Dave Bott(deleted)
12/12/2007 3:51 PM
post3709
|
The source tree contains openssl, but not openssh code
Are we going to provide ssh as part of this code base or is there some licensing issue why we can't ?
Thanks !
Dave
|
|
|
Sean Boudreau(deleted)
12/12/2007 3:56 PM
post3711
|
On Wed, Dec 12, 2007 at 03:51:24PM -0500, Dave Bott wrote:
> The source tree contains openssl, but not openssh code
>
> Are we going to provide ssh as part of this code base or is there some
> licensing issue why we can't ?
>
> Thanks !
>
> Dave
It currently builds under pkgsrc, but you're right, it
would be nice to bring it in the base.
-seanb
# pkg_info openssh
Information for openssh-4.7.1nb1:
Comment:
Open Source Secure shell client and server (remote login program)
Requires:
zlib>=1.2.3
openssl>=0.9.7inb1
tcp_wrappers>=7.6.1nb3
Description:
OpenSSH is based on the last free version of Tatu Ylonen's SSH with
all patent-encumbered algorithms removed (to external libraries), all
known security bugs fixed, new features reintroduced and many other
clean-ups. More information about SSH itself can be found in the file
README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song.
This port consists of the re-introduction of autoconf support, PAM
support (for Linux and Solaris), EGD[1] support, SOCKS support (using
the Dante [6] libraries and replacements for OpenBSD library functions
that are (regrettably) absent from other unices. This port has been
best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX,
SCO, NeXT and other Unices is underway. This version actively tracks
changes in the OpenBSD CVS repository.
Homepage:
http://www.openssh.com/
|
|
|
Robert Craig
12/12/2007 4:17 PM
post3712
|
That will likely come in a later release. We also have "easy to follow"
porting instructions for people who would like to download the source from
openssh.org and build it themselves.
Robert.
-----Original Message-----
From: Dave Bott [mailto:dbott@qnx.com]
Sent: Wednesday, December 12, 2007 3:51 PM
To: technology-networking
Subject: openssh ?
The source tree contains openssl, but not openssh code
Are we going to provide ssh as part of this code base or is there some
licensing issue why we can't ?
Thanks !
Dave
_______________________________________________
Technology
http://community.qnx.com/sf/go/post3709
|
|
|
Sean Boudreau(deleted)
02/25/2008 11:14 AM
post5238
|
> The source tree contains openssl, but not openssh code
>
> Are we going to provide ssh as part of this code base or is there some
> licensing issue why we can't ?
>
> Thanks !
>
> Dave
I have ssh and friends building under my dev branch
for all platforms:
branches/developer/seanb_netbsd-4-0-RELEASE
cursory testing so far but I'm using it...
-seanb
|
|
|
Weijie Zhang(deleted)
02/25/2008 11:29 AM
post5239
|
I haven't heard any plan of that from Robert. However, for years we have
been providing customers how-to-porting both openssl and openssh for all
platforms. This is the current practical way of providing customers the
openssl and openssh.
The how-to is the summary (step by step) based on our ports which we checked
into product/lib/openssl and product/services/openssh. Recently Robert and I
provided a customer an updated how-to in which we use the latest release
code of openssl and openssh for all the platforms for illustration. If you
need it I can send you the how-to.
Thanks.
Weijie
-----Original Message-----
From: Sean Boudreau
Sent: February 25, 2008 11:14 AM
To: technology-networking
Subject: Re: openssh ?
> The source tree contains openssl, but not openssh code
>
> Are we going to provide ssh as part of this code base or is there some
> licensing issue why we can't ?
>
> Thanks !
>
> Dave
I have ssh and friends building under my dev branch
for all platforms:
branches/developer/seanb_netbsd-4-0-RELEASE
cursory testing so far but I'm using it...
-seanb
_______________________________________________
Technology
http://community.qnx.com/sf/go/post5238
|
|
|
Sean Boudreau(deleted)
02/26/2008 9:38 AM
post5264
|
On Mon, Feb 25, 2008 at 11:29:38AM -0500, Weijie Zhang wrote:
> I haven't heard any plan of that from Robert. However, for years we have
> been providing customers how-to-porting both openssl and openssh for all
> platforms. This is the current practical way of providing customers the
> openssl and openssh.
>
> The how-to is the summary (step by step) based on our ports which we checked
> into product/lib/openssl and product/services/openssh. Recently Robert and I
> provided a customer an updated how-to in which we use the latest release
> code of openssl and openssh for all the platforms for illustration. If you
> need it I can send you the how-to.
>
What you're describing is the io-net state WRT ssh. This is
open development on a dev branch of that which may be
brought to the head. It's currently supported in the same
manner as the old: unofficially but now anyone can try it
out. Problem reports welcome.
-seanb
|
|
|
Weijie Zhang(deleted)
02/25/2008 11:31 AM
post5240
|
I haven't heard any plan of that from Robert. However, for years we have
been providing customers how-to-porting both openssl and openssh for all
platforms. This is the current practical way of providing customers the
openssl and openssh.
The how-to is the summary (step by step) based on our ports which we checked
into product/lib/openssl and product/services/openssh. Recently Robert and I
provided a customer an updated how-to in which we use the latest release
code of openssl and openssh for all the platforms for illustration. If you
need it I can send you the how-to.
Thanks.
Weijie
|
|
|
Dave Bott(deleted)
02/26/2008 10:48 AM
post5276
|
Why not just post it here ? It's usually a good idea to post these types of documents - either in the doc set, or as
tech notes (although these seem hard to search via google etc.) - otherwise almost no one will know that they are there.
..
Better yet, why not apply the changes and give the diffs back to those projects, so that they will build for QNX by
default ?
All good info though !
Dave
|
|
|
Weijie Zhang(deleted)
02/29/2008 10:00 AM
post5403
|
That is a good idea. Let mefirst attach the latest how-to here. Later I'll discuss with Robert about your suggestion.
The attached porting method is of using our GNUmake framework. The advantage of this kind of porting is that the way
makes a minimum change of original code. Of course, the disadvantage is also obvious as the GNUmake framework may not
work well if you are developing on Windows environment.
In fact, we had ported the openssl and openssh which have been being used both internal and the allowed outsides years
ago in a format of qnx make convention, that is, the same convention used when you compile such as the procnto. You may
find it internal tree. I remembered I had also summerized a how-to to that years ago, but let me check if I still have
it ;-).
|
|
|
Matthias Klein
09/29/2008 5:21 PM
post14204
|
Is there a howto for the latest openssh version (5.1p1) available ?
|
|
|
Weijie Zhang(deleted)
09/29/2008 5:23 PM
post14205
|
Now that everything is in io-pkt. You can simply replace the code under
the dist directory by the new one. Or I guess you are asking for the
howto for io-net?
Thanks
Weijie
-----Original Message-----
From: Matthias Klein [mailto:community-noreply@qnx.com]
Sent: September 29, 2008 5:21 PM
To: technology-networking
Subject: Re: openssh ?
Is there a howto for the latest openssh version (5.1p1) available ?
_______________________________________________
Technology
http://community.qnx.com/sf/go/post14204
|
|
|
Matthias Klein
09/29/2008 6:11 PM
post14207
|
|
|
|
Robert Craig
09/29/2008 6:23 PM
post14209
|
Out of curiosity, is there any reason why you don't want to use the
version of ssh which is already included in the repository today?
Robert.
-----Original Message-----
From: Matthias Klein [mailto:community-noreply@qnx.com]
Sent: Monday, September 29, 2008 6:12 PM
To: technology-networking
Subject: Re: RE: openssh ?
I try to build openssh for QNX 6.4 (M7) but make stops with some errors.
See the following thread:
http://community.qnx.com/sf/discussion/do/listPosts/projects.community/d
iscussion.qnx_software_development_platfor.topc4303
_______________________________________________
Technology
http://community.qnx.com/sf/go/post14207
|
|
|
Matthias Klein
09/30/2008 6:36 AM
post14216
|
In which repository is a openssh version available ?
Did I miss something ?
Do you mean openssh-3.5p1 from the 3rd-Party CD-ROM ?
I only want to get an current version running on 6.4 ...
|
|
|
Robert Craig
09/30/2008 7:50 AM
post14221
|
Hi Mathias;
We recently (in the last month or so) pulled the source code for ssh from NetBSD into the networking repository.
http://community.qnx.com/sf/scm/do/listRepositories/projects.networking/scm
(look under trunk/services/ssh, trunk/lib/ssh and crypto/dist/ssh)
I can't remember if it made it into the milestone 4 build or not, so you might have to build the full tree to get it.
Robert.
-----Original Message-----
From: Matthias Klein [mailto:community-noreply@qnx.com]
Sent: Tue 9/30/2008 6:36 AM
To: technology-networking
Subject: Re: RE: RE: openssh ?
In which repository is a openssh version available ?
Did I miss something ?
Do you mean openssh-3.5p1 from the 3rd-Party CD-ROM ?
I only want to get an current version running on 6.4 ...
_______________________________________________
Technology
http://community.qnx.com/sf/go/post14216
|
|
|
Matthias Klein
|
Re: RE: RE: RE: openssh ?
|
Matthias Klein
09/30/2008 12:59 PM
post14257
|
Re: RE: RE: RE: openssh ?
Does that openssh come with the next pre-release of SDP 6.4 (M8 ?) ?
|
|
|
Sean Boudreau(deleted)
|
Re: RE: RE: RE: openssh ?
|
Sean Boudreau(deleted)
09/30/2008 1:01 PM
post14258
|
Re: RE: RE: RE: openssh ?
On Tue, Sep 30, 2008 at 12:59:36PM -0400, Matthias Klein wrote:
> Does that openssh come with the next pre-release of SDP 6.4 (M8 ?) ?
No, it's not shipping. It's for the enjoyment of those
who build it themselves.
Regards,
-seanb
|
|
|
Matthias Klein
|
Re: RE: RE: RE: openssh ?
|
Matthias Klein
10/02/2008 5:08 PM
post14379
|
Re: RE: RE: RE: openssh ?
I have compiled openssh from the trunk repository on QNX 6.4 M7.
When I start sshd using the sshd_config file from the repository I get the following error:
/etc/ssh/sshd_config line 82: Unsupported option UsePam
If I comment the line, sshd works fine.
My problem is that I the password authentication don't works. I always get "Permission denied".
Public key authentication works fine.
Is there anything broken with the encryption between openssh and QNX passwd/shadow ?
Or do I have only a bad configuration file ? (I am new at SSH)
In the attachment are the compiled binaries and the config files.
|
|
|
Xiaodan Tang(deleted)
|
RE: RE: RE: RE: openssh ?
|
Xiaodan Tang(deleted)
10/02/2008 5:13 PM
post14380
|
RE: RE: RE: RE: openssh ?
Try to set "UsePrivilegeSeparation no" and see if that helps.
-xtang
> -----Original Message-----
> From: Matthias Klein [mailto:community-noreply@qnx.com]
> Sent: Thursday, October 02, 2008 5:08 PM
> To: technology-networking
> Subject: Re: RE: RE: RE: openssh ?
>
> I have compiled openssh from the trunk repository on QNX 6.4 M7.
>
> When I start sshd using the sshd_config file from the
> repository I get the following error:
>
> /etc/ssh/sshd_config line 82: Unsupported option UsePam
>
> If I comment the line, sshd works fine.
>
>
> My problem is that I the password authentication don't works.
> I always get "Permission denied".
>
> Public key authentication works fine.
>
>
> Is there anything broken with the encryption between openssh
> and QNX passwd/shadow ?
> Or do I have only a bad configuration file ? (I am new at SSH)
>
>
> In the attachment are the compiled binaries and the config files.
>
>
> _______________________________________________
> Technology
> http://community.qnx.com/sf/go/post14379
>
|
|
|
Matthias Klein
|
Re: RE: RE: RE: RE: openssh ?
|
Matthias Klein
10/02/2008 5:31 PM
post14381
|
Re: RE: RE: RE: RE: openssh ?
That option didn't change anything.
|
|
|
Sean Boudreau(deleted)
|
Re: RE: RE: RE: RE: openssh ?
|
Sean Boudreau(deleted)
10/11/2008 6:23 PM
post14898
|
Re: RE: RE: RE: RE: openssh ?
Please try the latest. Should be fixed.
-seanb
|
|
|
Robert Craig
|
RE: RE: RE: RE: openssh ?
|
Robert Craig
10/02/2008 6:58 PM
post14386
|
RE: RE: RE: RE: openssh ?
I've got a funny feeling that we might be hitting a difference between
BSD and neutrino with regards to the shadow password being required for
authentication. We'll have to investigate further.
Robert.
-----Original Message-----
From: Matthias Klein [mailto:community-noreply@qnx.com]
Sent: Thursday, October 02, 2008 5:08 PM
To: technology-networking
Subject: Re: RE: RE: RE: openssh ?
I have compiled openssh from the trunk repository on QNX 6.4 M7.
When I start sshd using the sshd_config file from the repository I get
the following error:
/etc/ssh/sshd_config line 82: Unsupported option UsePam
If I comment the line, sshd works fine.
My problem is that I the password authentication don't works. I always
get "Permission denied".
Public key authentication works fine.
Is there anything broken with the encryption between openssh and QNX
passwd/shadow ?
Or do I have only a bad configuration file ? (I am new at SSH)
In the attachment are the compiled binaries and the config files.
_______________________________________________
Technology
http://community.qnx.com/sf/go/post14379
|
|
|
Matthias Klein
|
Re: RE: RE: RE: RE: openssh ?
|
Matthias Klein
10/11/2008 10:00 PM
post14899
|
Re: RE: RE: RE: RE: openssh ?
Hello Sean,
now it is working fine.
Thanks for the help !
(In the attachment are the working binaries and configuration file.)
Best regards
Matthias
|
|
|
Daniel Fearon
|
Re: RE: RE: RE: RE: openssh ?
|
Daniel Fearon
04/21/2009 8:30 AM
post27583
|
Re: RE: RE: RE: RE: openssh ?
Hi guys,
I'm new to QNX but have some experience using OpenSSH in other standard unix-like systems (CentOS, RedHat, Fedora etc).
I took the tar file from the last post (thanks Matthias) and extracted the contents.
Are there any specific changes I need to make in the configuration files, for example "/etc/ssh/sshd_config" ?
I'm running a QNX host in Vmware and trying to SSH from my host machine running Red Hat. I can successfully SSH from QNX
guest to Linux host but (as yet) not vice-versa. Any help would be gratefully appreciated.
Thanks,
Dan
|
|
|
Sean Boudreau(deleted)
|
Re: RE: RE: RE: RE: openssh ?
|
Sean Boudreau(deleted)
04/21/2009 9:21 AM
post27603
|
Re: RE: RE: RE: RE: openssh ?
On Tue, Apr 21, 2009 at 08:30:12AM -0400, Daniel Fearon wrote:
> Hi guys,
>
> I'm new to QNX but have some experience using OpenSSH in other standard unix-like systems (CentOS, RedHat, Fedora etc)
. I took the tar file from the last post (thanks Matthias) and extracted the contents.
>
> Are there any specific changes I need to make in the configuration files, for example "/etc/ssh/sshd_config" ?
>
> I'm running a QNX host in Vmware and trying to SSH from my host machine running Red Hat. I can successfully SSH from
QNX guest to Linux host but (as yet) not vice-versa. Any help would be gratefully appreciated.
Of the top of my head, to set up sshd:
- Set up host heys
# mkdir -m 0755 /etc/ssh
# chown root:root /etc/ssh
# ssh-keygen -trsa -b2048 -f /etc/ssh/ssh_host_rsa_key -N ""
# ssh-keygen -tdsa -b1024 -f /etc/ssh/ssh_host_dsa_key -N ""
- Set up you /etc/ssh/sshd_config
- Set up /etc/group entry
# echo "sshd:x:7:" >> /etc/group
- Set up /etc/passwd entry
# echo "sshd:x:16:7:sshd:/var/chroot/sshd:/bin/false" >> /etc/passwd
Where '7' above is the same value as the /etc/gtoup entry
- Set up /var/chroot/sshd
# mkdir -pm 0755 /var/chroot/sshd
# chown root:root /var/chroot/sshd
- Try running it in debug
# /usr/sbin/sshd -ddd
|
|
|
|