lfs/BMLFS
1
0
Fork 0
mirror of https://github.com/dslm4515/BMLFS.git synced 2025-08-20 14:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3fd68cf18449a3a57d05142128626096f9641160
BMLFS/build-scripts/openssh.build
dslm4515 4e48d886db Upgraded OpenSSH from 9.7p1 to 10.0p1
2025-06-20 17:28:10 -05:00

161 lines
6.1 KiB
Bash
Raw Blame History

#! /bin/bash
# OpenSSH
# Source: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-10.0p1.tar.gz
#
# DEPS
# Required: NONE
# Recommended: NONE
# Optional: GDB(for tests), Linux-PAM, X Window System, MIT Kerberos V5,
# Optional: libedit, LibreSSL Portable, OpenSC, and libsectok
# LTO: LLVM works, untested with GCC+binutils
# If optimizing, use these flags
# Recommended to not use LTO
export CFLAGS="-march=native -mtune=native -pipe "
export CFLAGS+="-O3 -fno-lto -fstack-protector-strong -fzero-call-used-regs=used "
#export LDFLAGS="-Wl,-O2 -Wl,--as-needed "
export PVER="10.0p1"
# Create directories with correct permissions & ownership
sudo -S install -v -m700 -d /var/lib/sshd
sudo -S chown -v root:sys /var/lib/sshd
# Create user & group
sudo -S groupadd -g 50 sshd
sudo -S useradd -c 'sshd PrivSep' \
-d /var/lib/sshd \
-g sshd \
-s /bin/false \
-u 50 sshd
autoreconf -fiv &&
# If OpenSSL was built:
export OPTARGS="--with-ssl-dir=/opt/openssl "
export OPTFLAGS="-I/opt/openssl/include -L/opt/openssl/lib "
export OPTLDF="-Wl,--rpath=/opt/openssl/lib "
LDFLAGS=$OPTLDF \
CFLAGS=$OPTFLAGS \
LIBS="-lutmps -lskarnet" \
ac_cv_header_sys_cdefs_h=false \
./configure --prefix=/usr \
--sysconfdir=/etc/ssh \
--with-privsep-path=/var/lib/sshd \
--with-pam --with-libedit \
--with-Werror \
--without-selinux \
--without-rpath \
--with-ssl-engine \
--enable-wtmpx \
--with-Werror=no $BT $OPTARGS --with-cflags --with-ldflags &&
read -p "Compile? " && make -j2 &&
read -p "Press Enter to install" &&
# if not using a package manager:
# make install
unset OPTARGS OPTFLAGS OPTLDF
# if using pkgtools from Slackware, then:
sudo -S make DESTDIR=$BUILD install &&
# If packing documentation and man pages in seperate package:
sudo mkdir -pv /BMAN/install
sudo mkdir -pv /BMAN/usr/share/man/man1
sudo install -v -m755 -d /BMAN/usr/share/doc/openssh-9.7p1
sudo install -v -m644 contrib/ssh-copy-id.1 \
/BMAN/usr/share/man/man1
sudo install -v -m644 INSTALL LICENCE OVERVIEW README* \
/BMAN/usr/share/doc/openssh-8.9p1
sudo -S mkdir -pv ${BUILD}/usr/bin &&
sudo -S install -v -m755 contrib/ssh-copy-id ${BUILD}/usr/bin &&
sudo -S sed -i ${BUILD}/etc/ssh/sshd_config \
-e 's|^#\(UsePAM\) no|\1 yes|g' \
-e 's|^#\(ChallengeResponseAuthentication\) yes|\1 no|g' \
-e 's|^#\(PrintMotd\) yes|\1 no|g' &&
read -p "Press Enter to create pakage description."
cd $BUILD && sudo mkdir -v install &&
cat > /tmp/slack-desc << "EOF"
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|' on
# the right side marks the last column you can put a character in. You must make
# exactly 11 lines for the formatting to be correct. It's also customary to
# leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
openssh: openssh (Secure Shell daemon and clients)
openssh:
openssh: ssh (Secure Shell) is a program for logging into a remote machine and
openssh: for executing commands on a remote machine. It is intended to replace
openssh: rlogin and rsh, and provide secure encrypted communications between
openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is
openssh: the daemon program for ssh. OpenSSH is based on the last free version
openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron
openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and
openssh: Dug Song. It has a homepage at http://www.openssh.com/
openssh:
EOF
sudo mv /tmp/slack-desc install/ &&
cat > /tmp/doinst.sh << "EOF"
chown -v root:sys /var/lib/sshd &&
echo "Adding sshd user..."
groupadd -g 50 sshd &&
useradd -c 'sshd PrivSep' \
-d /var/lib/sshd \
-g sshd \
-s /bin/false \
-u 50 sshd
echo "Generating host keys.."
ssh-keygen -A
EOF
sudo -S cp -v /tmp/doinst.sh install/
# skip if not using PAM
sudo -S mkdir -v etc/pam.d
sudo -S sh -c "sed 's@d/login@d/sshd@g' /etc/pam.d/login > etc/pam.d/sshd" &&
sudo -S chmod 644 etc/pam.d/sshd &&
sudo -S sh -c 'echo "UsePAM yes" >> etc/ssh/sshd_config'
# If packing documentation and man pages in seperate package:
sudo cp -rv usr/share/man /BMAN/usr/share/
sudo rm -rf usr/share
read -p "Enter to build package" &&
sudo makepkg -l y -c n $PKGS/openssh-$PVER-$PSUFFIX
cd /BMAN
cat > /tmp/slack-desc << "EOF"
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|' on
# the right side marks the last column you can put a character in. You must make
# exactly 11 lines for the formatting to be correct. It's also customary to
# leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
openssh-doc: Manuals for openssh (Secure Shell daemon and clients)
openssh-doc:
openssh-doc: ssh (Secure Shell) is a program for logging into a remote machine and
openssh-doc: for executing commands on a remote machine. It is intended to replace
openssh-doc: rlogin and rsh, and provide secure encrypted communications between
openssh-doc: two untrusted hosts over an insecure network. sshd (SSH Daemon) is
openssh-doc: the daemon program for ssh. OpenSSH is based on the last free version
openssh-doc: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron
openssh-doc: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and
openssh-doc: Dug Song. It has a homepage at http://www.openssh.com/
openssh-doc:
EOF
sudo mv /tmp/slack-desc install/
sudo makepkg -l y -c n $PKGS/openssh-doc-$PVER-${PSUFFIX}
sudo rm -rf /BMAN/*
isudo rm -rf $BUILD/*
Reference in New Issue View Git Blame Copy Permalink