标签为 HPN-SSH 的文章

安装配置高性能SSH Server - HPN-SSH

HPN-SSH 是一款高性能的SSH Server,主要通过Patch补丁的方式集成到OpenSSH得到应用。
根据官方的各种数据展示,在数据传输上的性能是OpenSSH的10倍。
如果我们采用了OpenSSH通道进行数据传输,比如通过SCP,Rsync等方式,那么采用HPN-SSH是一个不错的选择。

我的思路是将HPN-SSH整个编译安装到/opt/hpn-ssh目录下面,同时绑定6022号端口与指定特定路径的PID文件,这样就可以与系统原有的OpenSSH同时运行,互不影响。

下面是具体的安装与配置步骤:
1. 下载OpenSSH
# wget http://ftp5.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.1p1.tar.gz

2. 下载HPN-SSH补丁
Download HPN SSH Patch for OpenSSH 6.1
http://www.psc.edu/index.php/component/remository/func-startdown/861/

3. 解压OpenSSH并引用HPN-SSH补丁
# tar xzvf openssh-6.1p1.tar.gz
# gzip -d openssh-6.1p1-hpn13v14.diff.gz

# cd openssh-6.1p1
# patch < ../openssh-6.1p1-hpn13v14.diff # ./configure --prefix=/opt/hpn-ssh # make # make install 4. 修改配置文件 # vim /opt/hpn-ssh/etc/sshd_config

port 6022
Protocol 2
SyslogFacility AUTHPRIV
PermitRootLogin no
AuthorizedKeysFile	.ssh/authorized_keys
X11Forwarding yes
#UsePrivilegeSeparation sandbox		# Default for new installations.
PidFile /opt/hpn-ssh/run/sshd.pid
Subsystem	sftp	/opt/hpn-ssh/libexec/sftp-server

5. 编写Service脚本
# vim /etc/init.d/hpn-sshd

#!/bin/bash
#
# Start up the HPN-SSH Plugged-in OpenSSH server daemon
#

PROG=HPN-SSH
HPN_SSH_HOME=/opt/hpn-ssh
SSH_KEYGEN=$HPN_SSH_HOME/bin/ssh-keygen
SSHD=$HPN_SSH_HOME/sbin/sshd
SSHD_CONFIG=$HPN_SSH_HOME/etc/sshd_config
PID_FILE=$HPN_SSH_HOME/run/sshd.pid

check_root()
{
  if [ $EUID -ne 0 ]; then
    echo "This script must be run as root" 1>&2
    exit 1
  fi
}

check_ssh_keys()
{
  if [ ! -a $HPN_SSH_HOME/etc/ssh_host_key ]; then
    $SSH_KEYGEN -A
  fi
}

start()
{
  check_root
  check_ssh_keys
  echo $"Starting $PROG..."
  $SSHD -f $SSHD_CONFIG
}

stop()
{
  check_root
  echo $"Stopping $PROG..."
  if [ -a $PID_FILE ] ; then
    kill -9 `cat $PID_FILE`
    rm -f $PID_FILE
  else
    echo "PID_FILE:$PID_FILE does NOT exist"
    exit 1
  fi
}

restart() {
  stop
  start
}

status() {
  SSHD_PORT=`grep -E '^Port' $SSHD_CONFIG`
  RUNNING_PID=`ps aux | grep $SSHD_CONFIG | grep -v grep | awk '{print $2}'`
  if [ -a $PID_FILE ] ; then
    if [ -z $RUNNING_PID ]; then
      echo "PID_FILE:$PID_FILE exists but $PROG is NOT running"
      exit 1
    fi
    echo "$PROG is running at PID:`cat $PID_FILE` on $SSHD_PORT"
  else
    echo "$PROG is stopped"
    exit 1
  fi
}

case "$1" in
  start)
    start
    sleep 1
    status
    ;;
  stop)
    stop
    status
    ;;
  restart)
    restart
    ;;
  status)
    status
    ;;
  *)
    echo $"Usage: $0 {start|stop|restart|status}"
esac

# chmod +x /etc/init.d/hpn-sshd

6. 启动关闭HPN-SSH
# /etc/init.d/hpn-sshd start

Starting HPN-SSH...
HPN-SSH is running at PID:19657 on Port 6022

# /etc/init.d/hpn-sshd stop

Stopping HPN-SSH...
HPN-SSH is stopped

2 Comments