I'm trying to get OpenSSH 2.5.2p2 to run on HP-UX 9.05. I've had some
decent results, but I'm also seeing some problems.
I'm using the EGD (I configured with --with-prngd-socket=/tmp/entropy).
* Compiling required some changes, which I've attached. Two of the
changes are "hackish", and not at all suited to inclusion in the
source tree, but they might point someone in the right direction for a
more robust solution. The seteuid() "hack" isn't too bad,
though the
comments are a bit excessive.
(Upshot: HP-UX 9.05 has setuid() and setresuid() but not seteuid() or
setreuid(); RLIMIT_CORE is only defined if _KERNEL is defined (it's
labeled "unsupported BSD stuff" in <sys/resource.h>); and the
"#ifdef __hpux" stuff in auth-passwd.c doesn't work on 9.05.
Ugh.)
* "ssh localhost command" works just fine, as does "ssh
remotehost command".
* "ssh remotehost" works just fine (the remote host is running
ssh.com's
sshd2 on Linux).
* "ssh localhost" (no command) works fine *until* I try to logout.
When
I press Ctrl-D, the ssh client "hangs". I've read the FAQ, and
no,
I'm *not* running background jobs. "shopt -s huponexit" had no
effect.
In order to get control back in the terminal that ran "ssh
localhost",
I have to kill the ssh process from another window.
* If I connect to the HP-UX sshd using Putty on a Win32 box, the terminal
doesn't act correctly. Symptoms:
+ \n -> CRLF translation is not being performed; the MOTD "stair
steps".
I can work around this by running "stty sane".
+ Commands that I type are not echoed on the screen (and their output
"stair steps", as above). I can work around this one by running
"stty echo".
+ When I logout, Putty does not terminate -- I get the same "hang"
problem that I have when I use "ssh localhost". Workaround for
this
is to close the Putty window (click the [X]).
(For what it's worth, if I connect to the same HP-UX system using
Putty's
telnet client, from the very same Win32 box, I don't have any of these
problems.)
* If I connect to the HP-UX sshd from the Linux system (using the ssh.com
ssh client), I get very similar symptoms -- "stair steps", no echo,
hang
on logout. "stty sane" works around it.
* When I login (with either ssh or Putty), the current directory seems to
be set strangely. This environment uses NFS and NIS extensively. Rather
than try to explain, I'll just paste:
imadev:~$ grep $LOGNAME /etc/passwd
+wooledg::0:0:::/usr/local/bin/bash
imadev:~$ ypmatch $LOGNAME passwd
wooledg:XXXXXXXXXXXXX:563:22:Greg Wooledge:/net/home/wooledg:/bin/ksh
imadev:~$ ypmatch /net/home auto.master
auto.home -rw,hard,intr
imadev:~$ ypmatch $LOGNAME auto.home
imadev:/usrs/wooledg
imadev:~$ ls -ld /net/home/wooledg
lrwxrwxrwx 1 root root 13 Apr 5 14:51 /net/home/wooledg ->
/usrs/wooledg
imadev:~$ ls -ld /usrs/wooledg
drwxr-xr-x 12 wooledg pgmr 1024 Apr 5 14:38 /usrs/wooledg
Now, when I login "normally" (on the console, or via telnetd), my
home
directory is set to "/net/home/wooledg" and my login shell begins
its
life in that directory. However, when I login through sshd, my login
shell starts in "/usrs/wooledg" instead of
"/net/home/wooledg", despite
the fact that $HOME gets set to "/net/home/wooledg". I have to
"cd"
to get my bash prompt to expand "\w" to "~".
(This is a relatively minor problem; it just takes a lot of explaining.
I can certainly live with this one... it's the others that worry me.)
I attempted some basic diagnostics myself. When I run sshd with the
"-d"
option and connect to it, it looks like this:
debug1: Allocating pty.
debug1: Setting controlling tty using TIOCSCTTY.debug1: Entering interactive
session.
debug1: fd 3 setting O_NONBLOCK
debug1: fd 8 IS O_NONBLOCK
debug1: server_init_dispatch_13
debug1: server_init_dispatch_15
ioctl(TIOCSCTTY): Invalid argument
When I logout of the session:
debug1: Received SIGCHLD.
When I kill the ssh client:
Connection closed by remote host.
debug1: Calling cleanup 0x40009202(0x40015688)
debug1: pty_cleanup_proc: /dev/ttypb
debug1: Calling cleanup 0x400092fa(0x0)
If I start the sshd with "-d -d -d", I get an infinite stream of:
debug3: tvp!=NULL kid 1 mili 100
debug3: tvp!=NULL kid 1 mili 100
after logging out of the session, until I kill the ssh client.
-------------- next part --------------
*** auth-passwd.c.orig Thu Apr 5 10:29:48 2001
--- auth-passwd.c Thu Apr 5 10:36:55 2001
***************
*** 46,51 ****
--- 46,53 ----
#include "servconf.h"
#include "auth.h"
+ #undef __hpux /* This must be for 10.x... doesn't work on 9. -GJW */
+
#ifdef WITH_AIXAUTHENTICATE
# include <login.h>
#endif
*** includes.h.orig Thu Apr 5 10:08:23 2001
--- includes.h Thu Apr 5 10:08:57 2001
***************
*** 27,33 ****
--- 27,36 ----
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
+
+ #define _KERNEL /* RLIMIT_CORE undefined without this -GJW */
#include <sys/resource.h>
+ #undef _KERNEL /* -GJW */
#include <netinet/tcp.h>
#include <arpa/inet.h>
*** uidswap.c.orig Thu Apr 5 10:19:08 2001
--- uidswap.c Thu Apr 5 10:24:28 2001
***************
*** 17,22 ****
--- 17,59 ----
#include "log.h"
#include "uidswap.h"
+ #ifndef HAS_SETEUID
+ /* Linux man page says:
+
+ int setreuid(uid_t ruid, uid_t euid);
+ int seteuid(uid_t euid);
+
+ setreuid sets real and effective user ID's of the current process.
+ Un-privileged users may change the real user ID to the effective
+ user ID and vice-versa.
+
+ [...]
+
+ Currently seteuid(euid) is functionally equivalent to setreuid(-1, euid).
+
+ HP-UX man page says:
+
+ int setresuid(uid_t ruid, uid_t euid, uid_t suid);
+
+ setresuid() sets the real, effective and/or saved user ID of the calling
+ process.
+
+ If the current real, effective or saved user ID is equal to that of a
+ user with having appropriate privileges, setresuid() sets the real,
+ effective and saved user IDs to ruid, euid, and suid, respectively.
+ Otherwise, setresuid() only sets the real, effective, and saved user
+ IDs if ruid, euid, and suid each match at least one of the current
+ real, effective, or saved user IDs.
+
+ If ruid, euid, or suid is -1, setresuid() leaves the current real,
+ effective or saved user ID unchanged.
+ */
+ int seteuid(uid_t euid)
+ {
+ return setresuid(-1, euid, -1);
+ }
+ #endif /* HAS_SETEUID */
+
/*
* Note: all these functions must work in all of the following cases:
* 1. euid=0, ruid=0
