Build your own OpenSSH installation - anyone done this?

Anything regarding SSL/SSH and other security questions may go here
Forum rules
Synology Community is the new platform for the enthusiasts' interaction, and it will soon be available to replace the Forum.
airwoflsynology
Beginner
Beginner
Posts: 21
Joined: Mon Jul 27, 2015 2:09 pm

Build your own OpenSSH installation - anyone done this?

Unread post by airwoflsynology » Sun Oct 25, 2015 11:52 pm

Hi all,

Have been trying to get a separate instance of SSH running on a different port on my Synology (latest DSM) by using a separate configuration - it has different authentication requirements than the default Synology instance.

However, this has failed as Synology modified the open source version to make sure connections verify that the port it is running on is the same one set in the DSM UI (https://forum.synology.com/enu/viewtopi ... 9&t=105705).

So I tried to go about building my own copy. I have the iPkg bootstrap installed but the versions of headers and libraries are quite out of date so installed the 64 bit toolchain and built my own copies of ZLib, PAM, Perl and OpenSSL.

N.B. You have to build your own Perl installation with 64 bit support as the OpenSSL build process needs to generate large numbers and the 32 bit versions included with DSM and iPkg causes the build to fail.

OpenSSH at this point now builds but attempting to run ssh-keygen during installation causes a seg fault. Have attempted executing it without AppArmor enabled but still seg faults.

Clearly something has not worked as intended and haven't even tried the other commands because if ssh-keygen crashes, the likelihood that the other binaries being impacted / unstable is likely to be quite high.

Which leads to my question, has anyone successfully built their own OpenSSH binaries on a Synology? If you have, would you mind sharing the instructions.

Thanks!

P.

Post Reply

Return to “Security/Secured Mods”