Hi, after my last mail fell a bit on the negative side, I want to tell about my successful compiling ("porting" for some value of porting meaning really: "to hack into shape until it works somewhat") of openssh. ssh is an important milestone for me, because it gives me the ability to have the hurd run on another machine, accessing it remotely, without having parnoid fits every few minutes. So, here's the story for those interested: openssl is needed. Compiling this was not much of a problem. "apt-get source", pray it won't crash (see last mail), fix one invocation of "dpkg --print-architecture" in the debian/rules, copy the build-flags for debian-i386 to a new debian-hurd-i386 entry in "Configure", with the only difference being that -DTERMIOS replaces -DTERMIO. Build and install. libwrap0-dev is needed. It exists, but installing raises a problem: dpkg: regarding .../libwrap0-dev_7.6-5_hurd-i386.deb containing libwrap0-dev: libwrap0-dev conflicts with netbase (<< 3.16-1) inetutils provides netbase and is installed. dpkg: error processing /var/cache/apt/archives/libwrap0-dev_7.6-5_hurd-i386.deb (--install): conflicting packages - not installing libwrap0-dev Errors were encountered while processing: /var/cache/apt/archives/libwrap0-dev_7.6-5_hurd-i386.deb Hmm, a versioned conflict matching an unversioned provides. My Debian/Linux doesn't seem to have this problem. I did --force-conflicts. openssh itself needed several kludges: I replaced MAXHOSTNAME in a couple of files with a "enough for everyone" value. Evil, but at the time I lacked the docs to do it right. The build process does not support not building the gnome password requestor, so I had to fudge that. Of course, the resulting ssh-askpass-gnome deb will be broken ... While building/installing, the new ssh was called and wanted an already installed /etc/ssh/ssh_prng_conf. I satisfied that by prematurely copying the file over. I /think/ it just wants that to generate a new hostkey in "make install", which is completely useless anyway, so one could probably just prevent that. The aforementioned /etc/ssh/ssh_prng_conf is a new conffile, so I declared is as such. (It is not needed in the linux build, as linux has /dev/random.) pam is not used, so I took out the libpam-modules dependency. That's it. "it works for me" proof-of-concept binary packages (openssl and ssh) can be inspected at <URL:http://pluto.tuwien.ac.at/~robbe/debian/hurd/>. But they are neither signed, nor is the slightly modified source there, so if you use them for anything needing security, you're insane. I will start nagging the maintainers to include my changes, once I have evolved them from bad kludges to proper hacks. -- Robbe
Attachment:
signature.ng
Description: PGP signature