Hi All,
Thanks Matt for the reply. As is often the case, after I'd e-mailed you
I decided to give it a go and see how I would fare having a wild stab in
the dark (well, more sort of a half-hearted slash at late dusk) and I
got it working. I had downloaded the sources for OpenSSH-4.2p1,
OpenSSL-0.9.8a, and zlib-1.2.3 when I was thinking of using OpenSSH ages
ago so used those.
I found that I needed zlib (--with-zlib option), OpenSSL (--with-ssl-dir
option) and the OpenSSL headers (CPPFLAGS=-I/path/to/ssl/header/files)
to (cross)compile sftp-server. Then I dumped sftp-server onto my box
and away she went. I've pasted the entire .configure command line
below, in case anyone else is interested
./configure
CC=~/opt/crosstool/arm-xscale-linux-gnu/gcc-3.4.2-glibc-2.3.3/bin/arm-xscale-linux-gnu-gcc
CPPFLAGS=-I~/include --build=xscale --host=arm-xscale-linux-gnu
--with-zlib=~/src/zlib-1.2.3/ --with-ssl-dir=~/lib/
--disable-etc-default-login
John
Matt Johnston wrote:
(CCing the Dropbear list since it might be of interest)
On Thu, Jan 18, 2007 at 12:55:53PM +1100, John wrote:
I'm using an editor called ultraedit,
which has the capability of editing remote files through the use of
ftp/sftp, and I am not sure where to start in getting sftp to work with
dropbear. I have seen mention of using the OpenSSH implimentation of
sftp-server on the internet, but originally rejected OpenSSH in favour
of dropbear because of size constraints. Is there any info kicking
around about how to use sftp with dropbear (or how much of the OpenSSH
package is required to use it's version of sftp-server)? Alternately,
is there any future plans to encorporate sftp into dropbear?
It's fairly easy to compile OpenSSH's sftp-server without
linking to OpenSSL, and it should end up reasonably small. A
fair amount of of code depends on OpenSSL headers, so
you'll probably have to put them somewhere visible even if
you don't bother compiling OpenSSL libraries for your target
platform.
1) Grab a recent OpenSSH release. (I had 4.2p1 handy)
2) Edit configure.ac, remove the OpenSSL tests. (Or maybe
leave the header tests in?)
3) autoconf; autoheader (to regenerate 'configure')
4) Edit Makefile.in, remove the $(LIBS) part of the
sftp-server build line (line 160, after the one that
begins with "sftp-server$(EXEEXT):")
5) ./configure (with target platform CC, CFLAGS etc)
6) Edit bufaux.c and bufaux.h, remove all the functions
related to bignums. Also remove the #include for openssl
7) make sftp-server
8) Copy the sftp-server binary to /usr/libexec/sftp-server
or similar on the target (edit Dropbear's options.h to
set where)
I end up with a 35kB dynamic binary on x86 Debian. You
could probably combine sftp-server into a dropbearmulti
binary with a bit of work fiddling with the main() function.
There might be other code that could be trimmed from
sftp-server, I haven't looked too closely.
I'm unlikely to develop my own sftp-server for Dropbear in
the near future.
Cheers,
Matt
