HPE Community
Operating System - HP-UX
1846602 Members
1754 Online
110256 Solutions
New Discussion

Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

 
SOLVED
Go to solution
Robert Binkhorst
Trusted Contributor

‎06-19-2003 02:12 AM

‎06-19-2003 02:12 AM

Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Hi,

I use the following software versions:
- gcc 3.1 (required for compiling openssl)
- autoconf 2.56
- automake 1.7.1
- tcp_wrappers 7.6
- zlib 1.1.4
- openssl 0.9.7b
- perl B.5.6.1.E

This is my configure command:
./configure --prefix=/opt/openssh-3.6.1p2 --sysconfdir=/etc/ssh --with-default-path="/usr/bin:/usr/sbin:/opt/openssh-3.6.1p2/bin" --with-ssl-dir=/opt/openssl-0.9.7b --without-ssh-agent1-compat --enable-X11-forwarding --with-pid-dir=/var/run --with-tcp-wrappers=/usr/local/include --enable-libgcc --with-privsep-user=ssh

When compiling OpenSSH I receive the following error during configure:
configure: error: *** -lxnet needed on HP-UX - check config.log ***

I found some documentation on that here: http://devrsrc1.external.hp.com/STKL/inhibitors.html
Apparently it has something to do with UNIX98 APIs, but the above document has me very confused..

Any help is greatly appreciated.
linux: the choice of a GNU generation
0 Kudos
Reply
19 REPLIES 19
Stefan Farrelly
Honored Contributor

‎06-19-2003 02:21 AM

‎06-19-2003 02:21 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Save yourself a lot of time and hassle - why dont you download the precompiled HP version of SSH from www.software.hp.com

It may not be based on the latest Openssh version, but its supported by HP. Even if you get yours to compile if you have problems youre on your own.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎06-19-2003 02:25 AM

‎06-19-2003 02:25 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

I've been thinking about that more and more. 2 reasons:
- Curiosity, what am I doing wrong.
- I want to create a package from this compile and add some extra files to this package.
linux: the choice of a GNU generation
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎06-19-2003 02:30 AM

‎06-19-2003 02:30 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Openssh 3.6p2 is brand new. Nobody even at HP has ported it yet to HP-UX. This is a specialist task and very difficult to do, in my opinion. Try downloading the source or precompiled Openssg 3.6.1p1 from the HP porting centre, this works fine;

http://hpux.cs.utah.edu/hppd/hpux/Networking/Admin/openssh-3.6.1p1/

Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎06-19-2003 02:35 AM

‎06-19-2003 02:35 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Thanks Stefan, I'll do that when nobody is able to help me.
linux: the choice of a GNU generation
0 Kudos
Reply
Ollie R
Respected Contributor

‎06-19-2003 03:10 AM

‎06-19-2003 03:10 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Hi Robert,

Looks like your system is missing the xnet libraries.

Can you check the following command:

swlist -l file | grep xnet

See if you get any lines starting with:

Streams.STREAMS-MIN

If you don't you need to swinstall the Streams fileset from your HP-UX distribution.

Hope this helps,

Ollie.
To err is human but to not award points is unforgivable
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎06-19-2003 04:11 AM

‎06-19-2003 04:11 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Hi Ollie,

Output from swlist:
Streams.STREAMS-MIN: /usr/lib/libxnet.1
Streams.STREAMS-MIN: /usr/lib/libxnet.2
Streams.STREAMS-MIN: /usr/lib/libxnet.sl

Thanks for your help.
linux: the choice of a GNU generation
0 Kudos
Reply
Tim Maletic
Valued Contributor

‎06-19-2003 05:05 AM

‎06-19-2003 05:05 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

For what it's worth, 3.6.1p2 built just fine on my 11.11 system. My xnet-related products:
user@server$ swlist -l product | grep -i stream
PHKL_24507 1.0 fix for data page fault in pstat_getstream()
PHNE_25083 1.0 Streams Pty cumulative patch
PHNE_27703 1.0 Cumulative STREAMS Patch
Streams B.11.11 HP-UX_Streams_Product
Streams-TIO B.11.11 HP-UX_Streams-TIO_Product
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎06-19-2003 05:08 AM

‎06-19-2003 05:08 AM

Solution

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Hi Robert,

after a few hours compiling I did manage to compile Openssh 3.6.1p2 successfully on 11.11

I ran the configure script by itself (no options). It worked fine. Then gmake;gmake install

I had 2 small problems;
1. tcp wrappers, it made librwap.a ok but not tcpd - unresolved symbol. But thats ok, didnt need tcpd.
2. compile error when making openssh, redefinition of ulimits (from gcc and a 2nd in openssh). I removed the openssh redeclaration and it compiled fine.

I used;
gcc 3.2
gmake 3.8
bison 1.875
tcp_wrappers 7.6
zlib 1.1.4
m-4 1.4
flex 2.5.4a
libiconv 1.9
openssl 0.9.7a
perl B.5.6.1.C (5.6.1.C - HPs implementation puts the B in front).

I downloaded all this from http://hpux.cs.utah.edu/

Hope this helps.

Cheers,

Stefan
Im from Palmerston North, New Zealand, but somehow ended up in London...
Reply
Steven E. Protter
Exalted Contributor

‎06-19-2003 05:31 AM

‎06-19-2003 05:31 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Get off the bleeding edge.

Download and swinstall this.

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA

Attaching a GREAT implementation doc.

Good Luck.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Tim Maletic
Valued Contributor

‎06-19-2003 05:54 AM

‎06-19-2003 05:54 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

I mispoke. It *configured* fine on my 11.11 system. It built fine after I tweaked openbsd-compat/bsd-misc.c and .h for the utimes redeclaration, as Stefan pointed out.

Note that HP still hasn't fixed getaddrinfo, so you may need to tweak config.h to undefine HAVE_FREEADDRINFO, HAVE_GETADDRINFO, and HAVE_GETNAMEINFO, between the configure and the make. See http://bugzilla.mindrot.org/show_bug.cgi?id=239.

Steven: yes, this is the bleeding edge. We didn't say we're running it in production. But on the other hand, how long did you have to wait for privilege separation (a year?) and real entropy (forever?) ?
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎06-19-2003 05:55 AM

‎06-19-2003 05:55 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Thanks for all your help guys!

I've got it to compile now, and all that was needed was a newer gcc version (gcc 3.2, same as Stefen's). I had that one installed, but downgraded to 3.1 to be able to compile openssl.

On a slightly related issue, do you know if the openssh version that HP uses supports the Kernel Random Number Generator patch provided by HP (KRNG11i_B.11.11.06_HP-UX_B.11.11_32+64.depot)
linux: the choice of a GNU generation
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎06-19-2003 06:35 AM

‎06-19-2003 06:35 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

This kernel patch does indeed look like it will help. It introduces /dev/random. Great! Only problem is it needs a reboot to install and then you will need to recompile openssh, and probably openssl.

Certainly recommended with openssh!

KRNG11i B.11.11.06 HP-UX 11.11 Strong Random Number Generator

(from www.software.hp.com)
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎06-19-2003 06:41 AM

‎06-19-2003 06:41 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

random number generator
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=KRNG11I

Making it easy.

This tool substantially improved my performance with secure shell.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎06-19-2003 06:56 AM

‎06-19-2003 06:56 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Steven, are you saying that the version of openssh provided by HP supports this patch and uses /dev/random?
linux: the choice of a GNU generation
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎06-19-2003 07:00 AM

‎06-19-2003 07:00 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

no, the current HP version has no dependency on this Kernel random generator patch - and its precompiled so I cant see it helping.

To get the benefit you would have to install the kernel patch then download and install openssl+openssh yourself.

Im sure HP will merge them together in future, but not yet.
Im from Palmerston North, New Zealand, but somehow ended up in London...
Reply
Robert Binkhorst
Trusted Contributor

‎06-19-2003 07:06 AM

‎06-19-2003 07:06 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Well, consider that my 3rd reason for compiling from source. :-)
linux: the choice of a GNU generation
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎06-19-2003 07:09 AM

‎06-19-2003 07:09 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

Its in the README.hp file for HP's SSH;

HP will provide support for /dev/random in HP-UX v11.23 (so the version of SSH from HP for HP-UX 11.23 will have /dev/random support builtin).
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Tim Maletic
Valued Contributor

‎06-19-2003 07:37 AM

‎06-19-2003 07:37 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

If you read http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA, you'll see this:
"Now available for HP-UX 11i version 1.0, HP's Strong Random Number Generator will improve the performance and security of HP-UX Secure Shell. The Strong Random Number Generator product provides a secure, non-reproducible source of true random numbers. HP-UX Secure Shell automatically detects and uses the Strong Random Number Generator if it is installed. Using the Strong Random Number Generator with HP-UX Secure Shell will significantly speed-up program initialization time and improve security because it generates a random number that cannot be influenced."

I take this to mean that their current HP-SSH supports their new /dev/random.

I've pondered about the relationship between entropy sources, openssl and openssh in this forum before. I now think that openssh will detect /dev/[u]random at run time. To test, just strace ssh and sshd to see if they open /dev/urandom.
0 Kudos
Reply
rick jones
Honored Contributor

‎06-20-2003 09:40 AM

‎06-20-2003 09:40 AM

Re: Problems compiling OpenSSH-3.6p2 on HP-UX 11.11

the bit about utimes has been discussed and resolved on the openssh mailing list - seems it comes down to a slight bug in the rev of autoconf used. so, configure ends-up thinking there is no utimes when there really is, still ends-up including sys/time.h, and then uses a declaration for utimes that does not match what HP-UX provides.

As for the use of /dev/random by the HP OpenSSH, one could try it and see. If the openssh does nto list the /dev/random patch(es) as a dependency, you could try tusc'ing an ssh command to see if you can see an attempt to open /dev/random. If no attempt to open or stat /dev/random, then likely as not, that binary will not try to use it even with the /dev/random patches installed.
there is no rest for the wicked yet the virtuous have no pillows
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.