Makefile.in contains updated files required
--HG-- extra : convert_revision : cc8a8c49dc70e632c352853a39801089b08149be
parents
CHANGES
0 → 100644
INSTALL
0 → 100644
Basic Dropbear build instructions: | ||
- First, edit options.h to choose user-defined features to choose, such as | ||
which ciphers/hashes you want, which forwarding you want, etc. | ||
- Edit debug.h if you want any debug options | ||
- Now configure Dropbear's host-specific options | ||
(if you are using a cvs copy, "autoconf; autoheader" first) | ||
./configure (optionally with --disable-zlib or --disable-syslog, | ||
or --help for other options) | ||
- Then compile and optionally install Dropbear: | ||
(the Makefile requires GNU make, if you want to make it portable, send me | ||
some patches) | ||
make | ||
make install (installs to /usr/local/sbin, /usr/local/bin by default) | ||
You need to generate server keys, this is one-off: | ||
./dropbearkey -t rsa -f dropbear_rsa_host_key | ||
./dropbearkey -t dss -f dropbear_dss_host_key | ||
or alternatively convert OpenSSH keys to Dropbear: | ||
./dropbearconvert openssh dropbear /etc/ssh/ssh_host_dsa_key dropbear_dss_host_key | ||
And you can now run the server. | ||
./dropbear | ||
or './dropbear -h' to get options. | ||
If the server is run as non-root, you most likely won't be able to allocate a | ||
pty, and you cannot login as any user other than that running the daemon | ||
(obviously). Shadow passwords will also be unusable as non-root. | ||
The Dropbear distribution includes a standalone version of OpenSSH's scp | ||
program. You can compile it with "make scp", you may want to change the path | ||
of the ssh binary, specified near the top of the scp.c file. By default | ||
the progress meter isn't compiled in to save space, you can enable it with | ||
"make scp-progress". | ||
============================================================================ | ||
Compiling with uClibc: | ||
Firstly, make sure you have at least uclibc 0.9.17, as getusershell() in prior | ||
versions is broken. Also note that you may get strange issues if your uClibc | ||
headers don't match the library you are running with, ie the headers might | ||
say that shadow password support exists, but the libraries don't have it. | ||
To compile for uClibc the following should work: | ||
rm config.cache | ||
CC=i386-uclib-gcc ./configure --disable-zlib | ||
make clean | ||
make | ||
make strip | ||
... and that should be it. You can use "make static" to make statically linked | ||
binaries, and it is advisable to strip the binaries too. If you're looking | ||
to make a small binary, you should remove unneeded ciphers and MD5, by | ||
editing options.h | ||
It is possible to compile zlib in, by copying zlib.h and zconf.h into a | ||
subdirectory (ie zlibincludes), and | ||
export CFLAGS="-Izlibincludes -I../zlibincludes" | ||
export LDFLAGS=/usr/lib/libz.a | ||
before ./configure and make. | ||
If you disable zlib, you must explicitly disable compression for the client - | ||
OpenSSH is possibly buggy in this regard, it seems you need to disable it | ||
globally in ~/.ssh/config, not just in the host entry in that file. | ||
You may want to manually disable lastlog recording when using uClibc, configure | ||
with --disable-lastlog. | ||
One common problem is pty allocation. There are a number of types of pty allocation which can be used -- if they work properly, the end result is the same for each type. Running configure should detect the best type to use automatically, however for some embedded systems, this may be incorrect. Some things to note: | ||
If your system expects /dev/pts to be mounted (this is a uClibc option), | ||
make sure that it is. | ||
Make sure that your libc headers match the library version you are using. | ||
If openpty() is being used (HAVE_OPENPTY defined in config.h) and it fails, | ||
you can try compiling with --disable-openpty. You will probably then need | ||
to create all the /dev/pty?? and /dev/tty?? devices, which can be | ||
problematic for devfs. In general, openpty() is the best way to allocate | ||
PTYs, so it's best to try and get it working. | ||
============================================================================ | ||
Public key auth: | ||
You can use ~/.ssh/authorized_keys in the same way as with OpenSSH, just put | ||
the key entries in that file. They should be of the form: | ||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwVa6M6cGVmUcLl2cFzkxEoJd06Ub4bVDsYrWvXhvUV+ZAM9uGuewZBDoAqNKJxoIn0Hyd0Nk/yU99UVv6NWV/5YSHtnf35LKds56j7cuzoQpFIdjNwdxAN0PCET/MG8qyskG/2IE2DPNIaJ3Wy+Ws4IZEgdJgPlTYUBWWtCWOGc= [email protected] | ||
You must make sure that ~/.ssh, and the key file, are only writable by the | ||
user. | ||
NOTE: Dropbear ignores authorized_keys options such as those described in the | ||
OpenSSH sshd manpage, and will not allow a login for these keys. |
LICENSE
0 → 100644
The majority of code is written by Matt Johnston, under the following license: | ||
Copyright (c) 2002,2003 Matt Johnston | ||
All rights reserved. | ||
Permission is hereby granted, free of charge, to any person obtaining a copy | ||
of this software and associated documentation files (the "Software"), to deal | ||
in the Software without restriction, including without limitation the rights | ||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
copies of the Software, and to permit persons to whom the Software is | ||
furnished to do so, subject to the following conditions: | ||
The above copyright notice and this permission notice shall be included in all | ||
copies or substantial portions of the Software. | ||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||
SOFTWARE. | ||
===== | ||
LibTomCrypt and LibTomMath are (c) Tom St Denis, under TDCAL (Tom Doesn't Care | ||
About Licenses) some files are from public domain sources, see | ||
libtomcrypt/legal.txt | ||
===== | ||
sshpty.c is taken from OpenSSH 3.5p1, | ||
Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland | ||
All rights reserved | ||
"As far as I am concerned, the code I have written for this software | ||
can be used freely for any purpose. Any derived versions of this | ||
software must be clearly marked as such, and if the derived work is | ||
incompatible with the protocol description in the RFC file, it must be | ||
called by a name other than "ssh" or "Secure Shell". " | ||
===== | ||
loginrec.c | ||
loginrec.h | ||
atomicio.h | ||
atomicio.c | ||
and strlcat() (included in util.c) are from OpenSSH 3.6.1p2, and are licensed | ||
under the 2 point BSD license. | ||
loginrec is written primarily by Andre Lucas, atomicio.c by Theo de Raadt. | ||
strlcat() is (c) Todd C. Miller | ||
===== | ||
Import code in keyimport.c is modified from PuTTY's import.c, licensed as | ||
follows: | ||
PuTTY is copyright 1997-2003 Simon Tatham. | ||
Portions copyright Robert de Bath, Joris van Rantwijk, Delian | ||
Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry, | ||
Justin Bradford, and CORE SDI S.A. | ||
Permission is hereby granted, free of charge, to any person | ||
obtaining a copy of this software and associated documentation files | ||
(the "Software"), to deal in the Software without restriction, | ||
including without limitation the rights to use, copy, modify, merge, | ||
publish, distribute, sublicense, and/or sell copies of the Software, | ||
and to permit persons to whom the Software is furnished to do so, | ||
subject to the following conditions: | ||
The above copyright notice and this permission notice shall be | ||
included in all copies or substantial portions of the Software. | ||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | ||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | ||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND | ||
NONINFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE | ||
FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF | ||
CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | ||
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
MULTI
0 → 100644
Makefile.in
0 → 100644
LTC=libtomcrypt/libtomcrypt.a | ||
LTM=libtommath/libtommath.a | ||
COMMONOBJS=dbutil.o common-session.o common-packet.o common-algo.o buffer.o \ | ||
common-kex.o dss.o bignum.o \ | ||
signkey.o rsa.o random.o common-channel.o \ | ||
common-chansession.o queue.o termcodes.o runopts.o \ | ||
loginrec.o atomicio.o x11fwd.o agentfwd.o localtcpfwd.o compat.o \ | ||
remotetcpfwd.o tcpfwd.o | ||
SVROBJS=svr-kex.o svr-packet.o svr-algo.o svr-auth.o sshpty.o \ | ||
svr-authpasswd.o svr-authpubkey.o svr-session.o svr-service.o \ | ||
svr-chansession.o svr-runopts.o svr-agentfwd.o | ||
CLIOBJS= | ||
OBJS=$(COMMONOBJS) $(SVROBJS) | ||
DROPBEAROBJS=main.o | ||
DROPBEARKEYOBJS=dropbearkey.o gendss.o genrsa.o | ||
CONVERTOBJS=dropbearconvert.o keyimport.o | ||
SCPOBJS=scp.o progressmeter.o atomicio.o scpmisc.o | ||
HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \ | ||
dss.h bignum.h signkey.h rsa.h random.h service.h auth.h authpasswd.h \ | ||
debug.h channel.h chansession.h debug.h config.h queue.h sshpty.h \ | ||
termcodes.h gendss.h genrsa.h authpubkey.h runopts.h includes.h \ | ||
loginrec.h atomicio.h x11fwd.h agentfwd.h localtcpfwd.h compat.h \ | ||
remotetcpfwd.h tcpfwd.h | ||
ALLOBJS=$(OBJS) $(DROPBEARKEYOBJS) $(DROPBEAROBJS) | ||
prefix=@[email protected] | ||
exec_prefix=${prefix} | ||
bindir=${exec_prefix}/bin | ||
sbindir=${exec_prefix}/sbin | ||
CC=@[email protected] | ||
LD=@[email protected] | ||
AR=@[email protected] | ||
RANLIB=@[email protected] | ||
STRIP=@[email protected] | ||
INSTALL=@[email protected] | ||
CFLAGS=-Ilibtomcrypt @[email protected] | ||
LIBS=$(LTC) $(LTM) @[email protected] | ||
LDFLAGS=@[email protected] | ||
# these are exported so that libtomcrypt's makefile will use them | ||
export CC | ||
export CFLAGS | ||
export RANLIB AR STRIP | ||
all: dropbear dropbearkey dropbearconvert | ||
@echo | ||
@echo Run \"make strip\" if you want stripped binaries, | ||
@echo or \"make install\" to install to ${prefix} | ||
strip: | ||
-$(STRIP) dropbear | ||
-$(STRIP) dropbearkey | ||
-$(STRIP) dropbearconvert | ||
install: all | ||
$(INSTALL) -d -m 755 $(DESTDIR)$(sbindir) | ||
$(INSTALL) -d -m 755 $(DESTDIR)$(bindir) | ||
$(INSTALL) -m 755 dropbear $(DESTDIR)$(sbindir) | ||
$(INSTALL) -m 755 dropbearkey $(DESTDIR)$(bindir) | ||
$(INSTALL) -m 755 dropbearconvert $(DESTDIR)$(bindir) | ||
# chown might fail, so do it separately to the install | ||
-chown root $(DESTDIR)$(sbindir)/dropbear | ||
-chgrp 0 $(DESTDIR)$(sbindir)/dropbear | ||
-chown root $(DESTDIR)$(bindir)/dropbearkey | ||
-chgrp 0 $(DESTDIR)$(bindir)/dropbearkey | ||
-chown root $(DESTDIR)$(bindir)/dropbearconvert | ||
-chgrp 0 $(DESTDIR)$(bindir)/dropbearconvert | ||
static: dropbear-static dropbearkey-static dropbearconvert-static | ||
$(ALLOBJS): $(HEADERS) Makefile | ||
dropbear: $(DROPBEAROBJS) $(OBJS) $(HEADERS) Makefile $(LTC) $(LTM) | ||
$(LD) $(LDFLAGS) -o dropbear $(DROPBEAROBJS) $(OBJS) $(LIBS) | ||
dropbear-static: $(DROPBEAROBJS) $(OBJS) $(HEADERS) Makefile $(LTC) $(LTM) | ||
$(LD) $(LDFLAGS) -o staticdropbear $(DROPBEAROBJS) $(OBJS) $(LIBS) -static | ||
dropbearkey: $(OBJS) $(HEADERS) Makefile $(DROPBEARKEYOBJS) $(LTC) $(LTM) | ||
$(LD) $(LDFLAGS) -o dropbearkey $(DROPBEARKEYOBJS) \ | ||
$(OBJS) $(LIBS) | ||
dropbearkey-static: $(OBJS) $(HEADERS) Makefile $(DROPBEARKEYOBJS) $(LTC) $(LTM) | ||
$(LD) $(LDFLAGS) -o staticdropbearkey $(DROPBEARKEYOBJS) \ | ||
$(OBJS) $(LIBS) -static | ||
dropbearconvert: $(OBJS) $(HEADERS) Makefile $(CONVERTOBJS) $(LTC) $(LTM) | ||
$(LD) $(LDFLAGS) -o dropbearconvert $(CONVERTOBJS) $(OBJS) $(LIBS) | ||
dropbearconvert-static: $(OBJS) $(HEADERS) Makefile $(CONVERTOBJS) $(LTC) $(LTM) | ||
$(LD) $(LDFLAGS) -o staticdropbearconvert $(CONVERTOBJS) $(OBJS) $(LIBS) \ | ||
-static | ||
multi: dropbearmulti | ||
dropbearmulti: $(HEADERS) $(OBJS) $(LTC) $(LTM) $(CONVERTOBJS) \ | ||
$(DROPBEARKEYOBJS) $(DROPBEAROBJS) dbmulti.o | ||
$(LD) $(LDFLAGS) -o dropbearmulti $(OBJS) $(LTM) $(LTM) $(CONVERTOBJS) \ | ||
$(DROPBEARKEYOBJS) $(DROPBEAROBJS) dbmulti.o $(LIBS) | ||
@echo "You should now create symlinks to the programs you have included" | ||
@echo "ie 'ln -s dropbearmulti dropbear'" | ||
dropbearmultistatic: $(HEADERS) $(OBJS) $(LTC) $(LTM) $(CONVERTOBJS) \ | ||
$(DROPBEARKEYOBJS) $(DROPBEAROBJS) dbmulti.o | ||
$(LD) $(LDFLAGS) -o staticdropbearmulti $(OBJS) $(LTM) $(LTM) \ | ||
$(CONVERTOBJS) $(DROPBEARKEYOBJS) $(DROPBEAROBJS) \ | ||
dbmulti.o $(LIBS) -static | ||
@echo "You should now create symlinks to the programs you have included" | ||
@echo "ie 'ln -s dropbearmultistatic dropbear'" | ||
stripmulti: dropbearmulti | ||
-$(STRIP) dropbearmulti | ||
scp: $(SCPOBJS) Makefile | ||
$(LD) $(LDFLAGS) -o [email protected] $(SCPOBJS) | ||
# gnumake before 3.80 is broken. So this is uglyish | ||
scp-progress: atomicio.o scpmisc.o $(HEADERS) Makefile | ||
-rm scp.o progressmeter.o | ||
$(MAKE) CFLAGS="$(CFLAGS) -DPROGRESS_METER" scp.o progressmeter.o | ||
$(LD) $(LDFLAGS) -o [email protected] $(SCPOBJS) | ||
scpstatic: $(SCPOBJS) $(HEADERS) Makefile | ||
$(LD) $(LDFLAGS) -o [email protected] $(SCPOBJS) -static | ||
$(LTC): $(HEADERS) | ||
cd libtomcrypt && $(MAKE) clean && $(MAKE) | ||
$(LTM): $(HEADERS) | ||
cd libtommath && $(MAKE) | ||
ltc-clean: | ||
cd libtomcrypt && $(MAKE) clean | ||
ltm-clean: | ||
cd libtommath && $(MAKE) clean | ||
sizes: dropbear | ||
objdump -t dropbear|grep ".text"|cut -d "." -f 2|sort -rn | ||
clean: ltc-clean ltm-clean | ||
-rm -f dropbear dropbear dropbearkey staticdropbear staticdropbearkey | ||
-rm -f dropbearconvert staticdropbearconvert scp scp-progress scpstatic | ||
-rm -f dropbearmulti dropbearmultistatic | ||
-rm -f *.o *.da *.bb *.bbg *.prof | ||
distclean: clean tidy | ||
-rm -f Makefile config.h | ||
tidy: | ||
-rm -f *~ *.gcov */*~ |
README
0 → 100644
This is Dropbear, a smallish SSH 2 server. | ||
INSTALL has compilation instructions. | ||
MULTI has instructions on making a multi-purpose binary (ie a single binary | ||
which performs multiple tasks, to save disk space) | ||
SMALL has some tips on creating small binaries. | ||
See TODO for a few of the things I know need looking at, and please contact | ||
me if you have any questions/bugs found/features/ideas/comments etc :) | ||
Matt Johnston | ||
[email protected] |
SMALL
0 → 100644