Trying to build OpenSSH-2.1.0 on HP-UX 10.20

Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
Wed May 10 22:47:46 EST 2000


On Wed, May 10, 2000 at 12:29:13PM +0100, Andre Lucas wrote:
> That's one *hell* of a configure line :-)
I just prescribe what I want. Actually, it is a one-line script calling
configure that is saved the original source.
Whenever I think that I have to rebuild from source, I just unpack it
and call "sh /usr/local/Src/openssh/do_conf"...

> testing. I'm a bit surprised, though, because my OpenSSL is in
> /usr/local/ssl too and it works fine. Also, my initial HP patch
> specified remsh instead of rsh, seems that's been lost somewhere.
To be fair, I did not check the actual source code. I used the INSTALL
document, which states that it will search for 'rsh' and that I better
specify it:
...You may need to specify this option if rsh is not in your path or has a
different name.

> Thanks for the advice on switches for HP's ANSI compiler. I did the
> initial port to HP, but I won't pay for a UNIX compiler, just on
> principle :-)
I get it for the campus price. And when I pay 15,000$ for a workstation,
I can afford 800$ (old DM prices recalculated, not from any actual price
list) for the compiler suite and other goodies.

> 'Clobbered' is a harsh word for some overzealous entries in syslog, but
> if it bothers you greatly then change 'error' to 'debug' in lines 375
> and 389 of entropy.c. This will most likely change in the next release
> anyway, IMO.
No problem. I just fired the daemon up and had a look. Consider that
rlogin is not allowed at our site and telnet is only open "just in case
sshd dies" (which actually never happened to me), so everybody uses ssh.
I would have to increase the size of the /var partition :-)

> Again, if it bothers you unduly, add --with-entropy-timeout=20, or less
> depending on your machine speed, to your configure line. If it's of any
> use, a timeout of 10 is fine on my B132L+ at work. YMMV.
> 
> If you can't wait, use EGD.

See, I have ssh-1.2.x running for many years for now. I don't care for some
more months. Our computer center is at ssh-2.x, so having the new protocol
would be nice, but it can wait.

The startup problem _is_ significant. I don't know about your setup.
In my case all connections are done with ssh. Additionally, several
servers run Apache/Mod_SSL (might want to query EGD); all run
Postfix/TLS (will query) EGD.
So the risk of draining EGD and either get failures (because no entropy
is obtained) or hangs (because we have to wait for entropy) is a bit high.
I tend to push software via sdist (rdist over an ssh channel) to a lot
of machines at once :-)

Best regards,
	Lutz
-- 
Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153





More information about the openssh-unix-dev mailing list