Skip to content

Instantly share code, notes, and snippets.

@fumiyas

fumiyas/openssh-build-static.sh

Created October 4, 2017 09:20
Show Gist options
  • Save fumiyas/b4aaee83e113e061d1ee8ab95b35608b to your computer and use it in GitHub Desktop.
Save fumiyas/b4aaee83e113e061d1ee8ab95b35608b to your computer and use it in GitHub Desktop.
Download ZIP
Build OpenSSH with static linked zlib and OpenSSL libraries
Raw
openssh-build-static.sh
#!/bin/sh
set -u
set -e
umask 0077
prefix="/opt/openssh"
top="$(pwd)"
root="$top/root"
build="$top/build"
export CPPFLAGS="-I$root/include -L."
rm -rf "$root" "$build"
mkdir -p "$root" "$build"
gzip -dc dist/zlib-*.tar.gz |(cd "$build" && tar xf -)
cd "$build"/zlib-*
./configure --prefix="$root" --static
make
make install
cd "$top"
gzip -dc dist/openssl-*.tar.gz |(cd "$build" && tar xf -)
cd "$build"/openssl-*
./config --prefix="$root" no-shared
make
make install
cd "$top"
gzip -dc dist/openssh-*.tar.gz |(cd "$build" && tar xf -)
cd "$build"/openssh-*
cp -p "$root"/lib/*.a .
[ -f sshd_config.orig ] || cp -p sshd_config sshd_config.orig
sed \
-e 's/^#\(PubkeyAuthentication\) .*/\1 yes/' \
-e '/^# *Kerberos/d' \
-e '/^# *GSSAPI/d' \
-e 's/^#\([A-Za-z]*Authentication\) .*/\1 no/' \
sshd_config.orig \
>sshd_config \
;
./configure --prefix="$prefix" --with-privsep-user=nobody --with-privsep-path="$prefix/var/empty"
make
#make install
cd "$top"
@bronze1man
Copy link

@ngaro not working on ubuntu 2004 ZLIB_VERSION=1.3.1 OPENSSL_VERSION=3.4.0 OPENSSH_VERSION=V_9_9_P1

Building OpenSSH V_9_9_P1 failed
/usr/bin/ld: ./libssh.a(ssh-pkcs11.o): in function `pkcs11_register_provider':
ssh-pkcs11.c:(.text+0x4873): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: ./libssh.a(misc.o): in function `subprocess':
misc.c:(.text+0x7dc2): warning: Using 'initgroups' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: ./libssh.a(misc.o): in function `tilde_expand':
misc.c:(.text+0x2c73): warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: ssh.o: in function `main':
ssh.c:(.text+0x1cba): warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: ssh.o: in function `resolve_host':
ssh.c:(.text+0x48c): warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: /tmp/hgmSi/root/lib64/libcrypto.a(libcrypto-lib-bio_sock.o): in function `BIO_gethostbyname':
bio_sock.c:(.text+0x3ca): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: readconf.o: in function `default_ssh_port':
readconf.c:(.text+0xb0c): warning: Using 'getservbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: /tmp/hgmSi/root/lib64/libcrypto.a(libcrypto-lib-dso_dlfcn.o): in function `dlfcn_pathbyaddr':
dso_dlfcn.c:(.text+0x88b): undefined reference to `dladdr'
collect2: error: ld returned 1 exit status
make: *** [Makefile:215: ssh] Error 1
+ echo Building OpenSSH V_9_9_P1 failed
+ exit 1

@javaonekenobi
Copy link

Thanks a lot for your script, you saved my life :-) RHEL 9.5 native ssh breaks connecting to the ILO of an HP server, I had to recompile a statically linked more recent version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment