Category Archives: qnap

qnap TS-220 openssh build

Leave a reply

I have been using qnap TS-220. We can not login as user by the default openssh and ipkg openssh is too old. I tried to compile openssh for qnap with a ARM CPU. I used the following code:

#!/bin/sh
## install Optware QPKG and required packages
#ipkg install gcc make perl sed gawk tar gzip bzip2 zlib mktemp
#export PATH=/opt/bin:/opt/sbin:$PATH

## grab the source
wget --no-check-certificate https://www.openssl.org/source/openssl-1.0.2a.tar.gz # < heartbleed free
wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.8p1.tar.gz
wget --no-check-certificate http://linux-pam.org/library/Linux-PAM-1.2.0.tar.bz2

## make temporary dir for dependencies (libpam headers and openssl)
## openssl will be compiled statically so you can remove this directory afterwards
DEPDIR=`pwd`/dist
mkdir -p $DEPDIR/usr/include

## we need only the PAM headers, we use QNAP's libpam.so
tar xjf Linux-PAM-1.2.0.tar.bz2
ln -s libpam.so.0 /lib/libpam.so
cp -r Linux-PAM-1.2.0/libpam/include/security/ $DEPDIR/usr/include || exit

## install openssl to DEPDIR
tar xzf openssl-1.0.2a.tar.gz
pushd openssl-1.0.2a
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib zlib no-asm linux-armv4 "-Wa,--noexecstack" || exit
make depend || exit
make || exit
make INSTALL_PREFIX=$DEPDIR MANDIR=/usr/share/man MANSUFFIX=ssl install || exit
popd

## build openssh
tar xzf openssh-6.8p1.tar.gz
pushd openssh-6.8p1
./configure --build=arm --prefix=/opt/openssh-6.8p1 --sysconfdir=/opt/etc/openssh\
 --with-ssl-engine --with-pam --with-md5-passwords --with-pid-dir=/opt/var/run\
 --with-ldflags=-L$DEPDIR/usr/lib --with-cflags=-I$DEPDIR/usr/include
make || exit
popd

## optionally install whole ssh to some dir
## or just copy sshd binary
#cp openssh-6.6p1/sshd ~
make install || exit
 
## optionally cleanup
#rm -fr Linux-PAM-1.2.0* openssh-6.8p1* openssl-1.0.2a* $DEPDIR

 Next, I made /opt/etc/init.d/S42sshd:

#!/bin/sh                                                     
                                              
if [ -f /opt/var/run/sshd.pid ] ; then
  kill `cat /opt/var/run/sshd.pid`    
else                                     
  killall /opt/openssh-6.8p1/sbin/sshd   
fi                                       
                                         
rm -f /opt/var/run/sshd.pid             
                                        
umask 077                                
                           
/opt/sbin/sshd

Finally, I added the following to /share/MD0_DATA/.qpkg/autorun/autorun.sh:

#!/bin/sh
/opt/etc/init.d/S42sshd start

 Ref: http://forum.qnap.com/viewtopic.php?f=11&t=97501 (NON ARM version)