当前位置: 首页 > 工具软件 > sshfs > 使用案例 >

Linux SSHFS挂载验证-海思Linux系统

韩羽
2023-12-01

在海思Linux系统上搭建sshfs服务端,使用buildroot来编译sshfs工具软件,使用海思的外部编译链,使用动态链接库,由于flash用户空间太小,使用硬盘挂载进行软件和动态库的拷贝软连接安装。

内核支持FUSE编译选项

CONFIG_FUSE_FS

查看支持文件系统

~ # cat /proc/filesystems 
nodev	sysfs
nodev	rootfs
nodev	ramfs
nodev	bdev
nodev	proc
nodev	cgroup
nodev	tmpfs
nodev	devtmpfs
nodev	sockfs
nodev	pipefs
nodev	rpc_pipefs
nodev	devpts
		ext3
		ext2
		ext4
		cramfs
		vfat
		msdos
		iso9660
nodev	nfsd
nodev	jffs2
		fuseblk
nodev	fuse		【支持了fuse】
nodev	fusectl
		udf
		yaffs
		yaffs2
nodev	mtd_inodefs
nodev	ubifs

buildroot-2019.02编译sshfs

配置外置编译链

Toolchain  ---> 
	(/home/logread/imx8/hz-vpu/arm-hisiv600-linux/hisi-linux/arm-hisiv600-linux/target) Toolchain path
	($(ARCH)-hisiv600-linux) Toolchain prefix
	External toolchain gcc version (4.9.x)  --->
	External toolchain kernel headers series (3.5.x)  --->
	External toolchain C library (glibc/eglibc)  --->

编译sshfs

Target packages  --->		
	Filesystem and flash utilities  --->	
		[*] sshfs (FUSE)

依赖太多的库和openssh,下载慢,终于编译完

拷贝程序和动态库

logread@logread:target$ readelf -d usr/bin/sshfs 
	 0x00000001 (NEEDED)                     Shared library: [libfuse.so.2]
	 0x00000001 (NEEDED)                     Shared library: [libgthread-2.0.so.0]
	 0x00000001 (NEEDED)                     Shared library: [libglib-2.0.so.0]
	 0x00000001 (NEEDED)                     Shared library: [libpthread.so.0]
	 0x00000001 (NEEDED)                     Shared library: [libc.so.6]
usr/bin/ssh-keygen
	 0x00000001 (NEEDED)                     Shared library: [libcrypto.so.1.1]
	 0x00000001 (NEEDED)                     Shared library: [libdl.so.2]
	 0x00000001 (NEEDED)                     Shared library: [libutil.so.1]
	 0x00000001 (NEEDED)                     Shared library: [libz.so.1]
	 0x00000001 (NEEDED)                     Shared library: [libcrypt.so.1]
	 0x00000001 (NEEDED)                     Shared library: [libresolv.so.2]
	 0x00000001 (NEEDED)                     Shared library: [libc.so.6]
	 0x00000001 (NEEDED)                     Shared library: [ld-linux.so.3]
usr/bin/sshfs
	 0x00000001 (NEEDED)                     Shared library: [libfuse.so.2]
	 0x00000001 (NEEDED)                     Shared library: [libgthread-2.0.so.0]
	 0x00000001 (NEEDED)                     Shared library: [libglib-2.0.so.0]
	 0x00000001 (NEEDED)                     Shared library: [libpthread.so.0]
	 0x00000001 (NEEDED)                     Shared library: [libc.so.6]		
usr/sbin/sshd
	 0x00000001 (NEEDED)                     Shared library: [libcrypto.so.1.1]
	 0x00000001 (NEEDED)                     Shared library: [libdl.so.2]
	 0x00000001 (NEEDED)                     Shared library: [libutil.so.1]
	 0x00000001 (NEEDED)                     Shared library: [libz.so.1]
	 0x00000001 (NEEDED)                     Shared library: [libcrypt.so.1]
	 0x00000001 (NEEDED)                     Shared library: [libresolv.so.2]
	 0x00000001 (NEEDED)                     Shared library: [libc.so.6]
	 0x00000001 (NEEDED)                     Shared library: [ld-linux.so.3]

启动脚本:etc/init.d/S50sshd

# Make sure the ssh-keygen progam exists
[ -f /usr/bin/ssh-keygen ] || exit 0

umask 077

start() {
	# Create any missing keys
	/usr/bin/ssh-keygen -A

	printf "Starting sshd: "
	/usr/sbin/sshd
	touch /var/lock/sshd
	echo "OK"
}

MPU与VPU联调测试

添加VPU root密码

etc/passwd【密码admin】
	root:pbsEaKL0HI0rs:0:0::/root:/bin/sh

挂载硬盘,设置IP,创建必要的目录

mount -t ext4 /dev/sda2 /mnt/hd1		
ifconfig eth0 192.168.10.254
umask 077

mkdir -p /etc/ssh
mkdir -p /mnt/nfs

软件依赖库

ssh-keygen和sshd和sftp-server依赖库:【这3个是openssh-	p1编译出的】
ln -s /mnt/hd1/libcrypto.so.1.1 /lib/libcrypto.so.1.1	【libopenssl-1.1.1a编译出的库:libcrypto.so.1.1,libssl.so.1.1】	
ln -s /mnt/hd1/libz.so.1.2.11 /lib/libz.so.1			【libzlib-1.2.11编译出的库:libz.so.1.2.11】
ln -s /mnt/hd1/libatomic.so.1.1.0 /lib/libatomic.so.1	【编译链的库:arm-hisiv600-linux-gnueabi/lib/libatomic.so.1.1.0,被stripped】

sshfs依赖库

ln -s /mnt/hd1/libfuse.so.2.9.8 /lib/libfuse.so.2					【libfuse-2.9.8】
ln -s /mnt/hd1/libgthread-2.0.so.0.5600.3 /lib/libgthread-2.0.so.0	【libglib2-2.56.3】
ln -s /mnt/hd1/libglib-2.0.so.0.5600.3 /lib/libglib-2.0.so.0		【libglib2-2.56.3】
ln -s /mnt/hd1/libpcre.so.1.2.10 /lib/libpcre.so.1					【pcre-8.42】

生成key

/mnt/hd1 # ./ssh-keygen -A
ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519 
	得到文件:
	/etc/ssh/
	ssh_host_dsa_key          ssh_host_ecdsa_key.pub    ssh_host_rsa_key
	ssh_host_dsa_key.pub      ssh_host_ed25519_key      ssh_host_rsa_key.pub
	ssh_host_ecdsa_key        ssh_host_ed25519_key.pub
	【生成/root/.ssh/id_rsa.pub了吗】【没有】

拷贝配置文件,创建目录,增加sshd用户

cp /mnt/hd1/sshd_config /etc/ssh/
	#PermitRootLogin prohibit-password改为 PermitRootLogin yes【否则ssh连接时输入root密码无反应】
mkdir -p /var/empty
adduser sshd -u 22
	密码:admin
/mnt/hd1/sshd	【必须绝对路径执行,否则报错:sshd re-exec requires execution with an absolute path】

MPU ssh测试

ssh root@192.168.10.254	【改了 PermitRootLogin yes成功,否则输入密码一直报无效】	
root@WV-200:~# ssh root@192.168.10.254
root@192.168.10.254's password: 
Welcome to HiLinux.
None of nfsroot found in cmdline.

查看VPU ssh进程

/mnt/hd1 # ps | grep ssh
  129 root       0:00 /mnt/hd1/sshd
  135 root       0:00 {sshd} sshd: root@pts/0
  141 root       0:00 grep ssh

./ssh root@192.168.10.1【反向连接MPU也成功】

sshfs测试

mkdir -p /usr/libexec/
ln -s /mnt/hd1/sftp-server /usr/libexec/sftp-server

mkdir -p /usr/lib/openssh/
ln -s /mnt/hd1/sftp-server /usr/lib/openssh/sftp-server

sshfs root@192.168.10.254:/mnt/hd1/nfs /mnt/vpu-hd1
	remote host has disconnected【未解决。。。。。。】

连接失败尝试方法如下

    0、使用默认配置【无改善】
    1、使用centos配置【无改善】
    2、使用ubuntu配置【无改善】
    3、增加/usr/bin/sftp【无改善】
    4、换vpu ip 192.168.10.2【无改善】
    5、增加ssh-keysign  ssh-pkcs11-helper【无改善】
    6、sftp-server拷贝过去不使用软连接【无改善】
    7、sftp-server运行失败【问题原因】
    /mnt/hd1 # /usr/libexec/sftp-server 
    /usr/libexec/sftp-server: line 1: syntax error: unexpected word (expecting ")")    
    8、删除output/build/openssh-7.9p1程序重新编译,拷贝output/build/openssh-7.9p1/sftp-server【挂载成功】

挂载成功打印

sshfs root@192.168.10.254:/mnt/hd1/nfs /mnt/vpu-hd1/	
root@192.168.10.254:/mnt/hd1/nfs on /mnt/vpu-hd1 type fuse.sshfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0)
root@192.168.10.254:/mnt/hd1/nfs
						 27.4G    149.7M     25.8G   1% /mnt/vpu-hd1
VPU信息:						 
577 root       0:00 /mnt/hd1/sshd
578 root       0:00 sshd: root@notty
580 root       0:00 sh -c /usr/libexec/sftp-server
581 root       0:00 /usr/libexec/sftp-server
				 
卸载	
fusermount -u /mnt/vpu-hd1

    10、拷贝output/target/usr/libexec/sftp-server stripped文件【挂载成功】

    11、免密挂载:PermitRootLogin without-password【不能挂载】

/etc/ssh/sshd_config line 83: Unsupported option UsePAM
1、MPU中需要ssh-keygen生成/root/.ssh/id_rsa.pub公钥【<M> openssh-keygen. OpenSSH keygen】【openssh-8.0p1.tar.gz】
2、MPU中需要ssh-copy-id上传公钥到VPU【<M> openssh-client-utils. OpenSSH client utilities】
3、就能实现免密登陆

bin/packages/aarch64_cortex-a53_neon/packages/openssh-client_8.0p1-2_aarch64_cortex-a53_neon.ipk
bin/packages/aarch64_cortex-a53_neon/packages/openssh-keygen_8.0p1-2_aarch64_cortex-a53_neon.ipk
bin/packages/aarch64_cortex-a53_neon/packages/openssh-client-utils_8.0p1-2_aarch64_cortex-a53_neon.ipk
安装openssh-client_8.0p1-2_aarch64_cortex-a53_neon.ipk提示空间不够,库已经按照了
直接拷贝openssh-8.0p1下面的ssh-keygen和ssh-copy-id,可运行

空间不够移除库:1.4M Oct 23 07:17 libgio-2.0.so.0.5800.3
root@WV-200:/tmp# ./ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/3jTMGxP5uybGwg0+EINt3rdNA66eR5umsj62mEFOfs root@WV-200
The key's randomart image is:
+---[RSA 3072]----+
|        . .      |
|         * .     |
|        * = . o  |
|       . B + = . |
|        S *.. o  |
|         * +=.o  |
|        o E.+X.  |
|       + o B+.=o |
|      o+= +++o=o |
+----[SHA256]-----+
root@WV-200:/tmp# 
root@WV-200:/tmp# 
root@WV-200:/tmp# ls /root/.ssh/
id_rsa       id_rsa.pub   known_hosts
root@WV-200:/tmp# ^C
		
root@WV-200:/tmp# ./ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.10.254
./ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
root@192.168.10.254's password: 
卡住了【暂弃】
【不用免密功能了,使用脚本输入密码】

    13、scp获取公钥

root@WV-200:/tmp# scp root@192.168.10.254:/etc/ssh/ssh_host_rsa_key.pub ./
root@192.168.10.254's password: 
sh: scp: not found
VPU上面没有安装scp命令嘛?
把scp命令拷贝到/bin下面后成功:
root@WV-200:/tmp# scp root@192.168.10.254:/etc/ssh/ssh_host_rsa_key.pub ./

Host '192.168.10.254' is not in the trusted hosts file.
(ssh-rsa fingerprint sha1!! dc:5c:8f:71:64:b3:be:ca:a3:8d:f6:16:00:7d:e3:59:fe:4a:28:2e)
Do you want to continue connecting? (y/n) y
root@192.168.10.254's password: 
ssh_host_rsa_key.pub                          100%  393     0.4KB/s   00:00   
还是需要密钥

    14、固定key

/tmp # /bin/sshd 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0744 for '/etc/ssh/ssh_host_rsa_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Error loading host key "/etc/ssh/ssh_host_rsa_key": bad permissions
Could not load host key: /etc/ssh/ssh_host_rsa_key
sshd: no hostkeys available -- exiting.
权限太开放:

/tmp # ls /etc/ssh/ -lh
total 11
-rw-------    1 root     root        1.3K Jan  1 08:00 ssh_host_dsa_key
-rw-r--r--    1 root     root         601 Jan  1 08:00 ssh_host_dsa_key.pub
-rw-------    1 root     root         505 Jan  1 08:00 ssh_host_ecdsa_key
-rw-r--r--    1 root     root         173 Jan  1 08:00 ssh_host_ecdsa_key.pub
-rw-------    1 root     root         399 Jan  1 08:00 ssh_host_ed25519_key
-rw-r--r--    1 root     root          93 Jan  1 08:00 ssh_host_ed25519_key.pub
-rw-------    1 root     root        1.8K Jan  1 08:00 ssh_host_rsa_key
-rw-r--r--    1 root     root         393 Jan  1 08:00 ssh_host_rsa_key.pub
-rw-rw-r--    1 root     root        3.1K Jan  1 08:20 sshd_config
修改后成功
MPU的固定key:
root@WV-200:~# cat /root/.ssh/known_hosts 
192.168.10.254 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQmhcIy6NoIBKape/c64+8uPQ2vNER74DoBxG4PHC5p2Cb/6giZpIK4UfmyFelSxI4ogd4HAW4WRVw01DtaIvdDhQpQ/h6HrOdwhHccw8xqKOIgH0SPt1Nd2+Y2V9NTufyXvXC/bCR9g/jKyAQiElNR11lS3KT5fy+rrWO026oPimXPSDXOWEsr37uXUv3qKta2pSNQV/rSn5v51htgVsnVACCpThI4VpLtyHPdVRvLJWCLIYF9TPM4Pm5Nmm8ohyUYu1o6KgQbgqW7hTBpQGs51xEWe/dNOprdoAi3yqAuh29NTfa2XvPIYgIfS8YNNB2nfyoBsTZwvMzw4uagZk3

    15、shell脚本中输入密码

#!/bin/sh

sshfs_vpu(){
		sshfs root@192.168.10.254:/mnt/hd1 /mnt/vpu-hd1 -o password_stdin >& /dev/null <<EOF
admin
EOF
}

sshfs_vpu

fusermount -u /mnt/vpu-hd1

    16、调试问题

[RCS]: /etc/init.d/S70RootfsDataMount
mount: mounting /rom/dev/pts on /dev/pts failed: No such file or directory
	
[RCS]: /etc/init.d/S70RootfsDataMount
mount: mounting /dev/mtdblock3 on /mnt/conf failed: No such file or directory
mkdir: can't create directory '/mnt/conf/base': Read-only file system
mkdir: can't creatoverlayfs: failed to resolve '/mnt/conf/base': -2
e directory '/mnt/conf/work': Read-only file system
mount: mounting overlay on /mnt failed: Invalid argument
mount: mounting /proc on /mnt/proc failed: No such file or directory
mkdir: can't create directory '/mnt/rom': Read-only file system
pivot_root: No such file or directory
mount: mounting /rom/dev on /dev failed: No such file or directory
mount: mounting /rom/tmp on /tmp failed: No such file or directory
mount: mounting /rom/sys on /sys failed: No such file or directory
mount: mounting /rom/dev/pts on /dev/pts failed: No such file or directory
	
[RCS]: /etc/init.d/S84sshd
Starting sshd: random: sshd urandom read with 10 bits of entropy available
	70有间断行失败,改为81没有失败
	
[RCS]: /etc/init.d/S81RootfsDataMount
mount: mounting /rom/dev/pts on /dev/pts failed: No such file or directory
	81没有问题【这是为何】【陈俊测试没有问题】
	
S000cmd             S80network          S82SdMount          S90AutoLoad
S00devs             S81NtpStart         S83HddMount         rcS
S01udev             S81RootfsDataMount  S84sshd

    17、MPU开机脚本挂载后网络连接失败,手动挂载可以

挂载脚本

sshfs_mount_vpu() {
	sshfs root@192.168.10.254:/mnt/hd1 /mnt/vpu-hd1 -o password_stdin >& /dev/null <<EOF
admin
EOF
}

查找原因流程如下

	加打印:
	root@WV-200:/etc/init.d# sshfs -d -o debug root@192.168.10.254:/mnt/hd1 /mnt/vpu
	-hd1 -o password_stdin

	FUSE library version: 2.9.7
	nullpath_ok: 0
	nopath: 0
	utime_omit_ok: 0
	WARNING: Ignoring unknown option -a
	ssh: Ignoring unknown configuration option 'ClearAllForwardings=yes'	【报警告】
	ssh: Ignoring unknown configuration option 'NumberOfPasswordPrompts=1'
	WARNING: Ignoring unknown option -2

	ssh: Connection to root@192.168.10.254:22 exited: Disconnect received
	read: Connection reset by peer
	root@WV-200:/etc/init.d#	
	
	查看ssh版本:
	root@WV-200:/etc/init.d# ssh -v
	WARNING: Ignoring unknown option -v
	Dropbear SSH client v2019.78 https://matt.ucc.asn.au/dropbear/dropbear.html	
	ssh是Dropbear内部的,可能是由于精简版导致有些功能不支持,改为openssh
	
	+CONFIG_PACKAGE_openssh-client=y

	 2553 root      4320 S    ssh -x -a -oClearAllForwardings=yes -oNumberOfPasswo
	 2577 root         0 IW   [kworker/3:3]
	 2624 root      3292 S    sshfs root@192.168.10.254:/mnt/hd1 /mnt/vpu-hd1 -o p
	
	改为openssh-client就可以了

总结


客户端:
        1、openwrt中选中sshfs配置
        2、依赖内核配置fuse
        3、编译依赖的库
        
服务端:
        1、内核支持fuse文件系统
        2、编译出openssh的程序和库,buildroot-2019.02里面选中sshfs时就把sshfs客户端和服务端的sshd都编译出来了
        3、ssh-keygen生成host keys
        4、拷贝配置sshd_config
        5、增加sshd用户
        6、启动sshd

 

 类似资料: