Skip to content
/ openssh-deb Public

A script to backport openssh deb package, using Debian sid sources.

35 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

boypt/openssh-deb

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

60 Commits
builddep
builddep
 
 
docker
docker
 
 
output
output
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
compile.sh
compile.sh
 
 
pullsrc.sh
pullsrc.sh
 
 
version.env
version.env
 
 

Repository files navigation

Backport OpenSSH for Debian / Ubuntu distros.

A simple script to build backport openssh deb, using Debian sid sources.

Similar Project: Backport OpenSSH RPM for CentOS

Current Version:

Package version are defined in version.env file.

  • OpenSSH 9.8p1
  • OpenSSL 3.0.15

Supported (tested) Distro:

  • Ubuntu 24.04
  • Ubuntu 22.04
  • Ubuntu 20.04
  • Debian 13/trixie
  • Debian 12/bookworm
  • Debian 11/bullseye
  • UnionTech OS Desktop 20 Home (Debian GLIBC 2.28.21-1+deepin-1)
  • Kylin V10 SP1 (Ubuntu GLIBC 2.31-0kylin9.2k0.1)

Direct Build

# Install Dependencies
sudo apt install pkgconf build-essential fakeroot \
    dpkg-dev debhelper debhelper-compat dh-exec dh-runit \
    libkrb5-dev libpam0g-dev libwrap0-dev \
    libaudit-dev libedit-dev libfido2-dev \
    libgtk-3-dev libselinux1-dev libsystemd-dev \
    libcbor-dev

# pull source
./pullsrc.sh

# direct build
./compile.sh

Docker Build

Build without installing a bunch of dev packages, also for a different distro by changing build-arg.

# pull source from debian sid
./pullsrc.sh

# build a docker image that fits your target system.
docker build \
    -t opensshbuild \
    --build-arg DISTRO=ubuntu \
    --build-arg DISTVER=22.04 \
    --build-arg APT_MIRROR=ftp.us.debian.org \
    -f ./docker/Dockerfile \
    .

# run the build process
docker run --rm -v $PWD/output:/data/output opensshbuild

# clean up docker image
docker image rm opensshbuild
docker builder prune

Install DEBs

Generated DEBs are right under the output directory. (either direct build or docker build).

ls -l output/*.deb

# Ignore dbgsym and tests
find output -maxdepth 1 ! -name '*dbgsym*' ! -name '*tests*' -name '*.deb' | xargs sudo apt install -y

NOTES

Known issues

sshd-session issue

If installing backported openssh 9.8+ on older distros, some other programs may face problems while interacting with the openssh service. Since openssh-9.8, the subprocess name have changed from sshd to sshd-session.

Known programs with issue:

  • fail2ban
  • sshguard

Make sure to upgrade or reconfigure them to meet the latest changes.

fail2ban

change in filter.d/sshd.conf:

_daemon = sshd

into

_daemon = sshd(?:-session)?

Compile Issues

some extra steps are needed to install on these special distros.

UnionTech OS Desktop 20 Home (Debian GLIBC 2.28.21-1+deepin-1)
  1. Exclude libfido2-dev from the build Dependencies intall command, it's not available.
  2. Install following packages from debian/bullseye.
Kylin V10 SP1 (Ubuntu GLIBC 2.31-0kylin9.2k0.1)

Run ./compile.sh from the desktop Terminal(mate-terminal). During install the builddep/*.deb, a kysec_auth dialog would pop up asking for installing permissions. Manual click on the permit button is needed.

If running in a ssh session, the compile script would fail without permissions.

About

A script to backport openssh deb package, using Debian sid sources.

Topics

linux debian openssl openssh

Resources

Readme
Activity

Stars

35 stars

Watchers

2 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages