OpenSSH (including daemon) for OpenLink

From NAS-Central Buffalo - The Linkstation Wiki

This article based on work done by Frontalot on Linkstationwiki.org

Contents 1 Background 2 Installation Instructions 2.1 FreeLink (Debian) 2.2 OpenLink (PowerPC) 2.3 OpenLink (MIPSel) 3 Programs included 4 References

Background

This project offers OpenSSH (including daemon), precompiled and packaged for the PPC LinkStation. The OpenSSH^[1] package is intended for people who want to upgrade from Dropbear^[2][3] to a more full-featured SSH daemon. This way you can use a client like PuTTY or FileZilla for terminal and file transfer. You can even tunnel^[4] other protocols like VNC through SSH to make them secure.^[5] This package requires that you have installed the OpenLink or FreeLink firmware. You may download the latest version from the downloads area here. Or, use this version^[6] "it contains the original tarball plus an installation script (not yet widely tested, but at least from that you can see the requirements)" referred to by Izzy in this forum ^[7]

Installation Instructions

FreeLink (Debian)

• Install the OpenSSH package using apt-get. If prompted, select SSH version 2. Use the command:^[8]

apt-get install ssh

• You can configure SSH through Webmin (see Webmin to remotely administer your LinkStation)

OpenLink (PowerPC)

OpenSSH-4.2p2

A complete OpenSSH-4.2p2-package is available at mindbenders-page: OpenSSH-4.3p2_ppc.tar.gz Install it by

cd /
wget http://www.unet.univie.ac.at/~a0025690/ppc-binaries/OpenSSH-4.3p2_ppc.tar.gz
tar xzvf OpenSSH-4.3p2_ppc.tar.gz
/usr/local/etc/create_keys.sh

you should be able to connect via ssh after reboot or if you start

/etc/init.d/sshd start

manually.

Also, the sshd needs to be modified by adding the following lines to startup block.

if [ ! -d /var/empty ]; then
mkdir /var/empty
fi  

If the modification is not done, every time SSH is stopped and restarted, it will complain the the /var/empty directory already exists. One must also remember to create user named "sshd".

OpenLink (MIPSel)

This is generic and probably would work for any flavor LinkStation^[9]

to be able to compile you have to meet the following prerequisites:

1. Flashed your LinkStation with OpenLink
2. Installed the mipsel-development-tools (for the MIPSel LinkStation)

then compiling works that way:

download the source of OpenSSH to a seperate folder that you will use for compiling

cd <folder_for_compiling> 
wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-4.3p2.tar.gz 
tar xzvf openssh-4.3p2.tar.gz 
cd openssh-4.3p2 
./configure 
make 
make install

the ssh-keys are generated automatically in the installation process. there are two things that have to done additionally.

1) you have to create a startscript for OpenSSH which is stored at

/etc/init.d/sshd

or you use this one:

#! /bin/sh
export USER="root"
NAME=ssh
start()
{
    mkdir /var/empty
    su - $USER -c"/usr/local/sbin/sshd"
}
stop()
{
    su - $USER -c"killall sshd"
}
case "$1" in
    start)
        echo -n "Starting sshd: "
        start
        ;;
    stop)
        echo -n "Stopping sshd "
        stop
        ;;
    restart)
        echo -n "Restarting sshd "
        stop
        start
        ;;
    *)
        echo "Usage: /etc/init.d/$NAME {start|stop|restart}"
        exit 1
        ;;
esac
exit 0

2) you have to make sshd is started automatically after shutdown/reboot. do this by executing

ln -s /etc/init.d/sshd /etc/init.d/rc.d/rc2.d/S07sshd

afterwards OpenSSH is ready for action.

Programs included

The OpenSSH suite includes the following tools:^[10]

• ssh, a replacement for rlogin and telnet:

ssh user@example.com

• scp, a replacement for rcp:

scp user@example.com:somefile .

• sftp, a replacement for ftp:

sftp user@example.com

• sshd, the SSH daemon:

sshd

• ssh-keygen, a tool to generate the RSA and DSA keys that are used for user and host authentication:

ssh-keygen -t rsa

• ssh-agent, a small daemon that can hold copies of public keys and use them to sign authentication challenges, avoiding the need to enter passphrases every time they are used:

eval `ssh-agent`

• ssh-add, a tool to load keys into, or delete keys from a running ssh-agent:

ssh-add

• ssh-keyscan, which scans a list of hosts and collects their public keys:

ssh-keyscan -t rsa 192.2.0.33 192.2.0.34 www.example.com

• sftp-server, the sftp server subsystem (normally run directly by sshd)
• ssh-keysign, a setuid helper program that signs "hostbased" authentication challenges using the host's private keys (normally executed directly by ssh)

References

1. ↑ http://www.openssh.com/ - OpenSSH a FREE version of the SSH connectivity tools
2. ↑ Dropbear package designed specifically for the MIPSel LinkStation
3. ↑ Dropbear package for the PPC LinkStation
4. ↑ Tunneling Explained
5. ↑ http://martybugs.net/smoothwall/puttyvnc.cgi - Tunnelling VNC over SSH with PuTTY
6. ↑ openssh-3.9p1-05b.tgz - from Qumran Cave FileBase
7. ↑ The Linkstation Community Forum / Everything else / www.linkstationwiki.net - Mediawiki is online
8. ↑ Convert from telnet to SSH (both OpenSSH and Dropbear)
9. ↑ The Linkstation Community Forum / Linkstation 2 (mips) / Secure FTP for a Noob
10. ↑ OpenSSH - From the WikiPedia