在海思Linux系统上搭建sshfs服务端,使用buildroot来编译sshfs工具软件,使用海思的外部编译链,使用动态链接库,由于flash用户空间太小,使用硬盘挂载进行软件和动态库的拷贝软连接安装。
CONFIG_FUSE_FS
~ # cat /proc/filesystems
nodev sysfs
nodev rootfs
nodev ramfs
nodev bdev
nodev proc
nodev cgroup
nodev tmpfs
nodev devtmpfs
nodev sockfs
nodev pipefs
nodev rpc_pipefs
nodev devpts
ext3
ext2
ext4
cramfs
vfat
msdos
iso9660
nodev nfsd
nodev jffs2
fuseblk
nodev fuse 【支持了fuse】
nodev fusectl
udf
yaffs
yaffs2
nodev mtd_inodefs
nodev ubifs
Toolchain --->
(/home/logread/imx8/hz-vpu/arm-hisiv600-linux/hisi-linux/arm-hisiv600-linux/target) Toolchain path
($(ARCH)-hisiv600-linux) Toolchain prefix
External toolchain gcc version (4.9.x) --->
External toolchain kernel headers series (3.5.x) --->
External toolchain C library (glibc/eglibc) --->
Target packages --->
Filesystem and flash utilities --->
[*] sshfs (FUSE)
依赖太多的库和openssh,下载慢,终于编译完
logread@logread:target$ readelf -d usr/bin/sshfs
0x00000001 (NEEDED) Shared library: [libfuse.so.2]
0x00000001 (NEEDED) Shared library: [libgthread-2.0.so.0]
0x00000001 (NEEDED) Shared library: [libglib-2.0.so.0]
0x00000001 (NEEDED) Shared library: [libpthread.so.0]
0x00000001 (NEEDED) Shared library: [libc.so.6]
usr/bin/ssh-keygen
0x00000001 (NEEDED) Shared library: [libcrypto.so.1.1]
0x00000001 (NEEDED) Shared library: [libdl.so.2]
0x00000001 (NEEDED) Shared library: [libutil.so.1]
0x00000001 (NEEDED) Shared library: [libz.so.1]
0x00000001 (NEEDED) Shared library: [libcrypt.so.1]
0x00000001 (NEEDED) Shared library: [libresolv.so.2]
0x00000001 (NEEDED) Shared library: [libc.so.6]
0x00000001 (NEEDED) Shared library: [ld-linux.so.3]
usr/bin/sshfs
0x00000001 (NEEDED) Shared library: [libfuse.so.2]
0x00000001 (NEEDED) Shared library: [libgthread-2.0.so.0]
0x00000001 (NEEDED) Shared library: [libglib-2.0.so.0]
0x00000001 (NEEDED) Shared library: [libpthread.so.0]
0x00000001 (NEEDED) Shared library: [libc.so.6]
usr/sbin/sshd
0x00000001 (NEEDED) Shared library: [libcrypto.so.1.1]
0x00000001 (NEEDED) Shared library: [libdl.so.2]
0x00000001 (NEEDED) Shared library: [libutil.so.1]
0x00000001 (NEEDED) Shared library: [libz.so.1]
0x00000001 (NEEDED) Shared library: [libcrypt.so.1]
0x00000001 (NEEDED) Shared library: [libresolv.so.2]
0x00000001 (NEEDED) Shared library: [libc.so.6]
0x00000001 (NEEDED) Shared library: [ld-linux.so.3]
# Make sure the ssh-keygen progam exists
[ -f /usr/bin/ssh-keygen ] || exit 0
umask 077
start() {
# Create any missing keys
/usr/bin/ssh-keygen -A
printf "Starting sshd: "
/usr/sbin/sshd
touch /var/lock/sshd
echo "OK"
}
etc/passwd【密码admin】
root:pbsEaKL0HI0rs:0:0::/root:/bin/sh
mount -t ext4 /dev/sda2 /mnt/hd1
ifconfig eth0 192.168.10.254
umask 077
mkdir -p /etc/ssh
mkdir -p /mnt/nfs
ssh-keygen和sshd和sftp-server依赖库:【这3个是openssh- p1编译出的】
ln -s /mnt/hd1/libcrypto.so.1.1 /lib/libcrypto.so.1.1 【libopenssl-1.1.1a编译出的库:libcrypto.so.1.1,libssl.so.1.1】
ln -s /mnt/hd1/libz.so.1.2.11 /lib/libz.so.1 【libzlib-1.2.11编译出的库:libz.so.1.2.11】
ln -s /mnt/hd1/libatomic.so.1.1.0 /lib/libatomic.so.1 【编译链的库:arm-hisiv600-linux-gnueabi/lib/libatomic.so.1.1.0,被stripped】
ln -s /mnt/hd1/libfuse.so.2.9.8 /lib/libfuse.so.2 【libfuse-2.9.8】
ln -s /mnt/hd1/libgthread-2.0.so.0.5600.3 /lib/libgthread-2.0.so.0 【libglib2-2.56.3】
ln -s /mnt/hd1/libglib-2.0.so.0.5600.3 /lib/libglib-2.0.so.0 【libglib2-2.56.3】
ln -s /mnt/hd1/libpcre.so.1.2.10 /lib/libpcre.so.1 【pcre-8.42】
/mnt/hd1 # ./ssh-keygen -A
ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519
得到文件:
/etc/ssh/
ssh_host_dsa_key ssh_host_ecdsa_key.pub ssh_host_rsa_key
ssh_host_dsa_key.pub ssh_host_ed25519_key ssh_host_rsa_key.pub
ssh_host_ecdsa_key ssh_host_ed25519_key.pub
【生成/root/.ssh/id_rsa.pub了吗】【没有】
cp /mnt/hd1/sshd_config /etc/ssh/
#PermitRootLogin prohibit-password改为 PermitRootLogin yes【否则ssh连接时输入root密码无反应】
mkdir -p /var/empty
adduser sshd -u 22
密码:admin
/mnt/hd1/sshd 【必须绝对路径执行,否则报错:sshd re-exec requires execution with an absolute path】
ssh root@192.168.10.254 【改了 PermitRootLogin yes成功,否则输入密码一直报无效】
root@WV-200:~# ssh root@192.168.10.254
root@192.168.10.254's password:
Welcome to HiLinux.
None of nfsroot found in cmdline.
/mnt/hd1 # ps | grep ssh
129 root 0:00 /mnt/hd1/sshd
135 root 0:00 {sshd} sshd: root@pts/0
141 root 0:00 grep ssh
./ssh root@192.168.10.1【反向连接MPU也成功】
mkdir -p /usr/libexec/
ln -s /mnt/hd1/sftp-server /usr/libexec/sftp-server
mkdir -p /usr/lib/openssh/
ln -s /mnt/hd1/sftp-server /usr/lib/openssh/sftp-server
sshfs root@192.168.10.254:/mnt/hd1/nfs /mnt/vpu-hd1
remote host has disconnected【未解决。。。。。。】
0、使用默认配置【无改善】
1、使用centos配置【无改善】
2、使用ubuntu配置【无改善】
3、增加/usr/bin/sftp【无改善】
4、换vpu ip 192.168.10.2【无改善】
5、增加ssh-keysign ssh-pkcs11-helper【无改善】
6、sftp-server拷贝过去不使用软连接【无改善】
7、sftp-server运行失败【问题原因】
/mnt/hd1 # /usr/libexec/sftp-server
/usr/libexec/sftp-server: line 1: syntax error: unexpected word (expecting ")")
8、删除output/build/openssh-7.9p1程序重新编译,拷贝output/build/openssh-7.9p1/sftp-server【挂载成功】
sshfs root@192.168.10.254:/mnt/hd1/nfs /mnt/vpu-hd1/
root@192.168.10.254:/mnt/hd1/nfs on /mnt/vpu-hd1 type fuse.sshfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0)
root@192.168.10.254:/mnt/hd1/nfs
27.4G 149.7M 25.8G 1% /mnt/vpu-hd1
VPU信息:
577 root 0:00 /mnt/hd1/sshd
578 root 0:00 sshd: root@notty
580 root 0:00 sh -c /usr/libexec/sftp-server
581 root 0:00 /usr/libexec/sftp-server
卸载
fusermount -u /mnt/vpu-hd1
10、拷贝output/target/usr/libexec/sftp-server stripped文件【挂载成功】
11、免密挂载:PermitRootLogin without-password【不能挂载】
/etc/ssh/sshd_config line 83: Unsupported option UsePAM
1、MPU中需要ssh-keygen生成/root/.ssh/id_rsa.pub公钥【<M> openssh-keygen. OpenSSH keygen】【openssh-8.0p1.tar.gz】
2、MPU中需要ssh-copy-id上传公钥到VPU【<M> openssh-client-utils. OpenSSH client utilities】
3、就能实现免密登陆
bin/packages/aarch64_cortex-a53_neon/packages/openssh-client_8.0p1-2_aarch64_cortex-a53_neon.ipk
bin/packages/aarch64_cortex-a53_neon/packages/openssh-keygen_8.0p1-2_aarch64_cortex-a53_neon.ipk
bin/packages/aarch64_cortex-a53_neon/packages/openssh-client-utils_8.0p1-2_aarch64_cortex-a53_neon.ipk
安装openssh-client_8.0p1-2_aarch64_cortex-a53_neon.ipk提示空间不够,库已经按照了
直接拷贝openssh-8.0p1下面的ssh-keygen和ssh-copy-id,可运行
空间不够移除库:1.4M Oct 23 07:17 libgio-2.0.so.0.5800.3
root@WV-200:/tmp# ./ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/3jTMGxP5uybGwg0+EINt3rdNA66eR5umsj62mEFOfs root@WV-200
The key's randomart image is:
+---[RSA 3072]----+
| . . |
| * . |
| * = . o |
| . B + = . |
| S *.. o |
| * +=.o |
| o E.+X. |
| + o B+.=o |
| o+= +++o=o |
+----[SHA256]-----+
root@WV-200:/tmp#
root@WV-200:/tmp#
root@WV-200:/tmp# ls /root/.ssh/
id_rsa id_rsa.pub known_hosts
root@WV-200:/tmp# ^C
root@WV-200:/tmp# ./ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.10.254
./ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
root@192.168.10.254's password:
卡住了【暂弃】
【不用免密功能了,使用脚本输入密码】
13、scp获取公钥
root@WV-200:/tmp# scp root@192.168.10.254:/etc/ssh/ssh_host_rsa_key.pub ./
root@192.168.10.254's password:
sh: scp: not found
VPU上面没有安装scp命令嘛?
把scp命令拷贝到/bin下面后成功:
root@WV-200:/tmp# scp root@192.168.10.254:/etc/ssh/ssh_host_rsa_key.pub ./
Host '192.168.10.254' is not in the trusted hosts file.
(ssh-rsa fingerprint sha1!! dc:5c:8f:71:64:b3:be:ca:a3:8d:f6:16:00:7d:e3:59:fe:4a:28:2e)
Do you want to continue connecting? (y/n) y
root@192.168.10.254's password:
ssh_host_rsa_key.pub 100% 393 0.4KB/s 00:00
还是需要密钥
14、固定key
/tmp # /bin/sshd
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0744 for '/etc/ssh/ssh_host_rsa_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Error loading host key "/etc/ssh/ssh_host_rsa_key": bad permissions
Could not load host key: /etc/ssh/ssh_host_rsa_key
sshd: no hostkeys available -- exiting.
权限太开放:
/tmp # ls /etc/ssh/ -lh
total 11
-rw------- 1 root root 1.3K Jan 1 08:00 ssh_host_dsa_key
-rw-r--r-- 1 root root 601 Jan 1 08:00 ssh_host_dsa_key.pub
-rw------- 1 root root 505 Jan 1 08:00 ssh_host_ecdsa_key
-rw-r--r-- 1 root root 173 Jan 1 08:00 ssh_host_ecdsa_key.pub
-rw------- 1 root root 399 Jan 1 08:00 ssh_host_ed25519_key
-rw-r--r-- 1 root root 93 Jan 1 08:00 ssh_host_ed25519_key.pub
-rw------- 1 root root 1.8K Jan 1 08:00 ssh_host_rsa_key
-rw-r--r-- 1 root root 393 Jan 1 08:00 ssh_host_rsa_key.pub
-rw-rw-r-- 1 root root 3.1K Jan 1 08:20 sshd_config
修改后成功
MPU的固定key:
root@WV-200:~# cat /root/.ssh/known_hosts
192.168.10.254 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQmhcIy6NoIBKape/c64+8uPQ2vNER74DoBxG4PHC5p2Cb/6giZpIK4UfmyFelSxI4ogd4HAW4WRVw01DtaIvdDhQpQ/h6HrOdwhHccw8xqKOIgH0SPt1Nd2+Y2V9NTufyXvXC/bCR9g/jKyAQiElNR11lS3KT5fy+rrWO026oPimXPSDXOWEsr37uXUv3qKta2pSNQV/rSn5v51htgVsnVACCpThI4VpLtyHPdVRvLJWCLIYF9TPM4Pm5Nmm8ohyUYu1o6KgQbgqW7hTBpQGs51xEWe/dNOprdoAi3yqAuh29NTfa2XvPIYgIfS8YNNB2nfyoBsTZwvMzw4uagZk3
15、shell脚本中输入密码
#!/bin/sh
sshfs_vpu(){
sshfs root@192.168.10.254:/mnt/hd1 /mnt/vpu-hd1 -o password_stdin >& /dev/null <<EOF
admin
EOF
}
sshfs_vpu
fusermount -u /mnt/vpu-hd1
16、调试问题
[RCS]: /etc/init.d/S70RootfsDataMount
mount: mounting /rom/dev/pts on /dev/pts failed: No such file or directory
[RCS]: /etc/init.d/S70RootfsDataMount
mount: mounting /dev/mtdblock3 on /mnt/conf failed: No such file or directory
mkdir: can't create directory '/mnt/conf/base': Read-only file system
mkdir: can't creatoverlayfs: failed to resolve '/mnt/conf/base': -2
e directory '/mnt/conf/work': Read-only file system
mount: mounting overlay on /mnt failed: Invalid argument
mount: mounting /proc on /mnt/proc failed: No such file or directory
mkdir: can't create directory '/mnt/rom': Read-only file system
pivot_root: No such file or directory
mount: mounting /rom/dev on /dev failed: No such file or directory
mount: mounting /rom/tmp on /tmp failed: No such file or directory
mount: mounting /rom/sys on /sys failed: No such file or directory
mount: mounting /rom/dev/pts on /dev/pts failed: No such file or directory
[RCS]: /etc/init.d/S84sshd
Starting sshd: random: sshd urandom read with 10 bits of entropy available
70有间断行失败,改为81没有失败
[RCS]: /etc/init.d/S81RootfsDataMount
mount: mounting /rom/dev/pts on /dev/pts failed: No such file or directory
81没有问题【这是为何】【陈俊测试没有问题】
S000cmd S80network S82SdMount S90AutoLoad
S00devs S81NtpStart S83HddMount rcS
S01udev S81RootfsDataMount S84sshd
17、MPU开机脚本挂载后网络连接失败,手动挂载可以
挂载脚本
sshfs_mount_vpu() {
sshfs root@192.168.10.254:/mnt/hd1 /mnt/vpu-hd1 -o password_stdin >& /dev/null <<EOF
admin
EOF
}
查找原因流程如下
加打印:
root@WV-200:/etc/init.d# sshfs -d -o debug root@192.168.10.254:/mnt/hd1 /mnt/vpu
-hd1 -o password_stdin
FUSE library version: 2.9.7
nullpath_ok: 0
nopath: 0
utime_omit_ok: 0
WARNING: Ignoring unknown option -a
ssh: Ignoring unknown configuration option 'ClearAllForwardings=yes' 【报警告】
ssh: Ignoring unknown configuration option 'NumberOfPasswordPrompts=1'
WARNING: Ignoring unknown option -2
ssh: Connection to root@192.168.10.254:22 exited: Disconnect received
read: Connection reset by peer
root@WV-200:/etc/init.d#
查看ssh版本:
root@WV-200:/etc/init.d# ssh -v
WARNING: Ignoring unknown option -v
Dropbear SSH client v2019.78 https://matt.ucc.asn.au/dropbear/dropbear.html
ssh是Dropbear内部的,可能是由于精简版导致有些功能不支持,改为openssh
+CONFIG_PACKAGE_openssh-client=y
2553 root 4320 S ssh -x -a -oClearAllForwardings=yes -oNumberOfPasswo
2577 root 0 IW [kworker/3:3]
2624 root 3292 S sshfs root@192.168.10.254:/mnt/hd1 /mnt/vpu-hd1 -o p
改为openssh-client就可以了
客户端:
1、openwrt中选中sshfs配置
2、依赖内核配置fuse
3、编译依赖的库
服务端:
1、内核支持fuse文件系统
2、编译出openssh的程序和库,buildroot-2019.02里面选中sshfs时就把sshfs客户端和服务端的sshd都编译出来了
3、ssh-keygen生成host keys
4、拷贝配置sshd_config
5、增加sshd用户
6、启动sshd