PKG_NAME:=openssh
PKG_REALVERSION:=9.9p2
PKG_VERSION:=9.9_p2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_REALVERSION).tar.gz
PKG_SOURCE_URL:=https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
/etc/avahi/services/sftp-ssh.service
endef
+define Package/openssh-sk-helper
+ $(call Package/openssh/Default)
+ DEPENDS+= +libopenssl +zlib +libfido2
+ TITLE+= helper for FIDO U2F and FIDO2 hardware token support
+endef
+
+define Package/openssh-sk-helper/description
+OpenSSH helper that can be used by openssh-client, openssh-sftp-client,
+and openssh-keygen to access `ecdsa_sk` and `ed25519_sk keys
+provided by a FIDO U2F or FIDO2 hardware token over USB.
+endef
+
CONFIGURE_ARGS += \
--sysconfdir=/etc/ssh \
--with-privsep-user=sshd \
--without-kerberos5 \
--with-stackprotect \
--with$(if $(CONFIG_OPENSSL_ENGINE),,out)-ssl-engine \
+ --with$(if $(CONFIG_PACKAGE_openssh-sk-helper),,out)-security-key-builtin \
--with-cflags-after=-fzero-call-used-regs=skip
ifeq ($(BUILD_VARIANT),with-pam)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ssh-keygen $(1)/usr/libexec/ssh-keygen-openssh
endef
+define Package/openssh-sk-helper/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/ssh-sk-helper $(1)/usr/lib/
+endef
+
define Package/openssh-server/install
install -d -m0700 $(1)/etc/ssh $(1)/etc/ssh/sshd_config.d
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
$(eval $(call BuildPackage,openssh-moduli))
$(eval $(call BuildPackage,openssh-client-utils))
$(eval $(call BuildPackage,openssh-keygen))
+$(eval $(call BuildPackage,openssh-sk-helper))
$(eval $(call BuildPackage,openssh-server))
$(eval $(call BuildPackage,openssh-server-pam))
$(eval $(call BuildPackage,openssh-sftp-client))
projects / feed / packages.git / commitdiff