在全志V851S开发板上使用SSH配置步骤分析

2024-02-02 18:22:01 浏览数 (3)

代码语言:javascript复制
在Tina板子上面开启SSH SERVER

在Tina配置界面的以下目录中

代码语言:javascript复制
> Network > SSH

勾选的项目

代码语言:javascript复制
《》openssh-keygen… OpenSSH keygen
<> openssh-server… OpenSSH server

1.配置 sshd_config

代码语言:javascript复制
rm -rf /etc/ssh/sshd_config;touch /etc/ssh/sshd_config;vi /etc/ssh/sshd_config;

sshd_config 配置文件

代码语言:javascript复制
Port 22

# Logging
SyslogFacility AUTH
LogLevel INFO


HostKey /etc/ssh/ssh_host_rsa_key

HostKey /etc/ssh/ssh_host_ed25519_key

# Authentication:
LoginGraceTime 2m
PermitRootLogin yes
PermitEmptyPasswords yes
StrictModes yes
MaxAuthTries 6
MaxSessions 10
AuthorizedKeysFile      .ssh/authorized_keys

TCPKeepAlive yes

Subsystem       sftp    /usr/lib/sftp-server

2.启动SSH SERVER

代码语言:javascript复制
etc/init.d/sshd start

3.处理报错 报错Privilege separation user sshd does not exist 执行:

代码语言:javascript复制
vi /etc/passwd

添加一行代码

代码语言:javascript复制
sshd:x:109:65534::/var/run/sshd:/usr/sbin/nologin

3.报错procd_add_mdns

执行:

代码语言:javascript复制
vi /etc/init.d/sshd

注释掉 #procd_add_mdns “ssh” “tcp” “$lport”

4.启动SSH SERVER

代码语言:javascript复制
etc/init.d/sshd start
  • TIP: 启动SSH 之前最好先连上wifi 建议用MobaXterm 可以做到SSH 和 文件传输,两个功能同时使用。
  • 注意: SSH 登录账户 root SSH 登录密码 tina

上述操作如何在编译前配置好OPENSSH

修改4个地方:

1,设置开机启动wifi 启动 wifi, opensshserver

代码语言:javascript复制
nano /root/tina-v853-docker/openwrt/target/v851s/v851s-lizard/busybox-init-base-files/etc/init.d/S50wifideamon

修改 S50wifideamon作为开机启动项配置文件:

代码语言:javascript复制
#!/bin/sh
#
# Start wifi_daemon....
#

start() {
        wifi_daemon
        sleep 2
        wifi -o sta
        sleep 2
        wifi -c d1
//sleeep for 4seconds
        sleep 4
        ifconfig wlan0 192.168.0.105
        /etc/init.d/sshd start
}

stop() {
        printf "Stopping wifi_daemon: "
}

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    restart|reload)
        stop
        start
        ;;
  *)
        echo "Usage: $0 {start|stop|restart}"
        exit 1
esac

exit $?

2,通过Makefile配置sshd_config

代码语言:javascript复制
nano /root/tina-v853-docker/openwrt/package/feeds/net/openssh/Makefile

完整文件代码

代码语言:javascript复制
#
# Copyright (C) 2006-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#

include $(TOPDIR)/rules.mk

PKG_NAME:=openssh
PKG_VERSION:=8.4p1
PKG_RELEASE:=4

PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ 
  https://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/
PKG_HASH:=5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24

PKG_LICENSE:=BSD ISC
PKG_LICENSE_FILES:=LICENCE
PKG_CPE_ID:=cpe:/a:openssh:openssh

PKG_REMOVE_FILES:=
PKG_CONFIG_DEPENDS := 
 CONFIG_OPENSSH_LIBFIDO2

PKG_BUILD_DEPENDS  = OPENSSH_LIBFIDO2:libfido2

include $(INCLUDE_DIR)/package.mk

define Package/openssh/Default
 SECTION:=net
 CATEGORY:=Network
 DEPENDS:= libopenssl  zlib
 TITLE:=OpenSSH
 MAINTAINER:=Peter Wagner <tripolar@gmx.at>
 URL:=http://www.openssh.com/
 SUBMENU:=SSH
 VARIANT:=without-pam
endef

define Package/openssh-moduli
 $(call Package/openssh/Default)
 DEPENDS =  openssh-keygen
 TITLE = moduli file
endef

define Package/openssh-moduli/description
OpenSSH server moduli file.
endef

define Package/openssh-client
 $(call Package/openssh/Default)
 TITLE = client
 ALTERNATIVES:=
  200:/usr/bin/ssh:/usr/libexec/ssh-openssh 
  200:/usr/bin/scp:/usr/libexec/scp-openssh
endef

define Package/openssh-client/description
OpenSSH client.
endef

define Package/openssh-client/conffiles
/etc/ssh/ssh_config
endef

define Package/openssh-client-utils
 $(call Package/openssh/Default)
 DEPENDS =  openssh-client  openssh-keygen
 TITLE = client utilities
endef

define Package/openssh-client-utils/description
OpenSSH client utilities.
endef

define Package/openssh-keygen
 $(call Package/openssh/Default)
 TITLE = keygen
endef

define Package/openssh-keygen/description
OpenSSH keygen.
endef

define Package/openssh-server
 $(call Package/openssh/Default)
 DEPENDS =  openssh-keygen  OPENSSH_LIBFIDO2:libfido2
 TITLE = server
 USERID:=sshd=22:sshd=22
endef

define Package/openssh-server/config
 source "$(SOURCE)/Config.in"
endef

define Package/openssh-server/description
OpenSSH server.
endef

define Package/openssh-server/conffiles
/etc/ssh/sshd_config
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_ed25519_key.pub
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_rsa_key.pub
endef

define Package/openssh-server-pam
 $(call Package/openssh/Default)
 DEPENDS =  libpthread  openssh-keygen  libpam
 TITLE = server (with PAM support)
 VARIANT:=with-pam
 USERID:=sshd=22:sshd=22
endef

define Package/openssh-server-pam/description
OpenSSH server (with PAM support).
endef

define Package/openssh-server-pam/conffiles
/etc/pam.d/sshd
/etc/security/access-sshd-local.conf
/etc/ssh/sshd_config
endef

define Package/openssh-sftp-client
 $(call Package/openssh/Default)
 TITLE = SFTP client
endef

define Package/openssh-sftp-client/description
OpenSSH SFTP client.
endef

define Package/openssh-sftp-server
 $(call Package/openssh/Default)
 TITLE = SFTP server
endef

define Package/openssh-sftp-server/description
OpenSSH SFTP server.
endef

define Package/openssh-sftp-avahi-service
 $(call Package/openssh/Default)
 TITLE = (SFTP Avahi service)
 DEPENDS:= openssh-sftp-server  avahi-daemon
endef

define Package/openssh-sftp-avahi-service/description
 This package contains the service definition for announcing
 SFTP support via mDNS/DNS-SD.
endef

define Package/openssh-sftp-avahi-service/conffiles
/etc/avahi/services/sftp-ssh.service
endef

CONFIGURE_ARGS  = 
 --sysconfdir=/etc/ssh 
 --with-privsep-user=sshd 
 --with-privsep-path=/var/empty 
 --disable-strip 
 --disable-etc-default-login 
 --disable-lastlog 
 --disable-utmp 
 --disable-utmpx 
 --disable-wtmp 
 --disable-wtmpx 
 --without-bsd-auth 
 --without-kerberos5 
 --with-stackprotect 
 --with$(if $(CONFIG_OPENSSL_ENGINE),,out)-ssl-engine 
 --with$(if $(CONFIG_OPENSSH_LIBFIDO2),,out)-security-key-builtin
 
ifeq ($(BUILD_VARIANT),with-pam)
CONFIGURE_ARGS  = 
 --with-pam
else
CONFIGURE_ARGS  = 
 --without-pam
endif

CONFIGURE_VARS  = LD="$(TARGET_CC)"

ifeq ($(BUILD_VARIANT),with-pam)
TARGET_LDFLAGS  = -lpthread
endif

define Build/Compile
 $(MAKE) -C $(PKG_BUILD_DIR) 
  DESTDIR="$(PKG_INSTALL_DIR)" 
  STRIP_OPT="" 
  all install
endef

define Package/openssh-moduli/install
 $(INSTALL_DIR) $(1)/etc/ssh
 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/moduli $(1)/etc/ssh/
endef

define Package/openssh-client/install
 $(INSTALL_DIR) $(1)/etc/ssh
 chmod 0700 $(1)/etc/ssh
 $(CP) $(PKG_INSTALL_DIR)/etc/ssh/ssh_config $(1)/etc/ssh/
 $(INSTALL_DIR) $(1)/usr/libexec
 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ssh $(1)/usr/libexec/ssh-openssh
 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/scp $(1)/usr/libexec/scp-openssh
endef

define Package/openssh-client-utils/install
 $(INSTALL_DIR) $(1)/usr/bin
 $(INSTALL_BIN) $(foreach bin,add agent keyscan keysign,$(PKG_BUILD_DIR)/ssh-$(bin)) $(1)/usr/bin/
endef

define Package/openssh-keygen/install
 $(INSTALL_DIR) $(1)/usr/bin
 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ssh-keygen $(1)/usr/bin/
endef

define Package/openssh-server/install
 $(INSTALL_DIR) $(1)/etc/ssh
 chmod 0700 $(1)/etc/ssh
 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
 sed -r -i 's,^#(HostKey /etc/ssh/ssh_host_(rsa|ed25519)_key)$$$$,1,' $(1)/etc/ssh/sshd_config
 $(INSTALL_DIR) $(1)/etc/init.d
 $(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
 $(INSTALL_DIR) $(1)/lib/preinit
 $(INSTALL_BIN) ./files/sshd.failsafe $(1)/lib/preinit/99_10_failsafe_sshd
 $(INSTALL_DIR) $(1)/usr/sbin
 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
endef


define Package/openssh-server-pam/install
 $(call Package/openssh-server/install,$(1))
 sed -i 's,#Port 22,Port 22,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#SyslogFacility AUTH,SyslogFacility AUTH,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#LogLevel INFO,LogLevel INFO,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#LoginGraceTime 2m,LoginGraceTime 2m,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#StrictModes yes,StrictModes yes,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#MaxAuthTries 6,MaxAuthTries 6,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#MaxSessions 10,MaxSessions 10,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#TCPKeepAlive yes,TCPKeepAlive yes,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#PermitRootLogin prohibit-password,PermitRootLogin yes,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#UsePAM no,UsePAM yes,g' $(1)/etc/ssh/sshd_config
 sed -i 's,#PermitEmptyPasswords yes,PermitEmptyPasswords yes,g' $(1)/etc/ssh/sshd_config
 $(INSTALL_DIR) $(1)/etc/pam.d
 $(INSTALL_DATA) ./files/sshd.pam $(1)/etc/pam.d/sshd
 $(INSTALL_DIR) $(1)/etc/security
 $(INSTALL_DATA) ./files/sshd.pam-access $(1)/etc/security/access-sshd-local.conf
endef

define Package/openssh-sftp-client/install
 $(INSTALL_DIR) $(1)/usr/bin
 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sftp $(1)/usr/bin/
endef

define Package/openssh-sftp-server/install
 $(INSTALL_DIR) $(1)/usr/lib
 $(CP) $(PKG_INSTALL_DIR)/usr/lib/sftp-server $(1)/usr/lib/
 $(INSTALL_DIR) $(1)/usr/libexec
 ln -sf ../lib/sftp-server $(1)/usr/libexec/sftp-server
endef

define Package/openssh-sftp-avahi-service/install
 $(INSTALL_DIR) $(1)/etc/avahi/services
 $(INSTALL_DATA) ./files/sftp-ssh.service $(1)/etc/avahi/services/
endef

$(eval $(call BuildPackage,openssh-client))
$(eval $(call BuildPackage,openssh-moduli))
$(eval $(call BuildPackage,openssh-client-utils))
$(eval $(call BuildPackage,openssh-keygen))
$(eval $(call BuildPackage,openssh-server))
$(eval $(call BuildPackage,openssh-server-pam))
$(eval $(call BuildPackage,openssh-sftp-client))
$(eval $(call BuildPackage,openssh-sftp-server))
$(eval $(call BuildPackage,openssh-sftp-avahi-service))

3,配置passwd

代码语言:javascript复制
nano /root/tina-v853-docker/openwrt/package/allwinner/system/busybox-init-base-files/files/etc/passwd

添加一行代码

代码语言:javascript复制
sshd:x:109:65534::/var/run/sshd:/usr/sbin/nologin

4,ssh开机脚本

代码语言:javascript复制
nano /root/tina-v853-docker/openwrt/package/feeds/net/openssh/files/sshd.init

注释掉 procd…

配置文件

代码语言:javascript复制
#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2011 OpenWrt.org

START=50
STOP=50

USE_PROCD=1
PROG=/usr/sbin/sshd

start_service() {
 for type in rsa ed25519
 do
  # check for keys
  key=/etc/ssh/ssh_host_${type}_key
  [ ! -f $key ] && {
   # generate missing keys
   [ -x /usr/bin/ssh-keygen ] && {
    /usr/bin/ssh-keygen -N '' -t $type -f $key 2>&- >&-
   }
  }
 done
 mkdir -m 0700 -p /var/empty

 local lport=$(awk '/^Port / { print $2; exit }' /etc/ssh/sshd_config)
 [ -z "$lport" ] && lport=22

 procd_open_instance
 #procd_add_mdns "ssh" "tcp" "$lport"
 procd_set_param command $PROG -D
 procd_close_instance
}

shutdown() {
 local pid

 stop

 # kill active clients
 for pid in $(pidof sshd)
 do
  [ "$pid" = "$$" ] && continue
  [ -e "/proc/$pid/stat" ] && kill $pid
 done
}

5.勾选编译项目 (3个)如下图(要选准哦,否则会报错)

  • 本文转载自:https://forums.100ask.net/t/topic/3025

0 人点赞