Pre-requisites ============== I recommend using QEMU or a Development box (if you are lucky enough to have one / work in a company). You will need to run the following to be run: apt-get update apt-get install libc6-dev apt-get install gcc apt-get install make apt-get install autoconf apt-get install autoconf-archive apt-get install autobook apt-get install automake apt-get install libtool apt-get install flex apt-get install bison apt-get install gdb apt-get install libtag1-dev apt-get install uuid-dev apt-get install libpam-modules apt-get install libpam0g apt-get install libpam0g-dev apt-get install libpam-modules apt-get install libpam-runtime apt-get install libssl0.9.8 apt-get install zlibc apt-get install zlib1g apt-get install zlib1g-dev Compiling and installing OpenSSH 5.2 ==================================== N.B. I run configure without the zlib check - try it removed first if you have a newer RAIDiator version than 4.1.6 as it may have been upgrade. ./configure --prefix=/opt/openssh-5.2 --exec-prefix=/opt/openssh-5.2 --with-pam --with-mantype=man --without-zlib-version-check --with-privsep-path=/opt/openssh-5.2/var/run/sshd --with-default-path=/usr/bin:/bin:/usr/local/bin:/usr/sbin:/sbin:/usr/local/sbin --with-pid-dir=/var/run make make install rm /opt/openssh-5.2/etc/ssh_host*key* Edit /opt/openssh-5.2/etc/sshd_config and: * Change HostKey lines from /opt/openssh-5.2/etc to /etc/ssh * Change PermitRootLogin to no and uncomment * Change UsePAM to yes and uncomment * The SFTP subsystem path to be /usr/local/libexec instead of the full path in /opt * Add AcceptEnv LANG LC_* Edit /opt/openssh-5.2/etc/ssh_config and: * Add UserKnownHostsFile ~/.ssh/known_hosts tar cvpPzf /tmp/openssh-5.2-readynas_sparc.tar.gz /opt/openssh-5.2 Create a new addon using the addon-sdk instructions at http://www.readynas.com/?p=346. Make sure you state in the description that the ToggleSSH addon must be installed first (you can use HTML in the description). Place the above tarball in the files directory for the new addon. If you are using these steps to re-create an addon for another ReadyNAS platform, make sure you review the installed files in the openssh-client and openssh-server packages (dpkg -L ) - note, not all files listed in the package may be installed - review them!. Now edit the install and uninstall steps below based upon whether additional ssh files are present within the default install so the correct ones are backed up / restored by the scripts. Edit the install.sh script for the addon: * include the installation script from below (except for the #!/bin/bash and self clean up of the install script at the end) within the addon specific actions. * change the tar at the beginning to remove /tmp/ so it untars from the root directory. * remove the 'set run time' pieces from the addon specific code. Edit the remove.sh script for the addon: * include the uninstallation script from below (except for the #!/bin/bash) Edit running.sh script for the addon: * Copy the ps -ef IF statement and hash out one of them. * Replace the grep in the ps -ef with just "sshd" (quotes included) Edit start.sh script for the addon: * Hash out the start-stop-daemon line * Add "/etc/init.d/ssh start" (without the quotes) to this file. Edit stop.sh script for the addon: * Hash out the start-stop-daemon line * Add "/etc/init.d/ssh stop" (without the quotes) to this file. Edit _HANDLER.pl for the addon: * Remove the run time pieces of code from sub Show__SPARC_xml and sub Modify__SPARC_xml * The $SPOOL variable in sub Modify__SPARC_xml should now be: $SPOOL .= " "; Edit .html for the addon: * Remove the HTML for the INPUT field and INPUT text box for the run time. * Replace it with release date information if you like. Edit the languages files to remove the run time prompt information. These are in /language/ Build the addon. Stuff to go in the Addon (Install) ================================== #!/bin/bash echo "Unpacking OpenSSH 5.2..." cd / tar xvzf /tmp/openssh-5.2-readynas_sparc.tar.gz echo "Softlinking /opt/openssh to /opt/openssh-5.2..." if [ -h "/opt/openssh" ] || [ -d "/opt/openssh" ] then rm -rf /opt/openssh fi ln -s /opt/openssh-5.2 /opt/openssh echo "Creating directories under /usr/local if not present..." if [ ! -d "/usr/local" ] then mkdir /usr/local fi if [ ! -d "/usr/local/libexec" ] then mkdir /usr/local/libexec fi if [ ! -d "/usr/local/sbin" ] then mkdir /usr/local/sbin fi if [ ! -d "/usr/local/bin" ] then mkdir /usr/local/bin fi if [ ! -d "/usr/local/share" ] then mkdir /usr/local/share fi if [ ! -d "/usr/local/share/man" ] then mkdir /usr/local/share/man fi if [ ! -d "/usr/local/share/man/man1" ] then mkdir /usr/local/share/man/man1 fi if [ ! -d "/usr/local/share/man/man5" ] then mkdir /usr/local/share/man/man5 fi if [ ! -d "/usr/local/share/man/man8" ] then mkdir /usr/local/share/man/man8 fi echo "Softlinking /usr/local to /opt/openssh directories..." ln -s /opt/openssh/libexec/* /usr/local/libexec ln -s /opt/openssh/sbin/* /usr/local/sbin ln -s /opt/openssh/bin/* /usr/local/bin ln -s /opt/openssh/share/man/man1/* /usr/local/share/man/man1 ln -s /opt/openssh/share/man/man5/* /usr/local/share/man/man5 ln -s /opt/openssh/share/man/man8/* /usr/local/share/man/man8 ln -s /opt/openssh/share/Ssh.bin /usr/local/share echo "Stopping currently running sshd..." /etc/init.d/ssh stop echo "Backing up existing configs to /etc/ssh.default..." if [ -d "/etc/ssh.default" ] then mv /etc/ssh.default /etc/ssh.default.`date +%Y%m%d%H%M%S` fi cp -pR /etc/ssh /etc/ssh.default echo "Backing up /var/run state..." if [ -f "/var/run/sshd.pid" ] then if [ -f "/var/run/ssh.pid.default" ] then mv /var/run/ssh.pid.default /var/run/ssh.pid.default.`date +%Y%m%d%H%M%S` fi mv /var/run/sshd.pid /var/run/sshd.pid.default fi if [ -d "/var/run/sshd" ] then if [ -d "/var/run/ssh.default" ] then mv /var/run/ssh.default /var/run/ssh.default.`date +%Y%m%d%H%M%S` fi mv /var/run/sshd /var/run/sshd.default fi echo "Softlinking privilege separation directory to /opt/openssh/var/run/sshd..." ln -s /opt/openssh/var/run/sshd /var/run echo "Generating new keys (will take a while)..." if [ ! -f "/opt/openssh/etc/ssh_host_key" ] then /opt/openssh/bin/ssh-keygen -t rsa1 -f /opt/openssh/etc/ssh_host_key -N "" fi if [ ! -f "/opt/openssh/etc/ssh_host_dsa_key" ] then /opt/openssh/bin/ssh-keygen -t dsa -f /opt/openssh/etc/ssh_host_dsa_key -N "" fi if [ ! -f "/opt/openssh/etc/ssh_host_rsa_key" ] then /opt/openssh/bin/ssh-keygen -t rsa -f /opt/openssh/etc/ssh_host_rsa_key -N "" fi echo "Moving the config files to /etc/ssh and softlinking /opt/openssh/etc back to it..." mv /opt/openssh/etc/pam.sshd /etc/pam.d/sshd cp -p /opt/openssh/etc/* /etc/ssh cp -pR /opt/openssh/etc /opt/openssh/etc.install cp -p /etc/pam.d/sshd /opt/openssh/etc.install/pam.sshd rm -rf /opt/openssh/etc ln -s /etc/ssh /opt/openssh/etc echo "Backing up INIT script to /etc/init.d/ssh.default" echo "and changing existing one to start from /usr/local..." cp /etc/init.d/ssh /tmp/ssh.init if [ -f "/etc/init.d/ssh.default" ] then mv /etc/init.d/ssh.default /etc/init.d/ssh.default.`date +%Y%m%d%H%M%S` fi cp /etc/init.d/ssh /etc/init.d/ssh.default cat /tmp/ssh.init | sed -e 's/\/usr\/sbin\/sshd/\/usr\/local\/sbin\/sshd/g' > /tmp/ssh.init2 mv /tmp/ssh.init2 /etc/init.d/ssh rm /tmp/ssh.init chmod 755 /etc/init.d/ssh cp -p /etc/init.d/ssh /etc/init.d/ssh.5_2install echo "Backing up Netgear's default SSH files..." if [ -f "/opt/openssh-readynas_default.tar.gz" ] then mv /opt/openssh-readynas_default.tar.gz /opt/openssh-readynas_default.tar.gz.bak.`date +%Y%m%d%H%M%S` fi tar cvpPzf /opt/openssh-readynas_default.tar.gz /usr/lib/openssh /usr/lib/sftp-server /usr/bin/ssh-keygen /usr/bin/ssh /usr/bin/ssh-agent /usr/bin/scp /usr/bin/slogin /usr/sbin/sshd echo "Removing Netgear's default SSH files to avoid any conflicts..." rm /usr/lib/sftp-server /usr/bin/ssh-keygen /usr/bin/ssh /usr/bin/ssh-agent /usr/bin/scp /usr/bin/slogin /usr/sbin/sshd rm -rf /usr/lib/openssh echo "Updating /dev/tty permissions so you can SSH, SCP and SFTP from the ReadyNAS..." chmod 666 /dev/tty echo "Creating symlinks from /usr/local into /usr because the startup process doesn't use INIT scripts :(..." ln -s /usr/local/bin/scp /usr/bin ln -s /usr/local/bin/sftp /usr/bin ln -s /usr/local/bin/slogin /usr/bin ln -s /usr/local/bin/ssh /usr/bin ln -s /usr/local/bin/ssh-add /usr/bin ln -s /usr/local/bin/ssh-agent /usr/bin ln -s /usr/local/bin/ssh-keygen /usr/bin ln -s /usr/local/bin/ssh-keyscan /usr/bin ln -s /usr/local/sbin/sshd /usr/sbin ln -s /usr/local/libexec/sftp-server /usr/lib ln -s /usr/local/libexec/ssh-keysign /usr/lib if [ ! -d "/usr/lib/openssh" ] then mkdir /usr/lib/openssh fi ln -s /usr/lib/sftp-server /usr/lib/openssh ln -s /usr/local/share/Ssh.bin /usr/share ln -s /usr/local/share/man/man1/scp.1 /usr/share/man/man1 ln -s /usr/local/share/man/man1/sftp.1 /usr/share/man/man1 ln -s /usr/local/share/man/man1/slogin.1 /usr/share/man/man1 ln -s /usr/local/share/man/man1/ssh.1 /usr/share/man/man1 ln -s /usr/local/share/man/man1/ssh-add.1 /usr/share/man/man1 ln -s /usr/local/share/man/man1/ssh-agent.1 /usr/share/man/man1 ln -s /usr/local/share/man/man1/ssh-keygen.1 /usr/share/man/man1 ln -s /usr/local/share/man/man1/ssh-keyscan.1 /usr/share/man/man1 ln -s /usr/local/share/man/man5/moduli.5 /usr/share/man/man5 ln -s /usr/local/share/man/man5/ssh_config.5 /usr/share/man/man5 ln -s /usr/local/share/man/man5/sshd_config.5 /usr/share/man/man5 ln -s /usr/local/share/man/man8/sftp-server.8 /usr/share/man/man8 ln -s /usr/local/share/man/man8/sshd.8 /usr/share/man/man8 ln -s /usr/local/share/man/man8/ssh-keysign.8 /usr/share/man/man8 if grep -q "^SSH=1" /etc/default/services then echo "Starting new OpenSSH daemon..." /etc/init.d/ssh start fi echo "Cleaning up install files..." rm /tmp/openssh-5.2-readynas_sparc.tar.gz rm /tmp/install-openssh.sh Stuff to go in the Addon (Uninstall) ==================================== #!/bin/bash echo "Checking for backup files to restore..." if [ ! -f "/opt/openssh-readynas_default.tar.gz" ] then echo "ERROR! Backup of default SSH files is not present. Exiting..." exit 1 fi if [ ! -f "/etc/init.d/ssh.default" ] then echo "ERROR! Backup of INIT script is not present. Exiting..." exit 1 fi if [ ! -d "/var/run/sshd.default" ] then echo "ERROR! Backup of /var/run/sshd not present. Exiting..." exit 1 fi if [ ! -d "/etc/ssh.default" ] then echo "ERROR! Backup of /etc/ssh not present. Exiting..." exit 1 fi if [ ! -f "/etc/ssh.default/sshd_config" ] then echo "ERROR! Backup of /etc/ssh/sshd_config not present. Exiting..." exit 1 fi echo "Uninstalling OpenSSH 5.2..." cd / echo "Stopping new OpenSSH daemon..." /etc/init.d/ssh stop echo "Removing new OpenSSH install..." rm -rf /opt/openssh-5.2 if [ -f "/var/run/sshd.pid" ] then rm -f /var/run/sshd.pid fi rm -f /etc/pam.d/sshd rm -f /etc/init.d/ssh.5_2install cp -pR /etc/ssh /etc/ssh.5_2uninstall rm -rf /etc/ssh echo "Removing created softlinks..." rm -f /opt/openssh rm -f /var/run/sshd rm -f /usr/local/bin/scp /usr/bin/scp rm -f /usr/local/bin/sftp /usr/bin/sftp rm -f /usr/local/bin/slogin /usr/bin/slogin rm -f /usr/local/bin/ssh /usr/bin/ssh rm -f /usr/local/bin/ssh-add /usr/bin/ssh-add rm -f /usr/local/bin/ssh-agent /usr/bin/ssh-agent rm -f /usr/local/bin/ssh-keygen /usr/bin/ssh-keygen rm -f /usr/local/bin/ssh-keyscan /usr/bin/ssh-keyscan rm -f /usr/local/sbin/sshd /usr/sbin/sshd rm -f /usr/local/libexec/sftp-server /usr/lib/sftp-server rm -f /usr/local/libexec/ssh-keysign /usr/lib/ssh-keysign if [ -d "/usr/lib/openssh" ] then rm -rf /usr/lib/openssh fi rm -f /usr/local/share/Ssh.bin /usr/share/Ssh.bin rm -f /usr/local/share/man/man1/scp.1 /usr/share/man/man1/scp.1 rm -f /usr/local/share/man/man1/sftp.1 /usr/share/man/man1/sftp.1 rm -f /usr/local/share/man/man1/slogin.1 /usr/share/man/man1/slogin.1 rm -f /usr/local/share/man/man1/ssh.1 /usr/share/man/man1/ssh.1 rm -f /usr/local/share/man/man1/ssh-add.1 /usr/share/man/man1/ssh-add.1 rm -f /usr/local/share/man/man1/ssh-agent.1 /usr/share/man/man1/ssh-agent.1 rm -f /usr/local/share/man/man1/ssh-keygen.1 /usr/share/man/man1/ssh-keygen.1 rm -f /usr/local/share/man/man1/ssh-keyscan.1 /usr/share/man/man1/ssh-keyscan.1 rm -f /usr/local/share/man/man5/moduli.5 /usr/share/man/man5/moduli.5 rm -f /usr/local/share/man/man5/ssh_config.5 /usr/share/man/man5/ssh_config.5 rm -f /usr/local/share/man/man5/sshd_config.5 /usr/share/man/man5/sshd_config.5 rm -f /usr/local/share/man/man8/sftp-server.8 /usr/share/man/man8/sftp-server.8 rm -f /usr/local/share/man/man8/sshd.8 /usr/share/man/man8/sshd.8 rm -f /usr/local/share/man/man8/ssh-keysign.8 /usr/share/man/man8/ssh-keysign.8 echo "Unpacking ReadyNAS default copy of OpenSSH from backup..." tar xvzf /opt/openssh-readynas_default.tar.gz echo "Restoring default INIT script..." mv /etc/init.d/ssh.default /etc/init.d/ssh echo "Restoring default /etc/ssh directory..." mv /etc/ssh.default /etc/ssh echo "Restoring default /var/run/sshd directory..." mv /var/run/sshd.default /var/run/sshd #if [ ! -f "/etc/ssh/ssh_host_key" ] #then # echo "No host key found - generating new one (will take a while)..." # /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N "" #fi #if [ ! -f "/etc/ssh/ssh_host_dsa_key" ] #then # echo "No DSA host key found - generating new one (will take a while)..." # /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N "" #fi if [ ! -f "/etc/ssh/ssh_host_rsa_key" ] then echo "No RSA host key found - generating new one (will take a while)..." /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" fi # Leave /usr/local directories created - no harm in leaving them plus might contain other apps data echo "Removing backed up default SSH install..." rm -f /opt/openssh-readynas_default.tar.gz if grep -q "^SSH=1" /etc/default/services then echo "Starting old OpenSSH daemon..." /etc/init.d/ssh start fi