Skip to content

Instantly share code, notes, and snippets.

@eruffaldi

eruffaldi/openssh-build-static.sh

Forked from fumiyas/openssh-build-static.sh
Last active January 4, 2024 07:23
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save eruffaldi/85254616dc14071f02dd8d43554a50a1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save eruffaldi/85254616dc14071f02dd8d43554a50a1 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. eruffaldi revised this gist Jan 4, 2024. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion openssh-build-static.sh
    View file
    Original file line number Diff line number Diff line change
    @@ -22,7 +22,7 @@ export "CFLAGS=-I$root/include -L. -fPIC"
    export "LDFLAGS=-L$root/lib -L$root/lib64"

    #COMMENT THIS for debugging the script. Each stage will cache download and build
    #rm -rf "$root" "$build" "$dist"
    rm -rf "$root" "$build" "$dist"
    mkdir -p "$root" "$build" "$dist"

    if [ ! -f "build/zlib-$ZLIB_VERSION/minigzip" ]; then
  2. eruffaldi revised this gist Jan 4, 2024. 1 changed file with 40 additions and 13 deletions.
    53 changes: 40 additions & 13 deletions openssh-build-static.sh
    View file
    Original file line number Diff line number Diff line change
    @@ -1,34 +1,60 @@
    #!/bin/sh
    #!/usr/bin/env bash
    # Dependencies: curl gcc make autoconf
    #
    # Changes: 2024-01-03 Emanuele Ruffald
    # Updated to latest libraries, modified for building openssh, added some if for debugging

    set -u
    set -e
    set -uex
    umask 0077

    ZLIB_VERSION=1.3
    OPENSSL_VERSION=3.2.0
    OPENSSH_VERSION=V_9_6_P1

    prefix="/opt/openssh"
    top="$(pwd)"
    root="$top/root"
    build="$top/build"
    dist="$top/dist"

    export CPPFLAGS="-I$root/include -L."
    export "CPPFLAGS=-I$root/include -L. -fPIC"
    export "CFLAGS=-I$root/include -L. -fPIC"
    export "LDFLAGS=-L$root/lib -L$root/lib64"

    rm -rf "$root" "$build"
    mkdir -p "$root" "$build"
    #COMMENT THIS for debugging the script. Each stage will cache download and build
    #rm -rf "$root" "$build" "$dist"
    mkdir -p "$root" "$build" "$dist"

    gzip -dc dist/zlib-*.tar.gz |(cd "$build" && tar xf -)
    if [ ! -f "build/zlib-$ZLIB_VERSION/minigzip" ]; then
    echo "---- Building ZLIB -----"
    if [ ! -f "$dist/zlib-$ZLIB_VERSION.tar.gz" ]; then
    curl --output $dist/zlib-$ZLIB_VERSION.tar.gz --location https://zlib.net/zlib-$ZLIB_VERSION.tar.gz
    gzip -dc $dist/zlib-*.tar.gz |(cd "$build" && tar xf -)
    fi
    cd "$build"/zlib-*
    ./configure --prefix="$root" --static
    make
    make install
    cd "$top"
    fi

    gzip -dc dist/openssl-*.tar.gz |(cd "$build" && tar xf -)
    if [ ! -f "build/openssl-$OPENSSL_VERSION/wow" ]; then
    echo "---- Building OpenSSL -----"
    if [ ! -f "$dist/openssl-$OPENSSL_VERSION.tar.gz" ]; then
    curl --output $dist/openssl-$OPENSSL_VERSION.tar.gz --location https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz
    gzip -dc $dist/openssl-*.tar.gz |(cd "$build" && tar xf -)
    fi
    cd "$build"/openssl-*
    ./config --prefix="$root" no-shared
    ./config --prefix="$root" no-shared no-tests
    make
    make install
    cd "$top"
    fi

    gzip -dc dist/openssh-*.tar.gz |(cd "$build" && tar xf -)
    if [ ! -f "$dist/openssh-$OPENSSH_VERSION.tar.gz" ]; then
    curl --output $dist/openssh-$OPENSSH_VERSION.tar.gz --location https://github.com/openssh/openssh-portable/archive/refs/tags/$OPENSSH_VERSION.tar.gz
    fi
    gzip -dc $dist/openssh-*.tar.gz |(cd "$build" && tar xf -)
    cd "$build"/openssh-*
    cp -p "$root"/lib/*.a .
    [ -f sshd_config.orig ] || cp -p sshd_config sshd_config.orig
    @@ -39,8 +65,9 @@ sed \
    -e 's/^#\([A-Za-z]*Authentication\) .*/\1 no/' \
    sshd_config.orig \
    >sshd_config \
    ;
    ./configure --prefix="$prefix" --with-privsep-user=nobody --with-privsep-path="$prefix/var/empty"
    ;
    export PATH=$root/bin:$PATH
    autoreconf
    ./configure LIBS="-lpthread" "--prefix=$root" "--exec-prefix=$root" --with-privsep-user=nobody --with-privsep-path="$prefix/var/empty" "--with-ssl-dir=$root"
    make
    #make install
    cd "$top"
  3. @fumiyas fumiyas created this gist Oct 4, 2017.
    46 changes: 46 additions & 0 deletions openssh-build-static.sh
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,46 @@
    #!/bin/sh

    set -u
    set -e
    umask 0077

    prefix="/opt/openssh"
    top="$(pwd)"
    root="$top/root"
    build="$top/build"

    export CPPFLAGS="-I$root/include -L."

    rm -rf "$root" "$build"
    mkdir -p "$root" "$build"

    gzip -dc dist/zlib-*.tar.gz |(cd "$build" && tar xf -)
    cd "$build"/zlib-*
    ./configure --prefix="$root" --static
    make
    make install
    cd "$top"

    gzip -dc dist/openssl-*.tar.gz |(cd "$build" && tar xf -)
    cd "$build"/openssl-*
    ./config --prefix="$root" no-shared
    make
    make install
    cd "$top"

    gzip -dc dist/openssh-*.tar.gz |(cd "$build" && tar xf -)
    cd "$build"/openssh-*
    cp -p "$root"/lib/*.a .
    [ -f sshd_config.orig ] || cp -p sshd_config sshd_config.orig
    sed \
    -e 's/^#\(PubkeyAuthentication\) .*/\1 yes/' \
    -e '/^# *Kerberos/d' \
    -e '/^# *GSSAPI/d' \
    -e 's/^#\([A-Za-z]*Authentication\) .*/\1 no/' \
    sshd_config.orig \
    >sshd_config \
    ;
    ./configure --prefix="$prefix" --with-privsep-user=nobody --with-privsep-path="$prefix/var/empty"
    make
    #make install
    cd "$top"