1.下载zlib,wget http://www.zlib.net/zlib-1.2.12.tar.gz;
2.下载ssl,wget https://www.openssl.org/source/openssl-3.0.2.tar.gz
3.下载ssh,wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.9p1.tar.gz。
4.解压zlib库,新建一个zlib用于存放编译输出的文件,执行创建目录命令mkdir zlib,然后引入编译工具链的环境:export PATH=/home/zouyang/Nuvoton/Toolchain/arm_linux_4.8/bin:$PATH
5.配置编译编译工具,链接等
export CC=armarm-nuvoton-linux-uclibceabi-gcc
export LD=arm-nuvoton-linux-uclibceabi-ld
export AD=arm-nuvoton-linux-uclibceabi-as
6.配置编译输出的路径:
./configure --prefix=/home/zouyang/Nuvoton/app/zlib
7.此时生成一个Makefile文件,我们需要修改Makefile指定与路径无关,在如图所示位置添加-fPIC
8.编译安装make && make install
9.解压openssl:tar -zxf openssl-3.0.2.tar.gz
10.创建一个openssl目录用于保存编译生产的文件:mkdir openssl
11.配置编译工具:export CROSS_COMPILE=arm-nuvoton-linux-uclibceabi-
12.配置编译路径和变量:./Configure linux-armv4 shared no-asm no-async --prefix=/home/zouyang/Nuvoton/app/openssl-3.0.2/openssl
13.编译与安装make && make install
14.解压openssh,tar -zxf openssh-8.9.tar.gz
15.配置../configure --host=arm-nuvoton-linux-uclibceabi- --with-libs --with-zlib=/home/zouyang/Nuvoton/app/zlib --with-ssl-dir=/home/zouyang/Nuvoton/app/openssl --disable-etcdefault-login CC=arm-nuvoton-linux-uclibceabi-gcc AR=arm-nuvoton-linux-uclibceabi-ar
16.编译:make
17 在ge2000板子上面
创建mkdir -p /usr/local/bin,mkdir -p /usr/local/sbin,mkdir -p /usr/local/libexec/,mkdir -p /usr/local/etc,mkdir -p /var/empty/(一定要用mkdir -p)
将编译完成的文件分别复制到开发板目录下。
将scp、sftp、ssh、ssh-add、ssh-agent、ssh-keygen、ssh-keyscan复制到/usr/local/bin目录下;
将sshd复制到/usr/local/sbin目录下;
将moduli、ssh_config、sshd_config复制到/usr/local/etc目录下;
将sftp-server、ssh-keysign复制到 /usr/local/libexec目录下;
18.复制虚拟机开发环境的libatomic.so.1.0.0 然后ln -s 为libatomic.so.1,放在/lib下,复制libcrypto.so.3
19.修改etc目录下两个文件:
passwd:
root:x:0:0:root:/:/bin/sh
daemon:x:1:1:daemon:/usr/sbin:/bin/false
bin:x:2:2:bin:/bin:/bin/false
sys:x:3:3:sys:/dev:/bin/false
sync:x:4:100:sync:/bin:/bin/sync
mail:x:8:8:mail:/var/spool/mail:/bin/false
www-data:x:33:33:www-data:/var/www:/bin/false
operator:x:37:37:Operator:/var:/bin/false
nobody:x:65534:65534:nobody:/home:/bin/false
sshd:x:1000:1000:SSH drop priv user:/:/bin/false
shadow:
root:$1$dvxX/kiv$V9K0mzwtAXVBrIJO6Xe.j1:10933:0:99999:7:::
daemon:*:10933:0:99999:7:::
bin:*:10933:0:99999:7:::
sys:*:10933:0:99999:7:::
sync:*:10933:0:99999:7:::
mail:*:10933:0:99999:7:::
www-data:*:10933:0:99999:7:::
operator:*:10933:0:99999:7:::
nobody:*:10933:0:99999:7:::
sshd:*:::::::
20.在/etc/init.d/rcS中添加mkdir /dev/pts ,挂载devpts文件系统。mount -t devpts devpts /dev/pts.
21.生成密钥
在/usr/local/etc目录下:
/usr/local/bin/ssh-keygen -t rsa -f ssh_host_rsa_key -N ""
/usr/local/bin/ssh-keygen -t dsa -f ssh_host_dsa_key -N ""
/usr/local/bin/ssh-keygen -t ecdsa -f ssh_host_ecdsa_key -N ""
/usr/local/bin/ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N ""
22.添加ssh、sshd执行权限
23.修改sshd_config文件内容:
# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
#新增
Hostkey /usr/local/etc/ssh_host_rsa_key
Hostkey /usr/local/etc/ssh_host_ecdsa_key
Hostkey /usr/local/etc/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#修改
PubkeyAuthentication no
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#修改
PasswordAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords yes
# Change to no to disable s/key passwords
#KbdInteractiveAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the KbdInteractiveAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via KbdInteractiveAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and KbdInteractiveAuthentication to 'no'.
#UsePAM no
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
24 修改rcS
#新增
/usr/local/sbin/sshd &
扫一扫
1771
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
