01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
% sudo /etc/init.d/sshd stop
% sudo zabom --cui
% tar zxvf openssh-4.7p1.tar.gz
% cd openssh-4.7p1/
% ./configure --with-tcp-wrappers --with-pam
% make && sudo make install
% vi /usr/local/etc/sshd_config
% diff -u sshd_config /usr/local/etc/sshd_config
--- sshd_config.out 2007-09-26 13:46:43.538716416 +0900
+++ /usr/local/etc/sshd_config 2007-09-26 14:47:21.558653320 +0900
@@ -41,6 +41,7 @@
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
+AllowUsers masao yuka hsaito terai
#RSAAuthentication yes
#PubkeyAuthentication yes
@@ -82,11 +83,11 @@
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
-#UsePAM no
+UsePAM yes
#AllowTcpForwarding yes
#GatewayPorts no
-#X11Forwarding no
+X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
@@ -100,7 +101,7 @@
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
-#MaxStartups 10
+MaxStartups 2:80:5
#PermitTunnel no
# no default banner path
% sudo cp /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd
% sudo cp contrib/redhat/sshd.init /etc/init.d/sshd
% sudo ln -s /etc/init.d/sshd /etc/rc2.d/S80sshd
% vi /etc/init.d/sshd
% diff -u contrib/redhat/sshd.init /etc/init.d/sshd
--- contrib/redhat/sshd.init 2006-04-22 20:26:08.000000000 +0900
+++ /etc/init.d/sshd 2007-09-26 14:22:43.086415264 +0900
@@ -22,8 +22,8 @@
prog="sshd"
# Some functions to make the below more readable
-KEYGEN=/usr/bin/ssh-keygen
-SSHD=/usr/sbin/sshd
+KEYGEN=/usr/local/bin/ssh-keygen
+SSHD=/usr/local/sbin/sshd
RSA1_KEY=/etc/ssh/ssh_host_key
RSA_KEY=/etc/ssh/ssh_host_rsa_key
DSA_KEY=/etc/ssh/ssh_host_dsa_key
% sudo /etc/init.d/sshd start
% sudo ln -s /usr/local/bin/ssh /usr/bin/