Created
October 4, 2017 09:20
-
-
Save fumiyas/b4aaee83e113e061d1ee8ab95b35608b to your computer and use it in GitHub Desktop.
Build OpenSSH with static linked zlib and OpenSSL libraries
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -u | |
| set -e | |
| umask 0077 | |
| prefix="/opt/openssh" | |
| top="$(pwd)" | |
| root="$top/root" | |
| build="$top/build" | |
| export CPPFLAGS="-I$root/include -L." | |
| rm -rf "$root" "$build" | |
| mkdir -p "$root" "$build" | |
| gzip -dc dist/zlib-*.tar.gz |(cd "$build" && tar xf -) | |
| cd "$build"/zlib-* | |
| ./configure --prefix="$root" --static | |
| make | |
| make install | |
| cd "$top" | |
| gzip -dc dist/openssl-*.tar.gz |(cd "$build" && tar xf -) | |
| cd "$build"/openssl-* | |
| ./config --prefix="$root" no-shared | |
| make | |
| make install | |
| cd "$top" | |
| gzip -dc dist/openssh-*.tar.gz |(cd "$build" && tar xf -) | |
| cd "$build"/openssh-* | |
| cp -p "$root"/lib/*.a . | |
| [ -f sshd_config.orig ] || cp -p sshd_config sshd_config.orig | |
| sed \ | |
| -e 's/^#\(PubkeyAuthentication\) .*/\1 yes/' \ | |
| -e '/^# *Kerberos/d' \ | |
| -e '/^# *GSSAPI/d' \ | |
| -e 's/^#\([A-Za-z]*Authentication\) .*/\1 no/' \ | |
| sshd_config.orig \ | |
| >sshd_config \ | |
| ; | |
| ./configure --prefix="$prefix" --with-privsep-user=nobody --with-privsep-path="$prefix/var/empty" | |
| make | |
| #make install | |
| cd "$top" |
I just built with @ngaro 's script using:
ZLIB_VERSION=1.3.1
OPENSSL_VERSION=3.5.2
OPENSSH_VERSION=V_9_9_P2
Note that the build benefits hugely from editing the plain make in each of the *_BUILD_COMMANDS to "make -j16" (or whatever your cpu count is)
The way the script is written is not strictly correct.
--prefix is intended to describe the directory the package will finally reside in. So a user install would typically have /usr/local and an OS level would use / or /usr
then DESTDIR is used in the install phase to install to a certain dir. This dir is often packaged up (eg rpm/deb) and forms the overlay for installations.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks a lot for your script, you saved my life :-) RHEL 9.5 native ssh breaks connecting to the ILO of an HP server, I had to recompile a statically linked more recent version.