Re: openssh on os400 or aix

From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 05/25/05


Date: 25 May 2005 11:24:26 GMT

On 2005-05-24, Paride Desimone <mlist@ferramentazizzi.it> wrote:
> i ned openssh compiled for aix, because i want run run it on AS400.

AS/400's (running OS/400, presumably) can run AIX binaries? News to me
(but then my experience with AS/400's extends only as far as "I maybe
walked past one once" :-). Or did you mean "RS/6000"?

Anyway, for precompiled OpenSSH packages for AIX in lpp/bff format:

* IBM offer them, formerly at IBM DeveloperWorks, now Sourceforge:
http://sourceforge.net/projects/openssh-aix

* Bullfreeware offer some (although from a quick glance the versions are
somewhat old):
http://www.bullfreeware.com/

Both of those will require that you install some prerequisite packages
(openssl and zlib packages from different sources, and possibly prngd).

* Last, and quite probably least, I offer prebuilt packages with the
dependancies built-in:
http://www.zip.com.au/~dtucker/openssh/#aixbff

> I'll try to compile it on AS400 with gcc 3.4.3 for aix, but i have not
> found instruction on how to compile openssl.

It's not hard: unpack the openssl tarball, then:
$ ./config && make && make tests

If all goes well, you can then do a "make install".

That said, I've seen some problems with OpenSSH linked against recent
OpenSSL versions (> 0.9.7e), built with the default gcc configuration
(ie ./Configure aix-gcc) on AIX 4.x. I haven't pinpointed the cause.

It shows up as a regress failure during "make tests" in OpenSSH, and
seems to affect SSHv1 RSA operations.

I have had success with the following OpenSSL configure incantation:

$ ./Configure "aix-gcc:gcc -DOPENSSL_SYSNAME_AIX -DDSO_DLFCN \
   -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -O2 -DB_ENDIAN -D_THREAD_SAFE"

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


Relevant Pages

  • creating thread safe programs on aix
    ... I am working on AIX 5.1 and have wrote a program that uses ... cryptographic libraries), while running Configure for the openssl I ... applications as the compiler options required on this system are not ...
    (comp.unix.aix)
  • Re: OpenSSL vs GSKIT on AIX
    ... > I see that AIX has something called GSKIT that seems to be an SSL ... Anybody out there using OpenSSL under AIX? ... It used by IBM products ...
    (comp.unix.aix)
  • Re: Error "PGNG not seeded" due OPENSSH installation with NIM
    ... For an SSH Installation on AIX 5.2 you need openssl & openssh ... # Download from: (But you must register) ... BUT in the latest release of openssl for AIX 5.X you DO NOT NEED and should ...
    (comp.unix.aix)
  • spec files?
    ... spec files for db4, openssl, openssh, and cfengine? ... I need these for AIX, not redhat. ...
    (comp.unix.aix)
  • [CLA-2003:751] Conectiva Security Announcement - openssl
    ... SUMMARY: Remote vulnerabilities ... in the OpenSSL implementation: ... It is recommended that all users upgrade their openssl packages. ... Detailed instructions reagarding the use of apt and upgrade examples ...
    (Bugtraq)