How to Install OpenSSH 8 Server from Source in Linux?
The OpenSSH is an open-source implementation of the SSH protocol that encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. It was developed by the OpenBSD Project and made available under a BSD-style license.
Utilities included in the OpenSSH 8
- Remote operations can be performed using ssh, scp, and sftp.
- Key management with ssh-add, ssh-keysign, ssh-keyscan, and ssh-keygen are included.
- The service side includes sshd, sftp-server, and ssh-agent.
In this article, we will show you how to build and install OpenSSH from source in Debian-based Linux (Ubuntu/Kali/Linuxmint/Elementary).
First of all, we will install all the dependencies, before installing OpenSSH (make to build and install the source code, wget to download the tarball, etc).
sudo apt update
sudo apt install build-essential zlib1g-dev libssl-dev libpam0g-dev libselinux1-dev wget
Now create a new folder sshd in the /var/lib directory
sudo mkdir /var/lib/sshd
Then update file permission and ownership of the directory
sudo chmod -R 700 /var/lib/sshd/ && chown -R root:sys /var/lib/sshd/
To verify the changes, run :
ls -l -d /var/lib/sshd/
Here, we can see that sys is an owner and only the user has read, write and execute permissions for this directory.
Now create a system user sshd
useradd -r -c 'sshd PrivSep' \ -d /var/lib/sshd \ -s /bin/false \ -u 50 sshd
- -r: create a system user
- -c: add a comment
- -d: specifies the directory
- -s: specifies the user’s shell
- -u: creates a new user sshd with UID 50
Download and configure OpenSSH tarball from HTTP mirrors provided by OpenSSH. As of August 2021, version 8.7 is the latest but you can download any newer version, if available.
wget -c -q https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.7p1.tar.gz
tar -xzf openssh-8.7p1.tar.gz && cd openssh-8.7p1
./configure –with-md5-passwords –with-pam –with-selinux –with-privsep-path=/var/lib/sshd/ –sysconfdir=/etc/ssh
Finally, install the project using the make command.
make sudo make install
To verify the installation, run :