| All Forums |
Register |
Login |
Search |
Subscriptions |
My Profile |
Inbox |
| Tool Warehouse |
FAQs |
Resources |
Help |
Member List |
Address Book |
Logout |
|
|
Problems building ssh; looks like bind is to blame?
|
Logged in as: Guest |
| Users viewing this topic: none |
|
Login  |
|
|
 Problems building ssh; looks like bind is to blame? - Apr. 5, '06, 4:45:59 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
After slogging through a few additional hacks to get this far, I am stuck in the following spot while trying to build openssh-4.3p2:
gcc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o -L. -Lopenbsd-compat/ -L/usr/local/ssl/lib -L/usr/local/lib/bind -lssh -lopenbsd-compat -lcrypto -lz -lbind
/usr/local/lib/bind/libbind.a(lcl_sv.o)(.text+0x54): In function `_sv_rewind':
g:\r2\base\sfupriv:12: undefined reference to `_dbopen'
collect2: ld returned 1 exit status
make: *** [ssh] Error 1
'man dbopen' on Interix does not find an entry, but it does on Linux. Is this a problem with bind, or a missing library, or...?
|
|
|
|
|
RE: Problems building ssh; looks like bind is to blame? - Apr. 5, '06, 4:58:50 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
You don't want those args with your build. You're getting the wrong BIND.
The BIND that ships with SFU is old and not so good. Don't use it.
Use the BIND from the /Tools warehouse. It has a number of Interix enhancements.
All of the /Tools BIND libraries will be in /usr/local/lib not /usr/local/bind/lib (for '-L').
|
|
|
|
|
RE: Problems building ssh; looks like bind is to blame? - Apr. 5, '06, 5:12:09 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
> ...once I figure out how to install it!
If you have the installer already installed the command is just:
"pkg_update -L bind"
|
|
|
|
|
RE: Problems building ssh; looks like bind is to blame? - Apr. 5, '06, 5:42:45 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
Nope, but just un-tar'ing the sucker looks like it worked OK. It built now; thanks! (Time to see if it runs.)
[EDIT] I get an error 'setsockopt IP_TOS 16: Invalid argument:' with ssh, but I can connect to remote hosts! [/EDIT]
If anyone else is trying to do this, I am using the sources from openssh.org. I had to configure with 'CPPFLAGS="-D_ALL_SOURCES -I/usr/local/include" LIBS="-lcrypt -lbind" LDFLAGS=-L/usr/local/lib ./configure [<optional other options like --prefix>]' to get around most of the headaches, and there were a few code changes I had to make (I might be forgetting some):
- In config.h, prior to building, make sure 'DISABLE_LOGIN' is defined (to avoid using the non-existant 'struct utmp').
- In some where that it will be picked up, '#define initgroups(a,b) 0' and '#define setgroups(a,b) 0', as Interix does not have these funcitons. This caused problems in sshd.c, session.c and uidswap, and could be placed in just those files.
- In log.h, move '__dead' from after the function parameter list to before the function type for fatal() and cleanup_exit(). This results in needing to add '__dead' to the actual definitions of these functions.
< Message edited by woehlkmp -- Apr. 5, '06, 5:44:40 PM >
|
|
|
|
 Can't log into sshd - Apr. 5, '06, 6:08:47 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
Ok, sshd starts up and lets me connect to it, but rejects login attempts (and seems to have a known_hosts other than ~/.ssh/known_hosts?). Any guesses?
I'm used to circumventing the password request because I'm going from one box to another where ~ is the same NFS volume (so password-less authentication works), but I'm guessing this is broken because my SUA box is using files from somewhere other than ~/.ssh (as mentioned above).
[EDIT] Yup, sshd -Dddd shows that it's failing to get the home directory, and is using '//.ssh/'. Is this something I can fix with user-manipulating tools, or a problem with how sshd tries to get home directories?
< Message edited by woehlkmp -- Apr. 5, '06, 6:20:10 PM >
|
|
|
|
|
RE: Can't log into sshd - Apr. 5, '06, 11:41:05 PM
|
|
|
markfunk
Posts: 670
Joined: Mar. 31, '03,
Status: offline
|
Ummm, any reason why you don't just purchase the SSH pkg from InteropSystems
where all the work has been done for you ?
Isn't all your time and effort really worth more than the $40 they are asking ?
I'm assuming that porting SSH to Interix is not trivial. There's all kinds of access perms,
process credentials, setuid() and password issues that are specific to Interix (because it has to run on
Windows security). These permission issues are very tricky to get working.
At least it was for the rsh/rlogin ports. And I'm told the ssh port is more complex.
Best of luck.
|
|
|
|
|
RE: Can't log into sshd - Apr. 5, '06, 11:56:58 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
And we still provide the basic OpenSSH version for free too (so no one panics).
The Interop SSH has extensions as noted on the web page for it.
Both versions are modified to work on Interix and then built against
a private library with some extensions so you can get full functionality.
Home directories are set as noted in the FAQ.
|
|
|
|
|
RE: Can't log into sshd - Apr. 6, '06, 10:21:55 AM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
I guess I just like software I've built myself. $40 (isn't it $60, now?) doesn't buy the same warm fuzzy feeling, nor does downloading a binary from a website that may or may not be "right" for my system. (What ever happened to the source code, anyway?) It would also mean going through an approval and acquisition process, waiting, etc.
"Not trivial?" I just fixed my home directory (thanks for the pointer to the FAQ, Rodney!), and I can log in now... IF I run sshd when I'm already logged in. That's probably something to do with the password checking being broken, but it's a limitation I can live with.
[EDIT] Typos... stupid shift key
|
|
|
|
|
Still can't log into sshd - Apr. 7, '06, 10:37:01 AM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
Oooookay. I had the brilliant notion of installing sshd from here. It seems to accept passwords now, but after that it drops the connection. If I try running it manually as 'sshd -Dddd', it gets as far as 'DISPLAY=localhost:0.0' and stalls long enough that I gave up and ctrl-C'd it. Futher, it has stopped reading my authorized_keys file (which the one I built had no problems doing... provided I ran it as 'me' so it had the correct file access permissions).
Can someone clue me in on fixing the password verificaiton myself so I can build a version that works? (Has anyone considered submitting Interix changes back to the maintainers so that future versions will build 'out of the box'?)
On a different note, why does it seem that none of the things I've built (openssl, zlib, etc) create .so's? Is this just the default behavior of 'configure', or do I need to 'make shared' or something, or it is something else?
|
|
|
|
|
RE: Still can't log into sshd - Apr. 7, '06, 1:49:54 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
> On a different note, why does it seem that none of the things I've built...
It's the default behavior of configure because the version of the software to
produce the configure doesn't have the "build shared library" information.
The information is already submitted. It's a matter of the projects updating
their versions of the configure software -- that's the GNU configure.
The OpenSSL config is different than the GNU based configure. I submitted
that a while back, but the format changed before it was applied to the base.
I'll actually supposed to resubmit this, but I've not had a chance.
|
|
|
|
|
RE: Still can't log into sshd - Apr. 7, '06, 1:56:05 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
Ok, thanks for the info!
|
|
|
|
|
Source for OpenSSH? - Apr. 12, '06, 4:00:33 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
Is there any hope of getting the sources that were used to build the /tools version of OpenSSH 4.3? Since switching to SFU 3.5, the sshd I downloaded from /tools doesn't do anything... literally. As in, '/usr/local/sbin/sshd -Dddd', which should be VERY noisy and wait in the fg for a connection, immediately dumps me back to a prompt with exactly zero output.
|
|
|
|
|
RE: Source for OpenSSH? - Apr. 12, '06, 4:27:21 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
Sorry, wrong binary got put in. It was one with a end-date.
The package is getting replaced/updated in a few minutes anyway for a
link against a new BIND (better /etc/resolv.conf & registry blend).
Actually, it's there now. So "pkg_update -L openssh" will fix it.
|
|
|
|
|
RE: Source for OpenSSH? - Apr. 12, '06, 6:26:58 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
Ok, that runs... but if I run it under the 'local system account', I can't log in (it takes my password and then drops the connection). Is this normal? It works if I run it under Administrator.
|
|
|
|
|
RE: Source for OpenSSH? - Apr. 13, '06, 1:36:03 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
DO NOT RUN IT AS A SERVICE (caps intended).
The sshd binary must run as the local Administrator.
The sshd should be run as a daemon. In the /etc/init.d
directory there is a startup script for it. Only the local
Administrator account has the right power to do everything correctly
(such as setting the user, etc.). This account is the equivalent to
a "root" account on other Unix systems.
< Message edited by Rodney -- Apr. 13, '06, 2:18:47 PM >
|
|
|
|
|
RE: Source for OpenSSH? - Apr. 13, '06, 2:12:58 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
Eeshk. Anyway. init.d does not run it, and having to log on to start it manually is not something I'm inclined to live with... and I believe that I mentioned I am running it as the local administrator (as a service, yes, but run as "Administrator").
Anyway, it seems to work just fine that way. I had to relax my permission bits on ~/.ssh and files therein a little more than I would have liked to get password-less login working, but my understanding is that that is caused by ~ being on NFS and how Window's NFS client handles permissions (ala "which may on some machines imply it being world-readable" as stated in the man page for sshd).
From your 99%-underlined post (methinks a '[/ u]' got lost?), I am going to guess that "setting the user, etc" is the explanation of my previous post?
|
|
|
|
|
RE: Source for OpenSSH? - Apr. 13, '06, 2:30:36 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
> From your 99%-underlined post (methinks a '[/ u]' got lost?), I am going to guess that "setting the user, etc" is the explanation of my previous post?
Yes, edited back now.
The scripts in /etc/init.d ("rc" scripts) are run at boot.
If you haven't rebooted then the scripts won't run of course.
When you do reboot at some point you may have two sshd's
running then which may be wonky (regular startup & the service).
|
|
|
|
|
RE: Source for OpenSSH? - Apr. 13, '06, 2:40:40 PM
|
|
|
woehlkmp
Posts: 102
Status: offline
|
I did reboot, of course, but I was not able to get it to run via init.d. Is there anything else I should know about running sshd as a service logged in as Administrator, or is this the time to follow "if it ain't broke, don't fix it"?
|
|
|
|
|
RE: Source for OpenSSH? - Apr. 13, '06, 4:05:02 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
Odd that it wouldn't have started.
The startup scritps are in a specific order to handle dependencies.
So syslogd should be starting before anything that uses it (e.g. sshd).
Via Services this can't be done because it's in Win32 world. Sshd should just
wait until that happens if I recall correctly; if syslogd never starts then
sshd won't continue.
It would still be good to have it start the "normal" way. If things are running okay
then, likely, things are okay. So, while not a panic, it would be good to track down
why it didn't start via the startup scripts. The reason may affect other daemons, etc.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
|
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
|
Printable Version
