Mercurial > dropbear
annotate INSTALL @ 1452:15d4b821bcc9
fix checkpubkey_line function name for TRACE
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 04 Oct 2017 22:30:18 +0800 |
parents | 8f88f4290b22 |
children | 72fd994fe7bd |
rev | line source |
---|---|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 Basic Dropbear build instructions: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 |
72 | 3 - Edit options.h to set which features you want. |
4 - Edit debug.h if you want any debug options (not usually required). | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 |
72 | 6 (If using a non-tarball copy, "autoconf; autoheader") |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 ./configure (optionally with --disable-zlib or --disable-syslog, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 or --help for other options) |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 |
72 | 11 Now compile: |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 |
72 | 13 make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 |
72 | 15 And install (/usr/local/bin is usual default): |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 |
72 | 17 make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" install |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 |
72 | 19 (you can leave items out of the PROGRAMS list to avoid compiling them. If you |
20 recompile after changing the PROGRAMS list, you *MUST* "make clean" before | |
21 recompiling - bad things will happen otherwise) | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 |
72 | 23 See MULTI for instructions on making all-in-one binaries. |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
1447
8f88f4290b22
document --enable-static in place of STATIC=1
Matt Johnston <matt@ucc.asn.au>
parents:
443
diff
changeset
|
25 If you want to compile statically use ./configure --enable-static |
8f88f4290b22
document --enable-static in place of STATIC=1
Matt Johnston <matt@ucc.asn.au>
parents:
443
diff
changeset
|
26 |
8f88f4290b22
document --enable-static in place of STATIC=1
Matt Johnston <matt@ucc.asn.au>
parents:
443
diff
changeset
|
27 By default Dropbear adds various build flags that improve robustness |
8f88f4290b22
document --enable-static in place of STATIC=1
Matt Johnston <matt@ucc.asn.au>
parents:
443
diff
changeset
|
28 against programming bugs (good for security) - if these cause problems |
8f88f4290b22
document --enable-static in place of STATIC=1
Matt Johnston <matt@ucc.asn.au>
parents:
443
diff
changeset
|
29 they can be disabled with ./configure --disable-harden |
72 | 30 |
443 | 31 Binaries can be stripped with "make strip" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 ============================================================================ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 |
245
b24730e11c83
add note about compiling for 386
Matt Johnston <matt@ucc.asn.au>
parents:
72
diff
changeset
|
35 If you're compiling for a 386-class CPU, you will probably need to add |
b24730e11c83
add note about compiling for 386
Matt Johnston <matt@ucc.asn.au>
parents:
72
diff
changeset
|
36 CFLAGS=-DLTC_NO_BSWAP so that libtomcrypt doesn't use 486+ instructions. |
b24730e11c83
add note about compiling for 386
Matt Johnston <matt@ucc.asn.au>
parents:
72
diff
changeset
|
37 |
b24730e11c83
add note about compiling for 386
Matt Johnston <matt@ucc.asn.au>
parents:
72
diff
changeset
|
38 ============================================================================ |
b24730e11c83
add note about compiling for 386
Matt Johnston <matt@ucc.asn.au>
parents:
72
diff
changeset
|
39 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 Compiling with uClibc: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 Firstly, make sure you have at least uclibc 0.9.17, as getusershell() in prior |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 versions is broken. Also note that you may get strange issues if your uClibc |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 headers don't match the library you are running with, ie the headers might |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 say that shadow password support exists, but the libraries don't have it. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 |
72 | 47 Compiling for uClibc should be the same as normal, just set CC to the magic |
48 uClibc toolchain compiler (ie export CC=i386-uclibc-gcc or whatever). | |
49 You can use "make STATIC=1" to make statically linked binaries, and it is | |
50 advisable to strip the binaries too. If you're looking to make a small binary, | |
51 you should remove unneeded ciphers and MD5, by editing options.h | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 It is possible to compile zlib in, by copying zlib.h and zconf.h into a |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
54 subdirectory (ie zlibincludes), and |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
55 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
56 export CFLAGS="-Izlibincludes -I../zlibincludes" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
57 export LDFLAGS=/usr/lib/libz.a |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
59 before ./configure and make. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 If you disable zlib, you must explicitly disable compression for the client - |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 OpenSSH is possibly buggy in this regard, it seems you need to disable it |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 globally in ~/.ssh/config, not just in the host entry in that file. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 You may want to manually disable lastlog recording when using uClibc, configure |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 with --disable-lastlog. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 |
69 | 68 One common problem is pty allocation. There are a number of types of pty |
69 allocation which can be used -- if they work properly, the end result is the | |
70 same for each type. Running configure should detect the best type to use | |
71 automatically, however for some systems, this may be incorrect. Some | |
72 things to note: | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 If your system expects /dev/pts to be mounted (this is a uClibc option), |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 make sure that it is. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
76 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 Make sure that your libc headers match the library version you are using. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 If openpty() is being used (HAVE_OPENPTY defined in config.h) and it fails, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
80 you can try compiling with --disable-openpty. You will probably then need |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
81 to create all the /dev/pty?? and /dev/tty?? devices, which can be |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
82 problematic for devfs. In general, openpty() is the best way to allocate |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
83 PTYs, so it's best to try and get it working. |