Bii o ṣe le Fi sii OpenSSL lati Orisun ni CentOS ati Ubuntu
OpenSSL jẹ ile-ikawe sọfitiwia ẹya-ara ti o ni kikun ti o ni imuse orisun-ṣiṣi ti Aabo Transport Layer (TLS) ati awọn ilana Ilana aabo Sockets Layer (SSL), ti a lo fun aabo alaye ti a tan kaakiri lori awọn nẹtiwọọki kọnputa.
O jẹ ile-ikawe cryptography idi-gbogbogbo ati ṣe atilẹyin nọmba ti awọn alugoridimu oriṣiriṣi oriṣiriṣi pẹlu AES, Blowfish; MD5, MD4, SHA-1, SHA-2 awọn iṣẹ elile crypto; RSA, DSA, Diffie – Hellman paṣipaarọ bọtini, ọna Elliptic ati ọpọlọpọ awọn omiiran.
Ninu àpilẹkọ yii, a yoo ṣalaye bi o ṣe le fi sori ẹrọ ẹya iduroṣinṣin tuntun ti OpenSSL lati awọn orisun lori awọn ipinpinpin orisun CentOS ati Ubuntu.
Igbesẹ 1: Fi Awọn irinṣẹ Idagbasoke sii
1. Lati ṣajọ OpenSSL pẹlu ọwọ lati awọn orisun, o nilo lati kọkọ fi awọn igbẹkẹle diẹ sii bii\"Awọn irinṣẹ Idagbasoke" labẹ RHEL/CentOS/Fedora tabi\"kọ-pataki" ni Debian/Ubuntu bi o ti han.
------------------- On CentOS, RHEL & Fedora ------------------- # yum group install 'Development Tools' && yum install perl-core libtemplate-perl zlib-devel ------------------- On Ubuntu & Debian ------------------- $ sudo apt update && apt install build-essential checkinstall zlib1g-dev libtemplate-perl
Igbesẹ 2: Ṣajọ OpenSSL lati Awọn orisun
2. Nigbamii, ṣe igbasilẹ ẹya iduroṣinṣin tuntun ti OpenSSL (v1.0.2 ni akoko kikọ, eyiti o jẹ ifilọlẹ Atilẹyin Igba pipẹ (LTS), ni atilẹyin titi di 31st Oṣù Kejìlá 2019), lati oju-iwe igbasilẹ nipa lilo pipaṣẹ oda atẹle.
$ wget -c https://www.openssl.org/source/openssl-1.0.2p.tar.gz $ tar -xzvf openssl-1.0.2p.tar.gz
3. Nisisiyi, gbe sinu itọsọna ti a fa jade, tunto, kọ, lẹhin kikọ aṣeyọri, idanwo awọn ile-ikawe ki o fi sii OpenSSL ni ipo aiyipada, eyiti o jẹ/usr/agbegbe/ssl, nipa ṣiṣe awọn ofin wọnyi.
$ cd openssl-1.0.2p/ $ ./config $ make $ make test $ sudo make install
4. Lọgan ti o ba ti fi sii OpenSSL ni ifijišẹ, o le gbe sinu itọsọna fifi sori ẹrọ ki o wo ọpọlọpọ awọn ilana-labẹ ati awọn faili nipa lilo pipaṣẹ ls.
$ cd /usr/local/ssl/ $ ls -l drwxr-xr-x. 2 root root 4096 Aug 22 06:37 bin drwxr-xr-x. 2 root root 4096 Aug 22 06:37 certs drwxr-xr-x. 3 root root 4096 Aug 22 06:37 include drwxr-xr-x. 4 root root 4096 Aug 22 06:37 lib drwxr-xr-x. 6 root root 4096 Aug 22 06:36 man drwxr-xr-x. 2 root root 4096 Aug 22 06:37 misc -rw-r--r--. 1 root root 10835 Aug 22 06:37 openssl.cnf drwxr-xr-x. 2 root root 4096 Aug 22 06:37 private
Atẹle wọnyi jẹ awọn ilana pataki ti o nilo lati ṣe akiyesi:
- bin <--> bin - ni alakomeji openssl ati diẹ ninu awọn iwe afọwọkọ iwulo.
- pẹlu/openssl - awọn faili akọsori ti o nilo fun kikọ awọn eto tirẹ ti o lo libcrypto tabi libssl.
- lib - ni awọn faili ile-ikawe OpenSSL ninu.
- lib/enjini - ni awọn OpenSSL ti n ṣatunṣe awọn ẹnjini agbara ni.
- eniyan - ni awọn oju-iwe eniyan OpenSSL ninu.
- pin/doc/openssl/html - ni itumọ HTML ti awọn oju-iwe eniyan naa.
- jẹrisi - ipo aiyipada fun awọn faili ijẹrisi.
- ikọkọ - ipo aiyipada fun awọn faili bọtini ikọkọ.
5. Lati ṣayẹwo ẹya ti OpenSSL ti o ṣẹṣẹ fi sii, ṣiṣe aṣẹ atẹle.
$ /usr/local/ssl/bin/openssl version OpenSSL 1.0.2p 14 Aug 2018
6. Lati lo ẹya OpenSSL ti a fi sori ẹrọ tuntun lori ẹrọ rẹ, o nilo lati ṣafikun itọsọna/usr/agbegbe/ssl/bin/si PATH rẹ, ninu faili ~/.bashrc (tabi deede fun ikarahun rẹ).
$ vim ~/.bashrc
Ṣafikun laini yii ni isalẹ faili naa.
export PATH="/usr/local/ssl/bin:${PATH}"
Fipamọ ki o pa faili naa ki o tun gbe iṣeto ni lilo aṣẹ ni isalẹ.
$ source .bashrc
7. Bayi ṣii window ebute tuntun kan ati ṣiṣe awọn ofin wọnyi lati jẹrisi pe alakomeji OpenSSL tuntun wa ni PATH rẹ ati pe o le ṣiṣẹ laisi titẹ ọna rẹ ni kikun.
$ whereis openssl openssl: /usr/bin/openssl /usr/lib64/openssl /usr/include/openssl /usr/local/ssl/bin/openssl /usr/share/man/man1/openssl.1ssl.gz
$ openssl version OpenSSL 1.0.2p 14 Aug 2018
Gbogbo ẹ niyẹn! Ninu nkan yii, a ti ṣalaye bii o ṣe le fi ẹya tuntun OpenSSL sori ẹrọ lati orisun lori awọn ọna ṣiṣe Linux. Ti o ba ni ibeere eyikeyi, lo fọọmu aṣẹ ni isalẹ lati de ọdọ wa.