ssh

OpenSSH SSH client: remote login program

Syntax:

ssh [-1246AaCfGgKkMNnqsTtVvXxY] [-b bind_address]
    [-c cipher_spec] [-D [bind_address:]port]
    [-e escape_char] [-F configfile] [-I pkcs11]
    [-i identity_file] [-J [user@]host[:port]] 
    [-L  [bind_address:]port:host:hostport]
    [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option]
    [-p port] [-R [bind_address:]port:host:hostport]
    [-Q query_option][-S ctl_path] [-W host:port] 
    [-w local_tun[:remote_tun]] [user@]hostname [command]

Runs on:

QNX Neutrino

Options:

See ssh in the NetBSD documentation.

Description:

The ssh (SSH client) utility is a program for logging into a remote machine and for executing commands on a remote machine. For more information, see ssh in the NetBSD documentation.

Supporting OpenSSH in a target image

To add OpenSSH support to a target image, you must include, in your BSP buildfile, ssh and all other utilities needed to run OpenSSH. For information about these buildfiles, see the “OS Image Buildfiles” chapter in Building Embedded Systems.

The following excerpt shows the buildfile lines needed to add OpenSSH support:

###########################################################################
## sshd support
###########################################################################
/usr/sbin/sshd=sshd
/usr/bin/scp=scp
/usr/bin/ssh=ssh
/usr/libexec/sftp-server=${QNX_TARGET}/${PROCESSOR}/usr/libexec/sftp-server
ssh-keygen
mkdir
chmod
touch
waitfor

[uid=0 gid=0 perms=0644 search=${QNX_TARGET}/etc/ssh] /etc/ssh/ssh_known_hosts=ssh_known_hosts

[uid=0 gid=0 perms=0644] sshd_config={
Protocol 2
LoginGraceTime 600
PermitRootLogin yes             # NOT SECURE, FOR DEBUGGING
PermitEmptyPasswords yes        # NOT SECURE, FOR DEBUGGING
UsePrivilegeSeparation no       # NOT SECURE, FOR DEBUGGING
Subsystem       sftp    /usr/libexec/sftp-server
}

[perms=0640] /etc/shadow = {
root:E4m.vvfkKBbRo:1231323780:0:0
}

[perms=0644] /etc/passwd = {
root:x:0:0:Superuser:/root:/bin/sh
sshd:x:15:6:sshd:/var/chroot/sshd:/bin/false
}

/root/.profile = {
PS1='$(hostname)#'
export SYSNAME=nto
export TERM=xterm
#export PATH=/proc/boot:/sbin:/bin:/usr/bin:/opt/bin/sbin:/usr/sbin
#export LD_LIBRARY_PATH=/proc/boot:/lib:/usr/lib:/lib/dll:/opt/lib:/lib/dll/pci
}

[perms=0755] /scripts/ssh-start.sh = {
#!/bin/sh

with_umask ()
\{
    local oldmask ret
    [ "$#" -ge 1 ] || return

    oldmask=$(umask) || return
    umask "$1" || return
    shift

    ret=0
    "$@" || ret=$?

    umask "$\{oldmask?\}"
    return "$\{ret:?\}"
\}

tools_ssh_keygen ()
\{
    local ssh_etcdir ssh_vardir type filename etclink varkey
    ssh_etcdir="/etc/ssh"
    ssh_vardir="/var/etc/ssh"

    for type in rsa
    do
        filename="ssh_host_$\{type:?\}_key"
        etclink="$\{ssh_etcdir?\}/$\{filename:?\}"
        varkey="$\{ssh_vardir?\}/$\{filename:?\}"

        if [ ! -f "$\{etclink:?\}" ]  # link currently invalid
        then
            ssh-keygen -t "$\{type:?\}" -N '' -f "$\{varkey:?\}" || return
        fi
    done
\}

tools_sshd ()
\{
    local x
    \{
        cp /proc/boot/sshd_config /etc/ssh/
        with_umask 022 tools_ssh_keygen
        ssh_path=$(command -v sshd) && "$ssh_path"
    \} &
\}

# This script is intended to run once/boot only, at startup
running=/dev/shmem/ssh-start.run
[ -e $running ] && exit

tools_sshd;

touch $running
unset running

}

[perms=0755 uid=0 gid=0 type=dir] /var/chroot/sshd
[type=link] /etc/ssh = /dev/shmem
[type=link] /var/etc/ssh = /dev/shmem

Contributing author:

NetBSD