HowTo: Install latest openssh on Ubuntu
April 16th 2007 08:01 pm
Ubuntu is pretty good about updating software, but sometimes you just want the latest. This howto will show you how to compile and install the latest openssh (4.6p1 at the time of writing) with the latest openssl library (0.9.8e at the time of writing).
First, install some important tools. I’m not sure about all the packages you need to compile this, but usually build-essential does the the trick for most things. (Run things in code blocks on the command line, in a program like konsole or terminal)
1 | sudo aptitude install build-essential libpam-dev |
If you get any errors at any point about command not found or anything, leave a comment and I’ll update the howto with the new information. You can try just ‘apt-get’ing the software it claims to be missing.
So anyway, let’s get started.
Make a directory to work in:
1 | cd && mkdir dev && cd dev |
Now let’s download the latest openssl.
1 | wget -c http://www.openssl.org/source/openssl-0.9.8e.tar.gz |
And while we are in a downloading mood, let’s get the latest openssh package.
1 | wget -c ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz |
Again, these are the latest at the time of writing, so for newer release head over the the websites and go to the download section to find out what the latest is, and download that.
Unpack the archives:
1 | for i in `ls *.gz`; do tar zxf $i; done |
Now you should have to directories: openssl-0.9.8e and openssh-4.6p1
Move into the openssl directory:
1 | cd openssl-0.9.8e |
Configure openssl:
1 | ./config --prefix=/opt/openssl-0.9.8e |
You can replace prefix with something else to install elsewhere or just remove the option to install the default. For this application, I like to install it in /opt to keep it seperate.
Compile openssl:
1 | make |
Make sure openssl compiled properly:
1 | make tests |
If everything compiled and tested okay, install openssl
1 | sudo make install |
Now you should have the directory /opt/openssl-0.9.8e with a bunch of folders and files in it. Sweet.
Lets move on and get openssh going.
The install will not overwrite existing files (like sshd_config or your host key files) if it finds them, so if you want to keep your existing configuration, leave the /etc/ssh directory alone. If you want new everything, backup the original ssh directory.
1 | sudo mv /etc/ssh /etc/ssh.bak |
Move into the openssh directory:
1 | cd ../openssh-4.6p1 |
Configure openssh
1 | ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/opt/openssl-0.9.8e |
Replace the—with-ssl-dir option with whatever you configured openssl with as the prefix (again to keep things simple, I just used /opt)
Compile openssh
1 | make |
And install openssh
1 | sudo make install |
Now you have the latest openssh installed with the latest openssl. Check if the install worked and restart the ssh server and check the running version.
1 | sshd -v |
Which should return some info, including OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
Restart the server:
1 | sudo /etc/init.d/ssh restart |
And test it:
1 | telnet localhost 22 |
Which should return some info, including SSH-1.99-OpenSSH_4.6
Now you have the latest and greatest openssh installed. Happy secure remote console access!
About the author... Daniel Huckstep is a software engineer(ing student) at the University of Alberta. He enjoys all aspects of computers and their software, reptiles, guitar and music creation, reading, and macaroni salad. 
