{"id":894,"date":"2023-09-26T15:25:58","date_gmt":"2023-09-26T07:25:58","guid":{"rendered":"https:\/\/blog.espnlol.com\/?p=894"},"modified":"2023-11-08T14:07:37","modified_gmt":"2023-11-08T06:07:37","slug":"kylin-v10-sp1-arm%e6%9e%b6%e6%9e%84%e5%88%b6%e4%bd%9c%e9%ab%98%e7%89%88%e6%9c%acopenssh%e7%9a%84rpm%e5%ae%89%e8%a3%85%e5%8c%85","status":"publish","type":"post","link":"https:\/\/blog.espnlol.com\/?p=894","title":{"rendered":"Kylin V10 SP1\u00a0arm\u67b6\u6784\u5236\u4f5c\u9ad8\u7248\u672copenssh\u7684rpm\u5b89\u88c5\u5305"},"content":{"rendered":"\n

1\uff0c\u67e5\u770b\u73af\u5883\u4fe1\u606f<\/h2>\n\n\n\n
#uname -a\n4.19.90-17.5.ky10.aarch64 #1 SMP Fri Aug 7 13:35:33 CST 2020 aarch64 aarch64 aarch64 GNU\/Linux\n\n#dnf version\n4.2.15\n  Installed: dnf-0:4.2.15-7.ky10.noarch at Tue 22 Mar 2022 03:13:28 AM GMT\n  Built    : Koji at Wed 15 Apr 2020 04:00:09 AM GMT\n\n  Installed: rpm-0:4.15.1-12.ky10.aarch64 at Tue 22 Mar 2022 03:12:10 AM GMT\n  Built    : Koji at Sat 14 Mar 2020 03:29:50 AM GMT<\/pre>\n\n\n\n
\u53ef\u4ee5\u770b\u51fa\u5c5e\u4e8e\u7c7bcentos\u7cfb\u7edf\uff0c\u5236\u4f5credhat\u7684rpm\u5b89\u88c5\u5305\u5373\u53ef<\/p>\n\n\n\n
2\uff0c\u5236\u4f5copenssh\u9ad8\u7248\u672c\u538b\u7f29\u5305<\/h2>\n\n\n\n
#\u5b89\u88c5\u7f16\u8bd1\u73af\u5883\ndnf<\/strong> install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel  libXt-devel gtk2-devel make perl krb5-devel imake -y\n\n#\u4e0b\u8f7d\u6e90\u7801\nwget https:\/\/mirrors.aliyun.com\/pub\/OpenBSD\/OpenSSH\/portable\/openssh-9.1p1.tar.gz\nwget https:\/\/src.fedoraproject.org\/repo\/pkgs\/openssh\/x11-ssh-askpass-1.2.4.1.tar.gz\n\n#\u521b\u5efa\u6e90\u7801\u76ee\u5f55\nmkdir -pv \/root\/rpmbuild\/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}\n\n#\u67e5\u770b\u6e90\u7801\u76ee\u5f55\nls -lh \/root\/rpmbuild\/\ntotal 24K\ndrwx------ 3 root root 4.0K Sep 26 10:55 BUILD\ndrwx------ 2 root root 4.0K Sep 26 10:56 BUILDROOT\ndrwx------ 3 root root 4.0K Sep 26 10:56 RPMS\ndrwx------ 2 root root 4.0K Sep 25 11:02 SOURCES\ndrwx------ 2 root root 4.0K Sep 26 10:55 SPECS\ndrwx------ 2 root root 4.0K Sep 25 10:25 SRPMS\n\n~\/rpmbuild\/BUILD\t\u6784\u5efa\u76ee\u5f55,\u5b58\u653e\u6e90\u4ee3\u7801\u89e3\u538b\u4ee5\u540e\u7684\u6587\u4ef6\uff0c\u5e76\u5728\u8be5\u76ee\u5f55\u7684\u5b50\u76ee\u5f55\u5b8c\u6210\u7f16\u8bd1\n~\/rpmbuild\/BUILDROOT\t\u6700\u7ec8\u5b89\u88c5\u76ee\u5f55,\u4fdd\u5b58 %install \u9636\u6bb5\u5b89\u88c5\u7684\u6587\u4ef6\n~\/rpmbuild\/RPMS\t\u6807\u51c6 RPM \u5305\u76ee\u5f55,\u4fdd\u5b58\u4e8c\u8fdb\u5236 RPM \u5305,\u6b64\u76ee\u5f55\u4e0b\u4f1a\u6709\u5b50\u76ee\u5f55\n~\/rpmbuild\/SOURCES\t\u6e90\u4ee3\u7801\u76ee\u5f55,\u4fdd\u5b58\u6e90\u7801\u5305\u3001\u914d\u7f6e\u6587\u4ef6\u548c\u8865\u4e01\u5305\u7b49\n~\/rpmbuild\/SPECS\tspec \u6587\u4ef6\u76ee\u5f55,\u4fdd\u5b58spec\u6587\u4ef6,\u6bcf\u4e2arpm\u5305\u7684\u5236\u4f5c\uff0c\u90fd\u5fc5\u987b\u8981\u6709\u4e00\u4e2aspec\u6587\u4ef6\uff0c\u7528\u6765\u6307\u5bfc\u6587\u4ef6\u3002\u6b64\u6587\u4ef6\u4ee5\u8f6f\u4ef6\u5305\u7684\u540d\u5b57\u547d\u540d\uff0c\u4ee5spec\u4e3a\u6269\u5c55\u540d\n~\/rpmbuild\/SRPMS\tsrc.rpm\u5305\u76ee\u5f55,\u4fdd\u5b58\u6e90\u7801 RPM \u5305(SRPM)\u3002\n\n#\u62f7\u8d1d\u6e90\u7801\u5305\u5230\u76f8\u5e94\u76ee\u5f55\ncp openssh-9.1p1.tar.gz  x11-ssh-askpass-1.2.4.1.tar.gz \/root\/rpmbuild\/SOURCES\n\n#\u89e3\u538b\u6e90\u7801\u5305\uff0c\u63d0\u53d6\u6784\u5efaspec\u6587\u4ef6\uff0c\u62f7\u8d1dopenssh.spec\u6587\u4ef6\u5230SEPCS\ntar -zxf openssh-9.1p1.tar.gz \ncp openssh-9.1p1\/contrib\/redhat\/openssh.spec \/root\/rpmbuild\/SPECS\/\n\n#\u6839\u636e\u5b98\u7f51\u9ed8\u8ba4openssh.spec\u5236\u4f5c\u7684rpm\u5b89\u88c5\u5305\uff0c\u5728\u5347\u7ea7\u65f6\u4f1a\u5378\u8f7d\u65e7\u7248\u672copenssh\u5e76\u590d\u5236\u6e90\u7801\u5305\u4e2d\u7684 .\/openssh-9.1p1\/contrib\/redhat\/sshd.pam \u4ee5\u66ff\u6362\/etc\/pam.d\/sshd\uff0c\u5c06\u5bfc\u81f4\u5347\u7ea7\u540e\u65e0\u6cd5\u767b\u5f55\u8fdb\u7cfb\u7edf\u3002\u6545\u9700\u8981\u624b\u52a8\u66f4\u6539\u66ff\u6362\u6587\u4ef6\uff0c\u66ff\u6362\u4e3a\u60f3\u8981\u7684\u5185\u5bb9\uff1b\n\u5efa\u8bae\u76f4\u63a5\u4f7f\u7528\u7cfb\u7edf\u81ea\u5e26\u7684\/etc\/pam.d\/sshd\u539f\u751f\u6587\u4ef6\u3002\n\n#\u5c06\/etc\/pam.d\/sshd\u590d\u5236\u5230SOURCES\u76ee\u5f55\ncp \/etc\/pam.d\/sshd \/root\/rpmbuild\/SOURCES\n\n#\u4fee\u6539\u5e76\u4f18\u5316openssh.spec\u6587\u4ef6\n\u7b2c104\u884c\uff1a\u6ce8\u91ca\u8be5\u884c\uff0c\u68c0\u6d4bopenssl\u7248\u672c\u7684\uff0c\u5426\u5219\u6784\u5efa\u65f6\u4f1a\u51fa\u73b0\u62a5\u9519\n  BuildRequires: openssl-devel < 1.1\n\n\u7b2c 89 \u884c: \u6dfb\u52a0\u4e00\u4e2a\u6e90\n  Source2: sshd  \n\u7b2c280\u884c\uff1a\u66f4\u6539\u4e3a\u4eceSOURCE\u76ee\u5f55\u590d\u5236sshd\u5230\/etc\/pam.d\/sshd\uff0c\u6ce8\u91ca\u6389\u539f\u547d\u4ee4\uff0c\u6539\u4e3a\u4e0b\u9762\u884c\n  #install -m644 contrib\/redhat\/sshd.pam     $RPM_BUILD_ROOT\/etc\/pam.d\/sshd\n  install -m644 $RPM_SOURCE_DIR\/sshd $RPM_BUILD_ROOT\/etc\/pam.d\/sshd   \n\n\u7b2c283\u884c\uff1a\u66f4\u6539\u4e3a\u4ececontrib\u76ee\u5f55\u590d\u5236ssh-copy-id\u5230\/usr\/bin\/ssh-copy-id\uff0c\u589e\u52a0\u4e0b\u9762\u8fd9\u884c\n install -m755 contrib\/ssh-copy-id $RPM_BUILD_ROOT\/usr\/bin\/ssh-copy-id\n \n\u7b2c 340-341\u884c \u8fd9\u4e24\u884c\u9700\u8981\u653e\u5728  %pre server \u4e0b\uff0c\u4e3a\u5b89\u88c5\u524d\u5907\u4efd\u5185\u5bb9\n  cp -r \/etc\/ssh \/etc\/ssh_bak                     \n  \n\n\u7b2c 345 -369\u884c:  \u9700\u8981\u653e\u5728 %post server\u540e\u9762\uff0c\u8868\u793a\u5b89\u88c5\u540e\u9700\u8981\u6267\u884c\u7684\u547d\u4ee4\n1.\u5141\u8bb8root\u767b\u5f55\uff1b\u5347\u7ea7\u4e3a9.1\u540e\u9ed8\u8ba4\u4e3a\u4e0d\u5141\u8bb8root\u767b\u5f55\n2.\u5141\u8bb8\u4f7f\u7528PAM\u767b\u5f55\u8ba4\u8bc1 \uff1b\n3.\u5141\u8bb8\u4f7f\u7528X11Forwarding\u56fe\u5f62\u6a21\u5757\uff1b\n4.\u5220\u9664\u9ed8\u8ba4\u7684\u8ba4\u8bc1\u652f\u6301\uff0c\u91cc\u9762\u5b58\u5728\u9ad8\u4f4d\u6f0f\u6d1e\n5.\u589e\u52a0\u8ba4\u8bc1\u652f\u6301\uff08\u9ed8\u8ba4openssh 9.1\uff0c\u9ed8\u8ba4\u4e0d\u652f\u6301\u90e8\u5206\u4f4e\u7248\u672c\u7684\u8ba4\u8bc1\u6a21\u5f0f\uff09\uff0c\u4e0d\u6dfb\u52a0\u4f1a\u9020\u6210\u4f4e\u7248\u672c\u7684\u8fde\u63a5\u5668\u5982\uff1aCRT\u7b49\uff0c\u5ba2\u6237\u7aef\u8fde\u63a5\u5931\u8d25\n6.\u751f\u6210sshd\u7684systemctl\u542f\u52a8\u914d\u7f6e\u6587\u4ef6\uff0c\u9ed8\u8ba4\u4f1a\u5220\u9664\u539f\u6709\u7684\u542f\u52a8\u914d\u7f6e\uff0c\u5bfc\u81f4\u91cd\u542f\u4e00\u76f4\u62a5warning\n7.\u4e09\u4e2a\u6587\u4ef6 ssh_host_rsa_key\u3001ssh_host_ecdsa_key\u3001ssh_host_ed25519_key \u4e3a\u5fc5\u8981\u6587\u4ef6\uff0c9.0\u7248\u672c\u7f29\u5c0f\u4e86\u6743\u9650\uff0c\u53ea\u5141\u8bb8root\u67e5\u770b\uff0c\u5426\u8005\u542f\u52a8sshd\u670d\u52a1\u4f1a\u62a5\u9519\n\nsed -i -e  \"s\/#PermitRootLogin prohibit-password\/PermitRootLogin yes\/g\"    \/etc\/ssh\/sshd_config\nsed -i  -e  \"s\/#UsePAM no\/UsePAM yes\/g\"  \/etc\/ssh\/sshd_config\nsed -i -e \"s\/#X11Forwarding no\/X11Forwarding yes\/g\" \/etc\/ssh\/sshd_config\nsed -i -e \"s\/^KexAlgorithms.*\/\/g\" \/etc\/ssh\/sshd_config\necho \"KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1\" >>\/etc\/ssh\/sshd_config\ncat <<'EOF' > \/usr\/lib\/systemd\/system\/sshd.service\n[UNIT]\nDescription=OpenSSH server daemon\nAfter=network.target sshd-keygen.target\nWants=sshd-keygen.target\n\n[Service]\nType=forking\nExecStart=\/etc\/rc.d\/init.d\/sshd start\nExecReload=\/etc\/rc.d\/init.d\/sshd restart\nExecStop=\/etc\/rc.d\/init.d\/sshd stop\nPrivateTmp=True\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\nchmod 600 \/etc\/ssh\/ssh_host_rsa_key\nchmod 600 \/etc\/ssh\/ssh_host_ecdsa_key\nchmod 600 \/etc\/ssh\/ssh_host_ed25519_key\n\n\u7b2c 397\u884c:  \u653e\u5728%attr(0755,root,root) %{_bindir}\/sftp\u540e\u9762\uff0c\u8868\u793a\u5b89\u88c5\u4fee\u6539ssh-copy-id\u7684\u5c5e\u6027\n\u589e\u52a0\u4ee5\u4e0b\u884c\uff1a\n  %attr(0755,root,root) %{_bindir}\/ssh-copy-id\n\n#\u6784\u5efarpm\u5305\uff0c\u6784\u5efa\u5b8c\u6210\u540e\u663e\u793a+ exit 0 \uff0c\u8868\u793a\u6784\u5efa\u6210\u529f\ncd \/root\/rpmbuild\/SPECS\/ && rpmbuild -ba openssh.spec\n.....\n\n#\u6784\u5efa\u5b8c\u6210\u4f1a\u751f\u6210\u65b0\u7684rpm\u5305\nls -lh \/root\/rpmbuild\/RPMS\/aarch64\/\ntotal 5.0M\n-rw------- 1 root root 620K Sep 26 10:56 openssh-9.1p1-1.ky10.ky10.aarch64.rpm\n-rw------- 1 root root  31K Sep 26 10:56 openssh-askpass-9.1p1-1.ky10.ky10.aarch64.rpm\n-rw------- 1 root root  14K Sep 26 10:56 openssh-askpass-gnome-9.1p1-1.ky10.ky10.aarch64.rpm\n-rw------- 1 root root 591K Sep 26 10:56 openssh-clients-9.1p1-1.ky10.ky10.aarch64.rpm\n-rw------- 1 root root 2.7M Sep 26 10:56 openssh-debuginfo-9.1p1-1.ky10.ky10.aarch64.rpm\n-rw------- 1 root root 691K Sep 26 10:56 openssh-debugsource-9.1p1-1.ky10.ky10.aarch64.rpm\n-rw------- 1 root root 422K Sep 26 10:56 openssh-server-9.1p1-1.ky10.ky10.aarch64.rpm\n\n#\u5b89\u88c5\u5347\u7ea7\ndnf localinstall openssh-9.1p1-1.ky10.ky10.aarch64.rpm openssh-clients-9.1p1-1.ky10.ky10.aarch64.rpm openssh-server-9.1p1-1.ky10.ky10.aarch64.rpm\n\n#\u66f4\u65b0\u9a8c\u8bc1\n#\u9a8c\u8bc1\u5ba2\u6237\u7aef\nssh -V\nOpenSSH_9.1p1, OpenSSL 1.1.1d  10 Sep 2019\n\n#\u9a8c\u8bc1\u670d\u52a1\u7aef\nssh -v 127.0.0.1\n'''\ndebug1: Local version string SSH-2.0-OpenSSH_9.1\ndebug1: Remote protocol version 2.0, remote software version OpenSSH_9.1\ndebug1: compat_banner: match: OpenSSH_9.1 pat OpenSSH* compat 0x04000000\ndebug1: Authenticating to 127.0.0.1:22 as 'root'\n'''\n<\/pre>\n\n\n\n
\u53c2\u8003\u6587\u6863\uff1ahttps:\/\/blog.csdn.net\/QTM_Gitee\/article\/details\/125101607<\/p>\n","protected":false},"excerpt":{"rendered":"
1\uff0c\u67e5\u770b\u73af\u5883\u4fe1\u606f #uname -a 4.19.90-17.5.ky10.aar … \u7ee7\u7eed\u9605\u8bfb →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[],"class_list":["post-894","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts\/894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=894"}],"version-history":[{"count":4,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts\/894\/revisions"}],"predecessor-version":[{"id":903,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=\/wp\/v2\/posts\/894\/revisions\/903"}],"wp:attachment":[{"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=894"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.espnlol.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}