Bii o ṣe le Fi sii OpenSSL lati Orisun ni CentOS ati Ubuntu

OpenSSL jẹ ile-ikawe sọfitiwia ẹya-ara ti o ni kikun ti o ni imuse orisun-ṣiṣi ti Aabo Transport Layer (TLS) ati awọn ilana Ilana aabo Sockets Layer (SSL), ti a lo fun aabo alaye ti a tan kaakiri lori awọn nẹtiwọọki kọnputa.

O jẹ ile-ikawe cryptography idi-gbogbogbo ati ṣe atilẹyin nọmba ti awọn alugoridimu oriṣiriṣi oriṣiriṣi pẹlu AES, Blowfish; MD5, MD4, SHA-1, SHA-2 awọn iṣẹ elile crypto; RSA, DSA, Diffie – Hellman paṣipaarọ bọtini, ọna Elliptic ati ọpọlọpọ awọn omiiran.

Ninu àpilẹkọ yii, a yoo ṣalaye bi o ṣe le fi sori ẹrọ ẹya iduroṣinṣin tuntun ti OpenSSL lati awọn orisun lori awọn ipinpinpin orisun CentOS ati Ubuntu.

Igbesẹ 1: Fi Awọn irinṣẹ Idagbasoke sii

1. Lati ṣajọ OpenSSL pẹlu ọwọ lati awọn orisun, o nilo lati kọkọ fi awọn igbẹkẹle diẹ sii bii\"Awọn irinṣẹ Idagbasoke" labẹ RHEL/CentOS/Fedora tabi\"kọ-pataki" ni Debian/Ubuntu bi o ti han.

------------------- On CentOS, RHEL & Fedora ------------------- 
# yum group install 'Development Tools' && yum install perl-core libtemplate-perl zlib-devel 

------------------- On Ubuntu & Debian -------------------
$ sudo apt update && apt install build-essential checkinstall zlib1g-dev libtemplate-perl

Igbesẹ 2: Ṣajọ OpenSSL lati Awọn orisun

2. Nigbamii, ṣe igbasilẹ ẹya iduroṣinṣin tuntun ti OpenSSL (v1.0.2 ni akoko kikọ, eyiti o jẹ ifilọlẹ Atilẹyin Igba pipẹ (LTS), ni atilẹyin titi di 31st Oṣù Kejìlá 2019), lati oju-iwe igbasilẹ nipa lilo pipaṣẹ oda atẹle.

$ wget -c https://www.openssl.org/source/openssl-1.0.2p.tar.gz
$ tar -xzvf openssl-1.0.2p.tar.gz

3. Nisisiyi, gbe sinu itọsọna ti a fa jade, tunto, kọ, lẹhin kikọ aṣeyọri, idanwo awọn ile-ikawe ki o fi sii OpenSSL ni ipo aiyipada, eyiti o jẹ/usr/agbegbe/ssl, nipa ṣiṣe awọn ofin wọnyi.

$ cd openssl-1.0.2p/
$ ./config
$ make
$ make test
$ sudo make install

4. Lọgan ti o ba ti fi sii OpenSSL ni ifijišẹ, o le gbe sinu itọsọna fifi sori ẹrọ ki o wo ọpọlọpọ awọn ilana-labẹ ati awọn faili nipa lilo pipaṣẹ ls.

$ cd /usr/local/ssl/
$ ls -l

drwxr-xr-x. 2 root root  4096 Aug 22 06:37 bin
drwxr-xr-x. 2 root root  4096 Aug 22 06:37 certs
drwxr-xr-x. 3 root root  4096 Aug 22 06:37 include
drwxr-xr-x. 4 root root  4096 Aug 22 06:37 lib
drwxr-xr-x. 6 root root  4096 Aug 22 06:36 man
drwxr-xr-x. 2 root root  4096 Aug 22 06:37 misc
-rw-r--r--. 1 root root 10835 Aug 22 06:37 openssl.cnf
drwxr-xr-x. 2 root root  4096 Aug 22 06:37 private

Atẹle wọnyi jẹ awọn ilana pataki ti o nilo lati ṣe akiyesi:

    bin <--> bin - ni alakomeji openssl ati diẹ ninu awọn iwe afọwọkọ iwulo.
  • pẹlu/openssl - awọn faili akọsori ti o nilo fun kikọ awọn eto tirẹ ti o lo libcrypto tabi libssl.
  • lib - ni awọn faili ile-ikawe OpenSSL ninu.
  • lib/enjini - ni awọn OpenSSL ti n ṣatunṣe awọn ẹnjini agbara ni.
  • eniyan - ni awọn oju-iwe eniyan OpenSSL ninu.
  • pin/doc/openssl/html - ni itumọ HTML ti awọn oju-iwe eniyan naa.
  • jẹrisi - ipo aiyipada fun awọn faili ijẹrisi.
  • ikọkọ - ipo aiyipada fun awọn faili bọtini ikọkọ.

5. Lati ṣayẹwo ẹya ti OpenSSL ti o ṣẹṣẹ fi sii, ṣiṣe aṣẹ atẹle.

$ /usr/local/ssl/bin/openssl version

OpenSSL 1.0.2p  14 Aug 2018

6. Lati lo ẹya OpenSSL ti a fi sori ẹrọ tuntun lori ẹrọ rẹ, o nilo lati ṣafikun itọsọna/usr/agbegbe/ssl/bin/si PATH rẹ, ninu faili ~/.bashrc (tabi deede fun ikarahun rẹ).

$ vim ~/.bashrc

Ṣafikun laini yii ni isalẹ faili naa.

export PATH="/usr/local/ssl/bin:${PATH}"

Fipamọ ki o pa faili naa ki o tun gbe iṣeto ni lilo aṣẹ ni isalẹ.

$ source .bashrc

7. Bayi ṣii window ebute tuntun kan ati ṣiṣe awọn ofin wọnyi lati jẹrisi pe alakomeji OpenSSL tuntun wa ni PATH rẹ ati pe o le ṣiṣẹ laisi titẹ ọna rẹ ni kikun.

$ whereis openssl

openssl: /usr/bin/openssl /usr/lib64/openssl /usr/include/openssl /usr/local/ssl/bin/openssl /usr/share/man/man1/openssl.1ssl.gz

$ openssl version 	

OpenSSL 1.0.2p  14 Aug 2018

Gbogbo ẹ niyẹn! Ninu nkan yii, a ti ṣalaye bii o ṣe le fi ẹya tuntun OpenSSL sori ẹrọ lati orisun lori awọn ọna ṣiṣe Linux. Ti o ba ni ibeere eyikeyi, lo fọọmu aṣẹ ni isalẹ lati de ọdọ wa.