http://blog.sina.com.cn/s/blog_7f2a9a390100ww2y.html
1》下载需要的源码
下载zlib: zlib-1.2.9.tar.gz http://www.zlib.net
下载ssl : openssl-1.0.1p.tar.gz http://www.openssl.org/source/
下载ssh : openssh-4.6p1.tar.gz http://mirror.aarnet.edu.au/pub/OpenBSD/OpenSSH/portable/
2、编译zlib
tar zxvf zlib-1.2.9.tar.gz
cd zlib-1.2.9/
./configure –prefix=/home/arm/sshwork/lib/zlib-1.2.9
修改Makefile :
CC=arm-linux-gnueabihf-gcc
LDSHARED=arm-linux-gnueabihf-gcc -shared -Wl,-soname,libz.so.1,--version-script,zlib.map
CPP=arm-linux-gnueabihfgcc -E
AR=arm-linux-gnueabihf-ar
ARFLAGS=rc
RANLIB=arm-linux-gnueabihf-ranlib
make
make install
2、编译openssl
./Configure linux-armv4 shared no-asm --prefix=/home/arm/sshwork/lib/openssl-101p --cross-compile-prefix=arm-linux-gnueabihf-
./config no-asm shared --prefix=/home/rebi/cross_tools/build_openssl-1.0.1c/_install
找到有-m64的地方,全删之(共2处)
make
make install
3、交叉编译 oenssh
./configure --host=arm-linux-gnueabihf --with-zlib=/home/arm/sshwork/lib/zlib1.2.9 --with-ssl-dir=/home/arm/sshwork/lib/openssl-101p --disable-etc-default-login CC=arm-linux-gnueabihf-gcc AR=arm-linux-gnueabihf-ar
make
##不要make install
确保目标板上有以下目录,如果没有,则新建(目录层次很重要,不要改变)
/usr/sbin
/usr/local/bin
/usr/local/libexec
/usr/local/etc/
1、在 openssh-4.6p1 目录下创建 usr bin 目录,文件临时拷贝到这里,然后统一打包到开发板
cd openssh-4.6p1
mkdir -p bin
mkdir -p usr/sbin
mkdir -p usr/local/bin
mkdir -p usr/local/libexec
mkdir -p usr/local/etc
#sshd 工作目录
mkdir -p var/run
mkdir -p var/empty/sshd
chmod 777 /var/empty/sshd
2、将 openssh-4.6p1目录下的 sshd 拷贝到 目标板的 /usr/sbin 目录下
cp sshd ./usr/sbin
3、将 copy scp sftp ssh ssh-add ssh-agent ssh-keygen ssh-keyscan 到目标板/usr/local/bin目录下
cp scp sftp ssh ssh-add ssh-agent ssh-keygen ssh-keyscan ./usr/local/bin
4、将 sshd_config ssh_config 拷贝到 /usr/local/etc/ 目录下
cp sshd_config ssh_config ./usr/local/etc
5、将 sftp-server ssh-keysign 到 /usr/local/libexec
cp sftp-server ssh-keysign ./usr/local/libexec
6、在主机上生成密钥
ssh-keygen -t rsa -f ssh_host_rsa_key -N ""
ssh-keygen -t dsa -f ssh_host_dsa_key -N ""
ssh-keygen -t ecdsa -f ssh_host_ecdsa_key -N ""
ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N ""
将生成的 ssh_host_*_key这3个文件copy到./usr/local/etc/目录下
cp ssh_host_* ./usr/local/etc/
error:
Could not load host key: /usr/local/etc/ssh_host_rsa_key
7、在开发板 bin 目录下创建软连接
ln -s /usr/local/bin/scp
ln -s /usr/local/bin/sftp
ln -s /usr/local/bin/ssh
ln -s /usr/local/bin/ssh-add
ln -s /usr/local/bin/ssh-agent
ln -s /usr/local/bin/ssh-keygen
ln -s /usr/local/bin/ssh-keyscan
8、打包
mkdir ../final
cp -r bin usr ../final
cd ../final
tar czvf openssh.tgz ./
将 openssh.tgz 拷贝到开发板根目录解压
9、开发板解压
tar xvf openssh.tgz
将开发板/usr/local/etc/sshd_config,将PermitRootLogin yes前的注释“#”号去掉
然后修改密码:
以root身份登陆,执行:
# passwd 用户名 (修改密码)
# useradd 用户名 (添加用户)
具体示例如下:[root@bogon ~]# passwd root
10、启动
10、测试
开发板 /usr/sbin/sshd
ps 可以看到 /usr/sbin/sshd
主机: $ ssh root@192.168.1.17
一开始提示密钥啥玩意,输入yes再输入密码就可以登录了,也可以直接用windows下的secure crt
开机启动 需要修改密码
/etc/init.d/rcS中加入你的程序或者脚本命令就可以实现开机自动运行
想在超级终端输入回车,登录后执行,则可以在/etc/profile中加入命令
嵌入式linux/etc/init.d.rcS文件解读
https://blog.csdn.net/weixin_34341117/article/details/91606917
error Privilege separation user sshd does not exist
方法一(推荐):
修改/etc/passwd文件,在其中加入
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
或者
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
我加入的是:
sshd:x:109:65534::/var/run/sshd:/usr/sbin/nologin
参考
http://www.unixguide.net/comments/sun/ssh_installation.shtml/37.shtml
http://www.gipsky.com/modules/newbb/viewtopic.php?topic_id=966
方法二(不推荐):
修改/etc/ssh/sshd_config文件
将其中
UsePrivilegeSeparation yes
修改为
UsePrivilegeSeparation no
虽然能解决问题,但是降低了ssh的安全级别。
解决VS2019不能连接armlinux的问题
改为实际的sftp-server路径
tar zxvf openssh-7.9p1.tar.gz
configure: error: *** zlib.h missing - please install first or check config.log ***
A.交叉编译zlib库
下载zlib源码包(http://www.zlib.net/下载最新版或设备中使用的版本)
tar xzvf zlib-1.2.11.tar.gz
cd zlib-1.2.11
export CC=aarch64-linux-gnu-gcc # 编译器-进行对应修改
./configure --prefix=/usr/local/zlib # 指定编译目录
make & make install
编译成功后/usr/local/zlib下应该有头文件和库文件
ssh-keygen: symbol lookup error: ssh-keygen: undefined symbol: EVP_aes_128_ctr
把openssl 中的库文件复制到lib文件夹下
configure: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***
在OpenSSL的Makefile中的CFLAG项中加入-fPIC
root@am335x:/usr/local/etc# ln -s /usr/local/openssh/bin/ssh-keygen
ln: ssh-keygen: File exists
Generating public/private rsa key pair.
*** glibc detected *** ssh-keygen: free(): invalid pointer: 0x4036bcd8 ***
Aborted
编译openssl ./Configure linux-armv4
Privilege separation user sshd does not exist
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
root@am335x:/usr/sbin# /usr/sbin/sshd
key_parse_private_pem: RSA_blinding_on failed
Could not load host key: /usr/local/etc/ssh_host_rsa_key
buffer_get_bignum2_ret: BN_bin2bn failed
key_from_blob: can't read ecdsa key point
key_read: key_from_blob AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAWv6iPbwu8+5hnVVDd349RyAFYYObSyDd9NjW0s5L/N/dosTtSR+UR+TjvZXAL0UUtscom6+0Fd+ij6Ld5jqXc= root@VM-0-14-centos
failed
Could not load host key: /usr/local/etc/ssh_host_ecdsa_key
Could not load host key: /usr/local/etc/ssh_host_ed25519_key
Missing privilege separation directory: /var/empty
cd /usr/local/etc
chmod 700 ssh_host_*
错误
key_parse_private_pem: RSA_blinding_on failed
Could not load host key: /usr/local/etc/ssh_host_rsa_key
buffer_get_bignum2_ret: BN_bin2bn failed
key_from_blob: can't read ecdsa key point
key_read: key_from_blob AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDu7eg/Dl2NNlXsqVs3YBirZZmm+ml3rZJOy8dPgtOcIIsOIsZkQhypSrQasPgufTcGvGA2UKxSzBue1YYdedA= root@VM-0-14-centos
failed
Could not load host key: /usr/local/etc/ssh_host_ecdsa_key
error
errotould not load host key: /usr/local/etc/ssh_host_dsa_key
Could not load host key: /usr/local/etc/ssh_host_ecdsa_key
问题解析:在/usr/local/etc目录中没有相应等key。
解决办法:按照操作步骤,运行:
ssh-keygen -t dsa -f ssh_host_das_key -N ""
ssh-keygen -t ecdsa -f ssh_host_ecdas_key -N ""
生成ssh_host_das_key 和ssh_host_ecdas_key后复制到目标板/usr/local/etc/目录下。
ssh登录慢的问题
2.vi /etc/ssh/sshd_config (编辑配置文件)
3.输入 / ,查找GSSAPIAuthentication 赋值为no
4.输入 /,查找UseDNS,赋值为 no(该项默认不启用的,要把前面的#删除掉)
5.最后输入!wq保存文件并退出
6.重启systemctl restart sshd