Choose Which Packages to Install

To install the secure server, you'll need to install three packages at minimum:

apache

The apache package contains the Apache Web server.

mod_ssl

The mod_ssl package includes the mod_ssl module, which provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.

openssl

The openssl package contains the OpenSSL toolkit. The OpenSSL toolkit implements the SSL and TLS protocols and also includes a general purpose cryptography library.

Additionally, other software packages included with Red Hat Linux can add functionality to your secure server (but are not required by the secure server to function):

OpenSSH

The openssh package provides the OpenSSH set of network connectivity tools for logging in to and executing commands on a remote machine. OpenSSH tools encrypt all traffic (including passwords), so you can avoid eavesdropping, connection hijacking, and other attacks on the communications between your machine and the remote machine.

The openssh package includes the OpenSSH clients: ssh, a secure replacement for rsh; slogin, a secure replacement for rlogin (remote login) and telnet (communications with another host via the TELNET protocol); and scp, a secure replacement for rcp (for copying files between machines) and ftp (for transferring files between machines).

The openssh-askpass package supports the display of a dialog window which prompts for a password during use of the OpenSSH agent with RSA authentication.

The openssh-askpass-gnome package contains a GNOME GUI desktop environment dialog window which is displayed when OpenSSH programs prompt for a password. If you're running GNOME and using OpenSSH utilities, you should install this package.

The openssh-server package contains the sshd secure shell daemon and man page. The secure shell daemon is the server side of the OpenSSH suite, and must be installed on your host if you want to allow SSH clients to connect to your host.

The openssh-clients package contains the client programs needed to make encrypted connections to SSH servers.

For more information about OpenSSH, see the OpenSSH website at http://www.openssh.com/.

Stunnel

The stunnel package provides the Stunnel SSL wrapper. Stunnel supports the SSL encryption of TCP connections, so it can provide encryption for non-SSL aware daemons and protocols (e.g., POP, IMAP, LDAP) without requiring any changes to the daemon's code.

apache-devel

The apache-devel package contains the Apache include files, header files and the APXS utility. You will need all of these if you intend to load any extra modules, other than the modules provided with this product. Please see the section called Adding Modules to Your Server in Chapter 12 for more information on loading modules into your Red Hat Linux Secure Web Server using Apache's DSO functionality.

If you do not intend to load other modules into your Red Hat Linux Secure Web Server, you do not need to install this package.

apache-manual

The apache-manual package contains the Apache Project's Apache 1.3 User's Guide in HTML format. This manual is also available on the Web at http://www.apache.org/docs/.

openssl-devel

The openssl-devel package contains the static libraries and include file necessary for compiling applications with support for various cryptographic algorithms and protocols. You need to install this package only if you're developing applications which include SSL support — you don't need this package to use SSL.