Appendix C. Build Instructions for OpenSSH on Cygwin
A precompiled OpenSSH package is available for download at the O’Reilly web site. However, if you prefer to build your own OpenSSH binaries from scratch, follow the instructions provided in this appendix. OpenSSH depends on OpenSSL. TCP Wrappers support is optional.
The software packages you need can be found at the following locations:
- TCP Wrappers
There is a Trojan horse version of TCP Wrappers floating around (see CERT advisory CA-99-01 for details). However, a trusted copy is available at the Swedish University Computer Network FTP site (ftp://ftp.sunet.se/pub/unix/security/tcp_wrappers_7.6.tar.gz).
- TCP Wrappers Cygwin patch
This patch is available at the O’Reilly web site (http://www.oreilly.com/ ).
- OpenSSL
OpenSSL can be downloaded from the OpenSSL Project’s web site (http://www.openssl.org/ ).
- OpenSSH
OpenSSH can be downloaded from the OpenSSH Project’s web site (http://www.openssh.com/ ).
- OpenSSH and OpenSSL Cygwin patches
Corinna Vinschen has made the Cygwin patches available for OpenSSL and OpenSSH. The patches are available for downloading at the Franken Archives FTP site (ftp://ftp.franken.de/pub/win32/develop/gnuwin32/cygwin/porters/Vinschen_Corinna/V1.1.1/)
Tip
Remember to build the binaries on a separate system. The bastion host
should not have the full Cygwin package installed. To build OpenSSH,
Cygwin 1.1.2 or higher must be installed. Check your version by
running the command uname
-a. Perl is also needed for Cygwin. A ...
Get Securing Windows NT/2000 Servers for the Internet now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
