分类 Ubuntu 下的文章

“Ubuntu是以桌面应用为主的Linux发行版，基于Debian。Ubuntu有三个正式版本，包括桌面版、服务器版及用于物联网设备和机器人的Core版。从17.10版本开始，Ubuntu以GNOME为默认桌面环境。 Ubuntu是著名的Linux发行版之一，也是目前最多用户的Linux版本。 ”

交叉编译arm openssh-9.0p1

作者: const
时间: 2022-05-06
分类: Ubuntu
评论

下载openssh

wget https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
tar xvf openssh-9.0p1.tar.gz

编译指令

./configure --prefix=/ --host=arm-linux-gnueabihf --with-zlib=$(pwd)/.. --with-ssl-dir=$(pwd)/.. --with-libs="-lpthread" --disable-strip -with-ldflags="-Wl,-rpath /usr/lib -Wl,-rpath /lib" --disable-etc-default-login --with-privsep-user=nobody --with-privsep-path="/var/empty"

make

注意：只make,不要make install

如果使用了--prefix指定的其他目录，会出现类似错误

scp pub.key root@192.168.1.8:/var/www/html/

/home/const/arm-compile/openssh-9.0p1/../bin/ssh: No such file or directory

如果不指定--prefix，就会要求ssh放在/usr/local/bin/ssh目录下。

scp scp root@192.168.1.8:/var/www/html

/usr/local/bin/ssh: No such file or directory
scp: Connection closed

静态编译openssh的问题

./configure --prefix=/ --host=arm-linux-gnueabihf --with-zlib=$(pwd)/.. --with-ssl-dir=$(pwd)/.. --with-libs="-lpthread" --disable-strip -with-ldflags="-static" --disable-etc-default-login --with-privsep-user=nobody --with-privsep-path="/var/empty"

编译完成后，运行scp，会卡死无响应。

strace /bin/scp

execve("/bin/scp", ["/bin/scp"], 0x7ea03ce0 / 18 vars /) = 0
brk(NULL) = 0x115f000
brk(0x115fd0c) = 0x115fd0c
set_tls(0x115f4c0) = 0
readlink("/proc/self/exe", "/bin/scp", 4096) = 8
brk(0x1180d0c) = 0x1180d0c
brk(0x1181000) = 0x1181000
open("/dev/null", O_RDWR|O_LARGEFILE) = 3
close(3) = 0
futex(0x1e9c24, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x1e9c28, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x1e9c2c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x1e9ee8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x1e9c34, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x1e9c38, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x1e9cbc, FUTEX_WAKE_PRIVATE, 2147483647) = 0
getpid() = 20133
getrandom("x8axadx3fx00xd7x42xa5xcax40x16xfax2fxcexb5xe8x9cxb5x65x44x10x0dx33x18xe9xa7x3cx9ax65x17xffxdbx09", 32, 0) = 32
clock_gettime(CLOCK_REALTIME, {tv_sec=1651798290, tv_nsec=756874203}) = 0
gettimeofday({tv_sec=1651798290, tv_usec=757342}, NULL) = 0
futex(0x1e9ca4, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x1162574, FUTEX_WAIT_PRIVATE, 0, NULL

从上面可以看到futex 阻塞住了。

静态编译后的ssh可以运行.

查看静态编译依赖的动态库

arm-linux-gnueabihf-objdump -x ssh |grep NEEDED

查看动态编译依赖的动态库

arm-linux-gnueabihf-objdump -x ../bin/ssh |grep NEEDED

NEEDED libcrypto.so.1.1
NEEDED libdl.so.2
NEEDED libutil.so.1
NEEDED libz.so.1
NEEDED libpthread.so.0
NEEDED libcrypt.so.1
NEEDED libresolv.so.2
NEEDED libc.so.6
NEEDED ld-linux-armhf.so.3

这里说到一个不需要使用ldd，查看动态库依赖的方法。使用arm-linxu-gnueabihf-objdump -x scp |grep NEEDED

使用ldd的方法如下：

ldd /bin/scp

linux-vdso.so.1 (0x00007ffe21797000)
libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f0bfaadd000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f0bfa8eb000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f0bfa8e5000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f0bfa8c2000)
/lib64/ld-linux-x86-64.so.2 (0x00007f0bfade7000)

objdump -x /bin/scp |grep NEEDED

NEEDED libcrypto.so.1.1
NEEDED libc.so.6

过程中出现的各种问题
scp报错 -bash: scp: command not found
此错误要求arm的scp要放在/bin/scp目录下面。

scp: error while loading shared libraries: libcrypto.so.1.1: cannot open shared object file: No such file or directory
此错误是scp没有找到相关的动态库，要求动态库的位置在/usr/lib/arm-linux-gnueabihf/目录下。这个也是通过调试得到的。

调试scp日志的方法

/home/const/bin/strace /home/const/bin/scp -v 2

将上述命令以脚本方式保存为/bin/scp即可在对端得到调试信息。

根据上面的提示信息，我们可以将依赖设置到指定目录
gcc rpath multiple directories

-Wl,-rpath /usr/lib -Wl,-rpath /lib

这就是上面openssh编译命令中的ldflags选项。

错误提示:
OpenSSL version mismatch. Built against 10101080, you have 101010bf
scp: Connection closed

因为编译的OpenSSL版本与实际使用的版本有少少差异,导致不能使用.最好的解决办法是使用相同的版本,如果版本差异不大呢, 就修改openssh的源码.
将entropy.c文件

if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER,
OpenSSL_version_num()))
debug3("OpenSSL version mismatch. Built against %lx, you "
"have %lx", (u_long)OPENSSL_VERSION_NUMBER,
OpenSSL_version_num());

删除或注释就可以了.

mosquitto disconnect code 7

作者: const
时间: 2022-05-07
分类: Ubuntu,MQTT
评论

错误代码：disconnect response code 7

错误信息：The connection was lost

可能的原因是，使用了相同的clientid

在mosquitto_new 的第一个参数中，使用NULL就好。

还有另一个原因,也会出现这个错误.就是当mqtt broker重启会导致disconnect 7.

Ubuntu 20.04 安装 MQTT(mosquitto)

作者: const
时间: 2022-05-10
分类: Ubuntu,MQTT
评论

安装mosquitto borker

sudo apt-get update
sudo apt-get install mosquitto

安装mosquitto clients

sudo apt-get install mosquitto-clients

查看运行状态

systemctl status mosquitto

状态信息:

 mosquitto.service - Mosquitto MQTT v3.1/v3.1.1 Broker
 Loaded: loaded (/lib/systemd/system/mosquitto.service; enabled; vendor pre>
 Active: active (running) since Mon 2022-05-09 16:59:13 CST; 16h ago
   Docs: man:mosquitto.conf(5)
         man:mosquitto(8)
  Main PID: 524488 (mosquitto)
  Tasks: 3 (limit: 18708)
 Memory: 1.2M
 CGroup: /system.slice/mosquitto.service
         └─524488 /usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf

重启mqtt服务

systemctl restart mosquitto

停止mqtt服务

systemctl stop mosquitto

测试使用mqtt

mosquitto -v

1652145455: mosquitto version 1.6.9 starting
1652145455: Using default config.
1652145455: Opening ipv4 listen socket on port 1883.
1652145455: Opening ipv6 listen socket on port 1883.

启动mosquitto监听1883端口

mosquitto -p 1883

启动mosquitto后台运行监听1884端口

mosquitto -p 1884 -d

**启动mosquitto后台运行使用mosquitti-2.conf配置文件

mosquitto -c /etc/mosquitto/mosquitto-2.conf -d

ubuntu compile python3.5.3

作者: const
时间: 2022-05-10
分类: Ubuntu
评论

Prerequisites

sudo apt-get install build-essential checkinstall
sudo apt-get install libreadline-gplv2-dev libncursesw5-dev libssl-dev libsqlite3-dev tk-dev libgdbm-dev libc6-dev libbz2-dev
wget https://www.python.org/ftp/python/3.5.3/Python-3.5.3.tar.xz
tar xvf Python-3.5.3.tar.xz
cd Python-3.5.3
sudo ./configure --enable-optimizations
sudo make altinstall

make altinstall is used to prevent replacing the default python binary file /usr/bin/python.

python3.5 -V

Python 3.5.3

ubuntu 20 ssh 错误 no matching key exchange method found

作者: const
时间: 2022-05-12
分类: Ubuntu
评论

错误现象

ssh root@192.168.5.245

Unable to negotiate with 192.168.5.245 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,kexguess2@matt.ucc.asn.au

解决办法

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 root@192.168.5.245

root@192.168.5.245's password:

要是觉得-o后面这一堆参数很难记的话, 有个简单的办法,其实这部分内容就在错误提示信息里面了,从错误信息里面复制就好了.
-oKexAlgorithms=+diffie-hellman-group1-sha1
KexAlgorithms就是指交换秘钥算法的意思.
另一个解决办法

su
echo "KexAlgorithms diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1" >>/etc/ssh/ssh_config.d/weak.conf

cat /etc/ssh/ssh_config.d/weak.conf

KexAlgorithms diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1

有加就有减,不支持diffie-hellman-group-exchange-sha1的就使用

ssh -oKexAlgorithms-=diffie-hellman-group-exchange-sha1