 in port 22: sshd2: SSH Secure Shell 2.4.0

(non-commercial version ) on i586-pc-linux-gnu done.

[ssh 를 사용한 접속]

# ssh -l root localhost

Host key not found from database.

Key fingerprint:

124334dr-4235g-balot-rroh-kinep-cy656v-878l-v656575-ty6557in-m56g-va75757x

You can get a public key’s fingerprint by running

% ssh-keygen -F publickey.pub

on the keyfile.

Are you sure you want to continue connecting (yes/no)? yes <Enter>

Host key saved to /root/.ssh2/hostkeys/key_22_localhost.pub

host key for localhost, accepted by root Fri Apr 06 2001 16:18:24 +0900

root’s password: ************ <Enter>

Authentication successful.

Last login: Thu Apr 05 2001 19:54:43 +0900 from

No mail.

서진우

슈퍼컴퓨팅 전문 기업 클루닉스/ 상무(기술이사)/ 정보시스템감리사/ 시스존 블로그 운영자

You may also like...

1 Response

  1. coffee jazz 말해보세요:

    coffee jazz

페이스북/트위트/구글 계정으로 댓글 가능합니다.