参考:
将Open SSH Server 移植到ARM Linux成功
build ssh for Arm
原文:
移植openssh-6.6p1到arm linux
编译openssh依赖于zlib、openssl,因此,编译openssh之前,需要先编译好zlib、openssl。另外,交叉编译环境还需要先安装zlib1g-dev、libssl-dev、ssh(可选)
zlib下载地址:
openssl下载地址:
openssh下载地址:
1、安装依赖环境
lingd@ubuntu14:~/arm/ssh$ sudo apt-get install zlib1g-dev libssl-dev ssh
2、编译zlib
lingd@ubuntu14:~/arm/ssh$ tar -Jxvf zlib-1.2.8.tar.xz
lingd@ubuntu14:~/arm/ssh/zlib-1.2.8$ cd zlib-1.2.8/
lingd@ubuntu14:~/arm/ssh/zlib-1.2.8$ ./configure --prefix=/opt/crosstools/4.4.3/zlib
lingd@ubuntu14:~/arm/ssh/zlib-1.2.8$ make "CC=arm-linux-gcc" "AR=arm-linux-ar" "CPP=arm-linux-gcc -E" \
> "LDSHARED=arm-linux-gcc -shared -Wl,-soname,libz.so.1,--version-script,zlib.map"
lingd@ubuntu14:~/arm/ssh/zlib-1.2.8$ sudo make install
3、编译openssl
lingd@ubuntu14:~/arm/ssh/zlib-1.2.8$ cd ..
lingd@ubuntu14:~/arm/ssh$ tar -zxvf openssl-1.0.1h.tar.gz
lingd@ubuntu14:~/arm/ssh$ cd openssl-1.0.1h/
lingd@ubuntu14:~/arm/ssh/openssl-1.0.1h$ unset CROSS_COMPILE
lingd@ubuntu14:~/arm/ssh/openssl-1.0.1h$ ./Configure --prefix=/opt/crosstools/4.4.3/openssl os/compiler:arm-linux-gcc
lingd@ubuntu14:~/arm/ssh/openssl-1.0.1h$ make
lingd@ubuntu14:~/arm/ssh/openssl-1.0.1h$ sudo make install
4、编译openssh
lingd@ubuntu14:~/arm/ssh/openssl-1.0.1h$ cd ..
lingd@ubuntu14:~/arm/ssh$ tar -zxvf openssh-6.6p1.tar.gz
lingd@ubuntu14:~/arm/ssh$ cd openssh-6.6p1/
lingd@ubuntu14:~/arm/ssh/openssh-6.6p1$ ./configure --prefix=/usr/local --host=arm-linux \
> --with-zlib=/opt/crosstools/4.4.3/zlib --with-ssl-dir=/opt/crosstools/4.4.3/openssl CC=arm-linux-gcc
5、打包ssh
lingd@ubuntu14:~/arm/ssh/openssh-6.6p1$ cd ..
lingd@ubuntu14:~/arm/ssh$ touch ssh_tar.sh
lingd@ubuntu14:~/arm/ssh$ vim ssh_tar.sh
#!/bin/sh
prefix=~/arm/ssh/usr/local
mkdir -p $prefix/etc
mkdir -p $prefix/bin
mkdir -p $prefix/libexec
mkdir -p $prefix/sbin
mkdir -p $prefix/lib
cp scp sftp ssh ssh-add ssh-agent ssh-keygen ssh-keyscan $prefix/bin/
cp moduli ssh_config sshd_config $prefix/etc/
cp sftp-server ssh-keysign $prefix/libexec/
cp sshd $prefix/sbin/
cd /opt/crosstools/4.4.3/zlib
cp lib/libz.so.1.2.8 $prefix/lib/
cp /etc/passwd $prefix/etc
cp /etc/group $prefix/etc
cp /etc/shadow $prefix/etc
cd $prefix/../..
tar zcvf ssh_arm.tgz usr
lingd@ubuntu14:~/arm/ssh$ chmod 775 ssh_tar.sh
lingd@ubuntu14:~/arm/ssh$ cd openssh-6.6p1/
lingd@ubuntu14:~/arm/ssh/openssh-6.6p1$ sudo ../ssh_tar.sh
6、安装ssh
lingd@ubuntu14:~/arm/ssh/openssh-6.6p1$ cd ..
lingd@ubuntu14:~/arm/ssh$ touch ssh_install_arm.sh
lingd@ubuntu14:~/arm/ssh$ vim ssh_install_arm.sh
#!/bin/sh
tar zxvf ssh_arm.tgz -C /
ln -s /usr/local/lib/libz.so.1.2.8 /lib/libz.so.1
mkdir -p /var/run/
mkdir -p /var/empty/
echo 'PATH=/usr/local/bin:/usr/local/sbin:$PATH' >> /etc/profile
source /etc/profile
cd /usr/local/etc
mv passwd /etc
#echo 'sshd:x:117:65534::/var/run/sshd:/usr/sbin/nologin' >> /etc/passwd
mv group /etc
mv shadow /etc
../bin/ssh-keygen -t ecdsa -f ssh_host_key -N ""
../bin/ssh-keygen -t rsa -f ssh_host_rsa_key -N ""
../bin/ssh-keygen -t dsa -f ssh_host_dsa_key -N ""
../bin/ssh-keygen -t rsa1 -f ssh_host_ed25519_key -N ""
../bin/ssh-keygen -t ecdsa -f ssh_host_ecdsa_key -N ""
注意:如果没有sshd用户,运行sshd服务时,会提示“Privilege separation user sshd does not exist”。我们一开始就通过“sudo apt-get install ssh”在主机安装了
OpenSSH服务器,安装OpenSSH服务器时,自动会在/etc/passwd文件中添加sshd用户记录。如果主机没有安装OpenSSH服务器,直接拷贝主机的passwd文件是没有用的,建议手动添
加sshd用户,即ssh_install_arm.sh 脚本中不要注释“echo 'sshd:x:117:65534::/var/run/sshd:/usr/sbin/nologin' >> /etc/passwd”。
另外,直接从主机复制的passwd文件,需要将bash全部替代为sh,否则登陆时会提示“Permission denied (publickey,password,keyboard-interactive).”
lingd@ubuntu14:~/arm/ssh$ chmod 775 ssh_install_arm.sh
开发板安装ssh
root@lingd2440:/# mount -t nfs -o nolock,tcp 192.168.1.26:/home/lingd/arm/ /mnt
root@lingd2440:/# cp /mnt/ssh/ssh_arm.tgz .
root@lingd2440:/# cp /mnt/ssh/ssh_install_arm.sh .
root@lingd2440:/# ./ssh_install_arm.sh
开发板启动ssh服务
root@lingd2440:/# /usr/local/sbin/sshd -p 8888
linux ssh客户尝试登陆
lingd@ubuntu14:~/arm/ssh$ ssh root@192.168.1.100 -p 8888
root@192.168.1.100's password:
Processing /etc/profile
set user path
set search library path
set PS1
root@lingd2440:~#
windows SecureCRT同样也可以正常登陆
7、遇到的一些问题
lingd@ubuntu14:~/arm/ssh$ ssh lingd@192.168.1.100 -p 8888
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
91:fa:3f:31:fb:b9:a3:97:96:4c:3b:56:ce:d1:2d:a4.
Please contact your system administrator.
Add correct host key in /home/lingd/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/lingd/.ssh/known_hosts:1
remove with: ssh-keygen -f "/home/lingd/.ssh/known_hosts" -R [192.168.1.100]:8888
ECDSA host key for [192.168.1.100]:8888 has changed and you have requested strict checking.
Host key verification failed.
1)问题:开发板重新生成key后,登陆提示WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
解决方法:删除~/.ssh/known_hosts文件
lingd@ubuntu14:~/arm/ssh$ rm ~/.ssh/known_hosts
lingd@ubuntu14:~/arm/ssh$ ssh lingd@192.168.1.100 -p 8888
The authenticity of host '[192.168.1.100]:8888 ([192.168.1.100]:8888)' can't be established.
ECDSA key fingerprint is 91:fa:3f:31:fb:b9:a3:97:96:4c:3b:56:ce:d1:2d:a4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.1.100]:8888' (ECDSA) to the list of known hosts.
lingd@192.168.1.100's password:
Permission denied, please try again.
lingd@192.168.1.100's password:
Permission denied, please try again.
lingd@192.168.1.100's password:
Permission denied (publickey,password,keyboard-interactive).
2)问题:用户和密码都正确,但无法登陆,并提示Permission denied (publickey,password,keyboard-interactive).
解决方法:将开发板/etc/passwd中bash全部替代为sh,再登陆
lingd@ubuntu14:~/arm/ssh$ ssh lingd@192.168.1.100 -p 8888
lingd@192.168.1.100's password:
Could not chdir to home directory /home/lingd: No such file or directory
Processing /etc/profile
set user path
set search library path
set PS1
lingd@lingd2440:/$ exit
Connection to 192.168.1.100 closed.
lingd@ubuntu14:~/arm/ssh$ ssh root@192.168.1.100 -p 8888
root@192.168.1.100's password:
Processing /etc/profile
set user path
set search library path
set PS1
root@lingd2440:~#
原文:移植openssh-6.6p1到arm linux