Build your own OpenSSH installation - anyone done this?

Anything regarding SSL/SSH and other security questions may go here
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:

https://account.synology.com/support/su ... p?lang=enu



2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
airwoflsynology
Beginner
Beginner
Posts: 21
Joined: Mon Jul 27, 2015 2:09 pm

Build your own OpenSSH installation - anyone done this?

Unread post by airwoflsynology » Sun Oct 25, 2015 11:52 pm

Hi all,

Have been trying to get a separate instance of SSH running on a different port on my Synology (latest DSM) by using a separate configuration - it has different authentication requirements than the default Synology instance.

However, this has failed as Synology modified the open source version to make sure connections verify that the port it is running on is the same one set in the DSM UI (https://forum.synology.com/enu/viewtopi ... 9&t=105705).

So I tried to go about building my own copy. I have the iPkg bootstrap installed but the versions of headers and libraries are quite out of date so installed the 64 bit toolchain and built my own copies of ZLib, PAM, Perl and OpenSSL.

N.B. You have to build your own Perl installation with 64 bit support as the OpenSSL build process needs to generate large numbers and the 32 bit versions included with DSM and iPkg causes the build to fail.

OpenSSH at this point now builds but attempting to run ssh-keygen during installation causes a seg fault. Have attempted executing it without AppArmor enabled but still seg faults.

Clearly something has not worked as intended and haven't even tried the other commands because if ssh-keygen crashes, the likelihood that the other binaries being impacted / unstable is likely to be quite high.

Which leads to my question, has anyone successfully built their own OpenSSH binaries on a Synology? If you have, would you mind sharing the instructions.

Thanks!

P.

Post Reply

Return to “Security/Secured Mods”