Re: ssh module

From:	"Fred Mol" <fredlist at xs4all dot nl>
To:	m0n0wall dash dev at lists dot m0n0 dot ch
Subject:	Re: ssh module
Date:	Sun, 18 Jul 2004 13:06:30 +0200 (CEST)
Peter Curran:
>
> Perhaps you could take a look at the script I did for the OpenVPN module and
> see how that differs from yours.  I would be very interested in creating a
> generic 'package manager' type approach to build a modified m0n0 image for
> any module.

The scripts are similar, of course, although mine is written in Perl.
I've tried to make it independent of what is being installed (the script
just takes a numer of tar files or directories to update the m0n0wall
image with).
Right now, my install script only supports .iso images. Supporting other
images should not be a big problem, I just wouldn't be able to test them
(no Soekris box here).

Anyway, more info at http://www.xs4all.nl/~fredmol/m0n0

> If we do a good job, we may even be able to pursuade Manuel to
> put it into the standard distro so that it can be run from the CF, rather
> than having to modify the image directly.
>
I guess perl is out of the question then :-)
And of course it wouldn't work on a generic pc that boots of a cdrom.

> Dinesh (I think it was) suggested a way of doing this a few days ago.
>
> One big question on this SSH stuff is how big it is?  Are you basing it on
> OpenSSH (which ISTR is BIG) or an alternative.  There was mention of a small
> SSH implementation on the Soekris-tech list a few days ago?
>
Yes, it's OpenSSH based (it just copies a few files from a FreeBSD with
sshd installed). Right now, it's about 1MB for the minimal installation.
That installs the following files (output of du -ack):

4	./etc/ssh/sshd_config
88	./etc/ssh/moduli
2	./etc/ssh/ssh_config
96	./etc/ssh
4	./etc/inc/ext/ssh/rc
6	./etc/inc/ext/ssh
8	./etc/inc/ext
10	./etc/inc
4	./etc/pam.conf
8	./etc/ssl/openssl.cnf
10	./etc/ssl
122	./etc
20	./usr/bin/ssh-keygen
22	./usr/bin
4	./usr/lib/pam_permit.so
6	./usr/lib/pam_unix.so
128	./usr/lib/libasn1.so.5
6	./usr/lib/libcom_err.so.2
240	./usr/lib/libkrb5.so.5
34	./usr/lib/libopie.so.2
38	./usr/lib/libpam.so.1
54	./usr/lib/libroken.so.5
188	./usr/lib/libssh.so.2
700	./usr/lib
54	./usr/sbin/pw
156	./usr/sbin/sshd
212	./usr/sbin
936	./usr
1060	.
1060	total


--Fred