一、移植环境
1、 ubuntu 12.04主机
2、 基于TI AM3354的tq335xb开发板
3、 编译工具arm-linux-gcc:
$arm-linux-gcc -v
Usingbuilt-in specs.
Target:arm-embedsky-linux-gnueabi
Configuredwith: /opt/EmbedSky/build-croostools/.build/src/gcc-4.4.6/configure--build=i686-build_pc-linux-gnu --host=i686-build_pc-linux-gnu--target=arm-embedsky-linux-gnueabi --prefix=/opt/EmbedSky/4.4.6--with-sysroot=/opt/EmbedSky/4.4.6/arm-embedsky-linux-gnueabi/embedsky--enable-languages=c,c++ --disable-multilib --with-arch=armv7-a--with-cpu=cortex-a8 --with-tune=cortex-a8 --with-fpu=neon --with-float=softfp--with-pkgversion='for TQ210 EmbedSky Tech'--with-bugurl=http://www.embedsky.net --disable-sjlj-exceptions--enable-__cxa_atexit --disable-libmudflap --disable-libgomp --disable-libssp--with-gmp=/opt/EmbedSky/build-croostools/.build/arm-embedsky-linux-gnueabi/build/static--with-mpfr=/opt/EmbedSky/build-croostools/.build/arm-embedsky-linux-gnueabi/build/static--with-mpc=/opt/EmbedSky/build-croostools/.build/arm-embedsky-linux-gnueabi/build/static--with-ppl=no --with-cloog=no --with-host-libstdcxx='-static-libgcc-Wl,-Bstatic,-lstdc++,-Bdynamic -lm' --enable-threads=posix --enable-target-optspace--without-long-double-128--with-local-prefix=/opt/EmbedSky/4.4.6/arm-embedsky-linux-gnueabi/embedsky--disable-nls --enable-c99 --enable-long-long
Threadmodel: posix
gcc version 4.4.6 (for TQ210 EmbedSky Tech)
二、下载源码包
地址如下:
openssh(openssh-7.2p1.tar.gz) http://www.openssh.com/portable.html
openssl(openssl-1.0.1s.tar.gz) http://www.openssl.org/source
zlib(zlib-1.2.8.tar.gz) http://www.zlib.net/
三、准备工作
1、建立安装目录与解压源码
cd /home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/
mkdir ssh
cd ssh
mkdir compressed install source
cp /mnt/hgfs/gx/openss*/mnt/hgfs/gx/zlib-1.2.8.tar.gz compressed/
cdcompressed/
tar zxvfopenssh-7.2p1.tar.gz -C ../source
tar zxvfzlib-1.2.8.tar.gz -C ../source
tar zxvfopenssl-1.0.1s.tar.gz -C ../source
cd ..
2、建立与交叉编译工具一样的zlib,原因是开发板已存在此库libz-1.2.3
$cd /home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install
$mkdirinclude lib
$cd /home/lyf/sdb2/working/suntrun_company/opt/ti3354/tool/opt/EmbedSky/4.4.6/arm-embedsky-linux-gnueabi/embedsky/usr/lib
$cp libz.so*/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/lib/
$cd../include
$cp zlib.hzconf.h/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/include/
3、建立nfs挂载目录/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/ti3358_mount_file
四、编译源码
1、编译zlib-1.2.8
cd source/
cdzlib-1.2.8/
./configure--prefix=/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.8
#vi Makefile
CC=arm-linux-gcc
LDSHARED=arm-linux-gcc-shared -Wl,-soname,libz.so.1,--version-script,zlib.map
AR=arm-liunx-ar
CPP=arm-liunux-gcc-E
make
make install
2、编译openssl-1.0.1s
cd../openssl-1.0.1s
#./Configure--prefix=/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s –fPIC os/compiler:arm-linux-gcc
#make
#makeinstall
3、 编译openssh
#cd/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/source/openssh-7.2p1
#./configure--host=arm-embedsky-linux-gnueabi --with-libs--with-zlib=/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3 --with-ssl-dir=/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s--disable-etc-default-login CC=arm-linux-gcc AR=arm-linux-ar
#make
注:不用make install
五、启动开发板
1、确保目标板上有以下目录,若没有,则新建:
/usr/local/bin/
/usr/local/sbin/
/usr/local/etc/
/usr/local/libexec/
/var/run/
/var/empty/
2、从Ubuntu主机上将以下文件拷贝到目标板Linux系统中
Ubuntu主机 /home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/source/openssh-7.2p1目录下的
scp sftp ssh ssh-add ssh-agent ssh-keygen ssh-keyscan 拷贝到目标板/usr/local/bin
modulissh_config sshd_config拷贝到目标板/usr/local/etc
sftp-server ssh-keysign 拷贝到目标板 /usr/local/libexec
sshd 拷贝到目标板 /usr/local/sbin/
3、生成Key文件
在Ubuntu主机 /home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/source/openssh-7.2p1目录下运行:
ssh-keygen-t rsa -f ssh_host_rsa_key -N ""
ssh-keygen-t dsa -f ssh_host_dsa_key -N ""
ssh-keygen-t ecdsa -f ssh_host_ecdsa_key -N ""
ssh-keygen-t dsa -f ssh_host_ed25519_key -N ""
将生成的 ssh_host_*_key这4个文件copy到目标板的 /usr/local/etc/目录下
4、修改目标板passwd文件
在/etc/passwd 中添加下面这一行
sshd:x:74:74:Privilege-separatedSSH:/var/empty/sshd:/sbin/nologin
注:文件的拷贝先拷贝到主机的nfs目录,再从开发板拷贝到相应的目录
六、测试
1、主机测试:主机登录成功后的现象:
lyf@ubun:~/sdb2/working/suntrun_company/opt/arm-avdecc/ti3358_mount_file$ssh [email protected]
[email protected]'s password:
[root@EmbedSky /]# ls
bin etc init linuxrc mnt proc sbin sys udisk var working
dev home lib lost+found opt root sddisk tmp usr web
[root@EmbedSky /]#
2、putty测试:
putty登录登录成功后的现象:
七、开机自启sshd:
在/etc/init.d/rcS最后添加一行/etc/local/sbin/sshd
至此,openssh已经成功移植到了tq335xb开发板上了。
八、移植问题汇总
1、配置openssh时无法导入openssl库的信息
现象:
Infile included from openssl-compat.c:34:
openssl-compat.h:33:3: error:#error OpenSSL 0.9.8f or greater is required
make[1]:*** [openssl-compat.o] Error 1
原因:./configure配置--with-ssl-dir无效
解决方法:
修改 Makefile、openbsd-compat/Makefile、openbsd-compat/regress/Makefile中所有的-I/usr/local/ssl/include为/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/include,-L/usr/local/ssl/lib 为
/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib
2、编译openssh出错
问题现象:
arm-linux-gcc-o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.osshconnect2.o mux.o -L. -Lopenbsd-compat/-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/lib -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-all -pie-lssh -lopenbsd-compat -lcrypto -lrt -ldl -lutil -lz -lcrypt-lresolv
/home/lyf/sdb2/working/suntrun_company/opt/ti3354/tool/opt/EmbedSky/4.4.6/bin/../lib/gcc/arm-embedsky-linux-gnueabi/4.4.6/../../../../arm-embedsky-linux-gnueabi/bin/ld:/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib/libcrypto.a(cversion.o):relocation R_ARM_MOVW_ABS_NC against `a local symbol' can not be used whenmaking a shared object; recompile with -fPIC
/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib/libcrypto.a:could not read symbols: Bad value
collect2:ld returned 1 exit status
make:*** [ssh] Error 1
lyf@ubun:~/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/source/openssh-7.2p1$
解决:增加-fPIC编译选项
./Configure--prefix=/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s -fPIC os/compiler:arm-linux-gcc
make
makeinstall
重新编译openssh通过,如下
...
arm-linux-gcc-o ssh-agent ssh-agent.o ssh-pkcs11-client.o -L. -Lopenbsd-compat/-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/lib -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-all -pie-lssh -lopenbsd-compat -lcrypto -lrt -ldl -lutil -lz -lcrypt -lresolv
arm-linux-gcc-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security-Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv-fno-builtin-memset -fstack-protector-all -fPIE -I. -I.-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/include-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/include -DSSHDIR=\"/usr/local/etc\"-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"-D_PATH_SSH_PIDDIR=\"/var/run\"-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c scp.c -oscp.o
scp.c:In function 'lostconn':
scp.c:1356:warning: ignoring return value of 'write', declared with attributewarn_unused_result
arm-linux-gcc-o scp scp.o progressmeter.o bufaux.o -L. -Lopenbsd-compat/-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/lib -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-all -pie-lssh -lopenbsd-compat -lcrypto -lrt -ldl -lutil -lz -lcrypt -lresolv
arm-linux-gcc-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security-Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv-fno-builtin-memset -fstack-protector-all -fPIE -I. -I.-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/include-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/include -DSSHDIR=\"/usr/local/etc\"-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"-D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\"-DHAVE_CONFIG_H -c sftp.c -o sftp.o
sftp.c:In function 'cmd_interrupt':
sftp.c:239:warning: ignoring return value of 'write', declared with attributewarn_unused_result
arm-linux-gcc-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security-Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv-fno-builtin-memset -fstack-protector-all -fPIE -I. -I.-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/include-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/include -DSSHDIR=\"/usr/local/etc\"-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"-D_PATH_SSH_PIDDIR=\"/var/run\"-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -csftp-server-main.c -o sftp-server-main.o
arm-linux-gcc-o sftp-server sftp-server.o sftp-common.o sftp-server-main.o -L.-Lopenbsd-compat/-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/lib -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-all -pie-lssh -lopenbsd-compat -lcrypto -lrt -ldl -lutil -lz -lcrypt -lresolv
arm-linux-gcc-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security-Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv-fno-builtin-memset -fstack-protector-all -fPIE -I. -I.-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/include-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/include -DSSHDIR=\"/usr/local/etc\"-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"-D_PATH_SSH_PIDDIR=\"/var/run\"-D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -csftp-client.c -o sftp-client.o
arm-linux-gcc-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security-Wno-pointer-sign -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv-fno-builtin-memset -fstack-protector-all -fPIE -I. -I.-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/include-I/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/include -DSSHDIR=\"/usr/local/etc\"-D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\"-D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\"-D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\"-D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\"-D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\"-DHAVE_CONFIG_H -c sftp-glob.c -o sftp-glob.o
arm-linux-gcc-o sftp progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o -L.-Lopenbsd-compat/-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/openssl-1.0.1s/lib-L/home/lyf/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/install/zlib-1.2.3/lib -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-all -pie-lssh -lopenbsd-compat -lcrypto -lrt -ldl -lutil -lz -lcrypt-lresolv
lyf@ubun:~/sdb2/working/suntrun_company/opt/arm-avdecc/lib/ssh/source/openssh-7.2p1$
3、在目标板上运行无法启动sshd:
现象:
[root@EmbedSkyetc]# /usr/local/sbin/sshd
Couldnot load host key: /usr/local/etc/ssh_host_ed25519_key<<<问题
解决:
在生成key的时候再生成ssh-keygen-t dsa -f ssh_host_ed25519_key -N ""并拷贝到开发板的目录/usr/local/etc/后chmod 600/usr/local/etc/ssh_host_ed25519_key
4、主机或putty无法登录
现象:
主机上:
[email protected]'spassword:
Permissiondenied, please try again.
[email protected]'spassword:
Permissiondenied, please try again.
[email protected]'spassword:
Permissiondenied (publickey,password,keyboard-interactive).<<<密码正确后登录出现的问题;
原因:
Thisis because your user doesn't have the their own keys shared in the'~/.ssh/authorized_keys' file.If you read through your config, you'll see thatyou've got "PasswordAuthentication no".This means, no matter what,you won't be asked for a password.a warrior never quits
问题的解决:修改/usr/local/etc/sshd_config文件内容如下:
1、将PasswordAuthentication yes前的注释#去掉;
2、将#PermitRootLogin prohibit-password改为PermitRootLoginyes。
修改后重启/usr/local/sbin/sshd即可。