-
-
Save eruffaldi/85254616dc14071f02dd8d43554a50a1 to your computer and use it in GitHub Desktop.
Build OpenSSH with static linked zlib and OpenSSL libraries
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -u | |
| set -e | |
| umask 0077 | |
| prefix="/opt/openssh" | |
| top="$(pwd)" | |
| root="$top/root" | |
| build="$top/build" | |
| export CPPFLAGS="-I$root/include -L." | |
| rm -rf "$root" "$build" | |
| mkdir -p "$root" "$build" | |
| gzip -dc dist/zlib-*.tar.gz |(cd "$build" && tar xf -) | |
| cd "$build"/zlib-* | |
| ./configure --prefix="$root" --static | |
| make | |
| make install | |
| cd "$top" | |
| gzip -dc dist/openssl-*.tar.gz |(cd "$build" && tar xf -) | |
| cd "$build"/openssl-* | |
| ./config --prefix="$root" no-shared | |
| make | |
| make install | |
| cd "$top" | |
| gzip -dc dist/openssh-*.tar.gz |(cd "$build" && tar xf -) | |
| cd "$build"/openssh-* | |
| cp -p "$root"/lib/*.a . | |
| [ -f sshd_config.orig ] || cp -p sshd_config sshd_config.orig | |
| sed \ | |
| -e 's/^#\(PubkeyAuthentication\) .*/\1 yes/' \ | |
| -e '/^# *Kerberos/d' \ | |
| -e '/^# *GSSAPI/d' \ | |
| -e 's/^#\([A-Za-z]*Authentication\) .*/\1 no/' \ | |
| sshd_config.orig \ | |
| >sshd_config \ | |
| ; | |
| ./configure --prefix="$prefix" --with-privsep-user=nobody --with-privsep-path="$prefix/var/empty" | |
| make | |
| #make install | |
| cd "$top" |
Author
Author
Thanks to the original gist. The use case of this gist is for a system in which OpenSSH needs to be updated but the rest of the OS libraries cannot be updated.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Tested on Ubuntu 22.04 the ldd on sshd provides the dependencies on libc and libcrypt: