LinuxQuestions.org - [SOLVED] Some help with a new version of SSH under RHEL 4

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - Some help with a new version of SSH under RHEL 4 (https://www.linuxquestions.org/questions/linux-software-2/some-help-with-a-new-version-of-ssh-under-rhel-4-a-573200/)

Some help with a new version of SSH under RHEL 4

After reading about the Controlmaster features of OpenSSH 4, <http://www.debian-administration.org/articles/290>
<http://www.cyberciti.biz/tips/howto-improve-ssh-session-performance-by-reusing-an-existing-connection-to-a-remote-openssh-server.html>

I decided I want to try it out. But I see RHEL 4 only has OpenSSH 3.9 installed.

So I d/l'd and installed the latest OpenSSH in a /test directory so I'll have all my distro-supplied stuff to revert to just in case.

How do I tell my system to use the ssh server binaries in /test instead of the default one?

the following will mess up your RedHat installed start/stop script. So RedHat will probably complain the next time you try to do an update -- it'll see you have the RH sshd package, but your start/stop script will be altered... you need to understand what you're doing when you try the following:

look at the /etc/init.d/sshd shell script. On RHEL, this is the "controller" script used by init to start/stop ssh. There are several variables set at the top. I would create a *new* directory -- don't use /etc/sshd, the standard RHEL config location -- to hold the config of your freshly installed sshd. Maybe /etc/sshd_v1.4 or something...

stop the sshd (as root '# /etc/init.d/sshd stop') before you edit the script. DANGER: if you are connecting to the system remotely, keep an extra login screen off to the side. If you stop sshd and log out, you will need to go to the console. Refer to chkconfig(1) for info on how sshd is auto start/stopped at boot/shutdown.

Then adjust your init.d/sshd shell script. Change the KEYGEN and SSHD variables to point to the new ones you installed. Update all the instances of /etc/sshd/ to reflect the new config dir containing your configs for your new installation. (I would start by copying the entire /etc/sshd/ directory if your new install didn't make you a new config dir somewhere.)

after adjusting, start it up: '/etc/init.d/sshd start'

-c

Thanks cconstantine.

I waited a bit to see if anyone else might chime in. Then it occured to me to rename /usr/sbin/sshd as /usr/sbin/sshd.old and then hard link my /test/sbin/sshd from its install dir to be /usr/sbin/sshd. A "service sshd restart" and I was up and running with the new sshd (I can tell it's the new one because when I log in I'm notified that my server's rsa key has changed). Seems simpler.

GOOD ADVICE about keeping an extra login off to the side. I didn't need it, but that's always good advice if messing remotely with sshd. And just in case, I didn't do this from home, so if worst came to worst, I could walk over to the server room.