码迷,mamicode.com
首页 > 其他好文 > 详细

S3C2416 移植ssh服务

时间:2015-04-24 10:35:25      阅读:255      评论:0      收藏:0      [点我收藏+]

标签:linux   ssh   2440 2416   

目的是实现远程对2416的管理配置和文件拷贝。

一  首先下载三个文件:openssh-4.6p1         openssl-0.9.8d         zlib-1.2.3
由于网络原因,源码未能从官网下载到,所以google下载的,推荐个国内google:(不知到能用多久技术分享

https://www.gotosearch.info/


二 编译配置

 1  编译zlib:

解压 tar zxvf zlib-1.2.3.tar.gz

   cd zlib-1.2.3

   ./configure --prefix=/home/hakits/shen_cloud/arm/fs/zlib-1.2.3

   修改Makefile:vim Makefile
   CC=gcc 改为: 
       CROSS=/usr/local/arm/3.4.1/bin/arm-linux-
  
     CC=$(CROSS)gcc 
       
LDSHARED=gcc 改为: LDSHARED=$(CROSS)gcc
       
CPP=gcc -E   改为:  CPP=$(CROSS)gcc -E
       
AR=ar rc     改为: AR=$(CROSS)ar rc
  开始编译: make;
           make install


2 编译openssl:

解压 tar xzvf openssl-0.9.8d.tar.gz

   cd openssl-0.9.8d

./Configure --prefix=/home/hakits/shen_cloud/arm/fs/openssl-0.9.8d os/compiler:/opt/EmbedSky/4.3.3/bin/arm-linux-gcc
make

make install


编译openssh:

 tar zxvf openssh-4.6p1.tar.gz

 cd openssh-4.6p1

./configure --host=arm-linux --with-libs --with-zlib=/home/hakits/shen_cloud/arm/fs/zlib-1.2.3  --with-ssl-dir=/home/hakits/shen_cloud/arm/fs/openssl-0.9.8d --disable-etc-default-login  CC=/opt/EmbedSky/4.3.3/bin/arm-linux-gcc AR=/opt/EmbedSky/4.3.3/bin/arm-linux-ar

make

#不要 make  install


三  安装到开发板上,我是用的tftp的方式传到开发板上的

   1  将 openssh-4.6p1目录下的 sshd 拷贝到 目标板的/usr/sbin目录下
   2  再copy scp  sftp  ssh  ssh-add  ssh-agent  ssh-keygen  ssh-keyscan  到目标板/usr/local/bin目录下
            copy sftp-server  ssh-keysign    到/usr/local/libexec
       
   3  在目标板下:
        mkdir -p /usr/local/etc/  
        然后将openssh下的sshd_config,ssh_config 拷贝到该目录下     

  mkdir -p /var/run; mkdir -p /var/empty/sshd 
  chmod 755 /var/empty     

    4 在主机上:
         ssh-keygen -t rsa1 -f ssh_host_key -N ""
     
    ssh-keygen -t rsa -f ssh_host_rsa_key -N ""
         
ssh-keygen -t dsa -f ssh_host_dsa_key -N ""
        将生存的 ssh_host_* 6个文件copy到目标板的 /usr/local/etc/目录下

注意:

#chmod 600 sshd_config ssh_host_dsa_key ssh_host_key ssh_host_rsa_key
#chmod 644 ssh_config ssh_host_dsa_key.pub ssh_host_key.pub ssh_host_rsa_key.pub
否则启动sshd的时候报错:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/usr/local/etc/ssh_host_key' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /usr/local/etc/ssh_host_key
Could not load host key: /usr/local/etc/ssh_host_key

5   添加用户:
    将主机上 /etc/目下的 passwd, shadow, group 三个文件中有关ssh的用户信息拷贝到开发板相应文件下


四 测试

   目标板启动sshd:  # /usr/sbin/sshd
   主机: $  ssh -v root@192.168.0.190

   给开发板root用户添加密码:passwd root


设置开机启动:
# vi /etc/init.d/rcS

/ mkdir -p /var/empty/sshd
/usr/sbin/sshd

五 配置sftp

网上找的还没实验过


# Package generated configuration file

# See the sshd(8) manpage for details

# What ports, IPs and protocols we listen for

Port 22

# Use these options to restrict which interfaces/protocols sshd will bind to

#ListenAddress ::

#ListenAddress 0.0.0.0

Protocol 2

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key

#Privilege Separation is turned on for security

UsePrivilegeSeparation yes

 
# Lifetime and size of ephemeral version 1 server key

KeyRegenerationInterval 3600

ServerKeyBits 768


# Logging

SyslogFacility AUTH

LogLevel INFO


# Authentication:

LoginGraceTime 120

PermitRootLogin yes

StrictModes yes


RSAAuthentication yes

PubkeyAuthentication yes

#AuthorizedKeysFile %h/.ssh/authorized_keys


# Don't read the user's ~/.rhosts and ~/.shosts files

IgnoreRhosts yes

# For this to work you will also need host keys in /etc/ssh_known_hosts

RhostsRSAAuthentication no

# similar for protocol version 2

HostbasedAuthentication no

# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication

#IgnoreUserKnownHosts yes


# To enable empty passwords, change to yes (NOT RECOMMENDED)

PermitEmptyPasswords no


# Change to yes to enable challenge-response passwords (beware issues with

# some PAM modules and threads)

ChallengeResponseAuthentication no


# Change to no to disable tunnelled clear text passwords

#PasswordAuthentication yes


# Kerberos options

#KerberosAuthentication no

#KerberosGetAFSToken no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes


# GSSAPI options

#GSSAPIAuthentication no

#GSSAPICleanupCredentials yes


X11Forwarding yes

X11DisplayOffset 10

PrintMotd no

PrintLastLog yes

TCPKeepAlive yes

#UseLogin no


#MaxStartups 10:30:60

#Banner /etc/issue.net


# Allow client to pass locale environment variables

AcceptEnv LANG LC_*


Subsystem sftp /usr/local/libexec/sftp-server


S3C2416 移植ssh服务

标签:linux   ssh   2440 2416   

原文地址:http://blog.csdn.net/hanglinux/article/details/45242055

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!