Download the source:
Edit the file apps/ssh/ssh2includes.h and make the following change.
This will prevent your particlar version of SSH2 from being identified:
#define SSH2_PROTOCOL_VERSION_STRING ""
Now, you should be able to build the program:
$ ./configure --enable-static --without-rsh --enable-tcp-nodelay --enable-heavy-debug --without-internal-ssh1-compat --without-ssh-agent1-compat --disable-X11-forwarding --without-pgp --without-ipv6 --without-clientpam --disable-suid-ssh-signer --with-libwrap
$ make
# make install
Edit /etc/ssh2/sshd2_config and make the following changes:
Port 22
Ciphers blowfish
MACs hmac-md5
HostKeyFile /etc/ssh2/hostkey
PublicHostKeyFile /etc/ssh2/hostkey.pub
RandomSeedFile /etc/ssh2/random_seed
StrictModes yes
AllowedAuthentications publickey
RequiredAuthentications publickey
PermitRootLogin no
PermitEmptyPasswords no
IdleTimeout 15m
Keepalive yes
RequireReverseMapping no
LoginGraceTime 30
QuietMode no
VerboseMode yes
Ssh1Compatibility no
RekeyIntervalSeconds 3600
AllowAgentForwarding no
AllowX11Forwarding no
Edit /etc/inetd.conf and add the following:
ssh stream tcp nowait root /usr/local/sbin/sshd sshd -i
I know that many out there don't like to run sshd via inetd. This is mostly due to the argument of key generation time for each ssh connection. If you have a fast enough CPU, and there are few ssh connections, then I feel that it's a lot easier to place it in inetd.conf. Don't forget to KILL -HUP the inetd signal.