Trying to build OpenSSH-2.1.0 on HP-UX 10.20

Andre Lucas andre.lucas at dial.pipex.com
Wed May 10 21:29:13 EST 2000 

That's one *hell* of a configure line :-)

I'll look at the SSL configure issues later. I sent Damien some autoconf
caching changes a few days ago, looks like I missed something in
testing. I'm a bit surprised, though, because my OpenSSL is in
/usr/local/ssl too and it works fine. Also, my initial HP patch
specified remsh instead of rsh, seems that's been lost somewhere.

Thanks for the advice on switches for HP's ANSI compiler. I did the
initial port to HP, but I won't pay for a UNIX compiler, just on
principle :-)

As stated on the web site, the entropy gatherer needs testing.
'Clobbered' is a harsh word for some overzealous entries in syslog, but
if it bothers you greatly then change 'error' to 'debug' in lines 375
and 389 of entropy.c. This will most likely change in the next release
anyway, IMO.

The builtin PRNG timeout is set quite high by default, if it's not then
slower machines time out too many commands, and the whole app fails (it
actually reports 'no RSA support', though all it really means is that
OpenSSL's PRNG isn't ready.) A better solution is to 'know' which
commands are slow, and never try them - it will happen, probably quite
soon, as it annoys me too.

Again, if it bothers you unduly, add --with-entropy-timeout=20, or less
depending on your machine speed, to your configure line. If it's of any
use, a timeout of 10 is fine on my B132L+ at work. YMMV.

If you can't wait, use EGD.

Ta,
-Andre'

Lutz Jaenicke wrote:
> 
> Hi,
> 
> I just tried building of OpenSSH-2.1.0 on HP-UX 10.20 and found the following
> items:
> 
> - The configure command I used at the beginning:
> CC=cc CFLAGS="-Ae +O2 +DAportable" CPPFLAGS="-I/usr/local/include -I/usr/local/s
> sl/include -I/usr/include/X11R6" LDFLAGS="-L/usr/local/lib -L/usr/local/ssl/lib
> -L/usr/lib/X11R6" ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh
> --with-rsh=/usr/local/lib/rsh/remsh --with-tcp-wrappers --with-pid-dir=/var/run
> --with-xauth=/usr/bin/X11/xauth --with-ssl-dir=/usr/local/ssl
> 
> - Regardless if specified via "--with-ssl-dir" or not, /usr/local/ssl/include
>   is not searched for include files.
>   From config.log:
>   ...
> configure:2003: checking for OpenSSL directory
> configure:2051: cc -o conftest -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/loc
> al/include -I/usr/local/include -I/usr/local/ssl/include -I/usr/include/X11R6 -L
> /usr/local/lib -L/usr/local/ssl/lib -L/usr/lib/X11R6 -L/usr/local/lib conftest.c
>  -lz  -lcrypto 1>&5
> cc: "configure", line 2046: warning 604: Pointers are not assignment-compatible.
> cc: "configure", line 2046: warning 563: Argument #2 is not the correct type.
> cc: "configure", line 2046: warning 604: Pointers are not assignment-compatible.
> cc: "configure", line 2046: warning 563: Argument #3 is not the correct type.
>   ...
> 
>   [This is why I added /usr/local/ssl/include to CPPFLAGS]
> 
> - Unlike typical "configure" operations, flags passed as CPPFLAGS are ignored
>   during the actual build process.
> cc -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/local/include -DETCDIR=\"/etc/ssh\" -DSSH_PROGRAM=\"/usr/local/openssh/bin/ssh\" -DSSH_ASKPASS_DEFAULT=\"/usr/local/openssh/libexec/ssh/ssh-askpass\" -DHAVE_CONFIG_H   -c -o bsd-misc.o bsd-misc.c
> cpp: "rsa.h", line 21: error 4036: Can't open include file 'openssl/bn.h'.
> cpp: "rsa.h", line 22: error 4036: Can't open include file 'openssl/rsa.h'.
> cpp: "cipher.h", line 19: error 4036: Can't open include file 'openssl/des.h'.
> cpp: "cipher.h", line 20: error 4036: Can't open include file 'openssl/blowfish.h'.
> cpp: "cipher.h", line 21: error 4036: Can't open include file 'openssl/rc4.h'.
> cpp: "cipher.h", line 22: error 4036: Can't open include file 'openssl/cast.h'.
> cpp: "bsd-misc.c", line 50: error 4036: Can't open include file 'openssl/rand.h'.
>   -> workaround: move CPPFLAGS into CFLAGS
> 
> - The "-Aa -D_HPUX_SOURCE" hardcoded does not efficiently use the HP-UX
>   environment. "-Ae" does include the above flags _and_ "+e" for 64bit
>   long long support (as the -Aa overrides the CFLAGS given):
> configure:2267: checking size of long long int
> configure:2286: cc -o conftest -Ae +O2 +DAportable -Aa -D_HPUX_SOURCE -I/usr/local/include -I/usr/local/include -I/usr/local/ssl/include -I/usr/include/X11R6 -L/usr/local/lib -L/usr/local/ssl/lib -L/usr/lib/X11R6 -L/usr/local/lib conftest.c -lz  -lcrypto 1>&5
> cc: "configure", line 2281: error 1681: Must use +e or -Ae for long long in ANSI
>  mode.
> configure: failed program was:
> ...
> 
> - The documentation says:
>   --with-pid-dir=PATH specifies the directory in which the ssh.pid file is
>   created.
>   * ssh.pid != sshd.pid perfect, it won't interfere with my running
>     ssh-1.2.27 :-)
>   * At the end of the compilation:
>     -D/var/run/sshd.pid=/var/run/sshd.pid
>     Ok, lets reconfigure it to another path :-(
> 
> - make install gives:
> /opt/imake/bin/install -c -d /usr/local/openssh/bin
> rm: /usr/local/openssh/bin/ directory
> cp: illegal option -- d
> Usage:  cp [-f|-i] [-p] [-S] [-e warn|force|ignore] source_file target_file
>         cp [-f|-i] [-p] [-S] [-e warn|force|ignore] source_file ... target_directory
>         cp [-f|-i] [-p] [-S] -R|-r [-e warn|force|ignore] source_directory ... target_directory
> ...
> 
> - The INSTALL document (and probably others) have not yet fully integrated
>   ssh2 support.
> 
> - First tests:
>   openssh client -> ssh-1.2.27 server: works
>   openssh client -> openssh-server [Proto 1]: works, but without X-forwarding
>                     even though configured with "X11Forwarding yes"
>                     [have not looked into it as of now]
>   openssh client -> openssh-server [Proto 2]: does not work.
> 
> serv01 111: /usr/local/openssh/bin/ssh -2 -p 24 serv01
> PRNG seedfile /home/aet/serv01/jaenicke/.ssh/prng_seed must be mode 0600, owned by uid 11019
> serv01 112: ls -al ~/.ssh/prng_seed
> -rw-------   1 jaenicke   aet           1024 May 10 11:26 /home/aet/serv01/jaenicke/.ssh/prng_seed
>                      [my $HOME and $HOME/.ssh are 700, too]
>                      [Also no debugging until now]
> 
> - Please note, that the internal PRNG is a problem:
>   * Startup takes quite a long time when calling an ssh client.
>     [The server startup is also slow, but it does not happen too often]
>   * The sshd server clobbers my syslog.log:
> 
> May 10 11:23:41 serv01 sshd[27220]: Server listening on 0.0.0.0 port 24.
> May 10 11:23:41 serv01 sshd[27220]: Generating 768 bit RSA key.
> May 10 11:23:49 serv01 sshd[27220]: RSA key generation complete.
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ls -alni': select() failed: Interrupted system call
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/netstat -an': select() failed: Interrupted system call
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -an' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -in' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -rn' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/netstat -s': select() failed: Interrupted system call
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -s' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ps -al': select() failed: Interrupted system call
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -al' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/ps -efl': select() failed: Interrupted system call
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -efl' completion: No child processes
> May 10 11:23:51 serv01 sshd[27220]: error: Command '/usr/bin/w ': select() failed: Interrupted system call
> May 10 11:23:51 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/w ' completion: No child processes
> May 10 11:23:52 serv01 sshd[27220]: error: Command '/usr/bin/last ': select() failed: Interrupted system call
> May 10 11:23:52 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/last ' completion: No child processes
> May 10 11:23:53 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df ' completion: Interrupted system call
> May 10 11:23:53 serv01 sshd[27394]: Accepted password for jaenicke from 141.43.132.161 port 989
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df -i' completion: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/vmstat ': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/vmstat ' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/uptime ' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ipcs -a': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ipcs -a' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/tail -200': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/tail -200': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ls -alni': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ls -alni' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -an': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -an' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -in': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -in' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -rn': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -rn' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/netstat -s': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/netstat -s' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ps -al': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -al' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Command '/usr/bin/ps -efl': select() failed: Interrupted system call
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ps -efl' completion: No child processes
> May 10 11:23:54 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/w ' completion: No child processes
> May 10 11:23:56 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/last ' completion: Interrupted system call
> May 10 11:23:56 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df ' completion: Interrupted system call
> May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/df -i' completion: Interrupted system call
> May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/vmstat ' completion: No child processes
> May 10 11:23:57 serv01 sshd[27220]: error: Command '/usr/bin/uptime ': select() failed: Interrupted system call
> May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/uptime ' completion: No child processes
> May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/ipcs -a' completion: No child processes
> May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes
> May 10 11:23:57 serv01 sshd[27220]: error: Command '/usr/bin/tail -200': select() failed: Interrupted system call
> May 10 11:23:57 serv01 sshd[27220]: error: Couldn't wait for child '/usr/bin/tail -200' completion: No child processes
> 
> ...
> 
> Puh, so much for my first experiences. Seems I will stay with sshd-1.2.27
> for some more time while trying to track all of these items down...
> 
> Best regards,
>         Lutz
> --
> Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
> BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
> Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153

More information about the openssh-unix-dev mailing list