Adding Secure Copy and Secure Shell Clients to uClinux Print

 

This application note explains how to add scp and ssh clients to your uClinux configuration.


Building scp and ssh

Secure copy (scp) and secure shell (ssh) clients are included with the dropbear package. The secure shell client is implemented by a utility called dbclient. The secure copy client is implemented by a utility called scp.

scp actually relies on dbclient to provide a secure connection, so if you need scp, you need ssh (dbclient) also.

To build scp and dbclient, issue the following commands:

[psl@ocean linux-cortexm-x.x.x]$ . ./ACTIVATE.sh
[psl@ocean linux-cortexm-x.x.x]$ cd A2F/dropbear

Make sure the following option is enabled in the dropbear configuration file options.h:

...
#define ENABLE_CLI_PASSWORD_AUTH
...

Proceed with the build:

[psl@ocean dropbear]$ make PROGRAMS="dbclient scp dropbear"
...
[psl@ocean dropbear]$ make PROGRAMS="dbclient scp dropbear" \
install DESTDIR=${INSTALL_ROOT}/A2F/root

Having completed the above commands, you will have the dropbear server as well as the scp and dbclient clients installed in the development tree in the A2F/root/usr/bin directory.

Note that starting from Release 1.10.0 all of dropbear, scp and dbclient are prebuilt and included in the distribution so you don't actually have to build them. If you are a user of Release 1.10.0 or a later release, just read this section as background info and move on to the following section.


Adding scp and ssh to Target File System

Let's use the networking project (projects/networking) as a starting point for adding the scp and ssh clients to the target configuraiton.

networking already has the secure shell server (dropbear) included in the target filesystem. To add scp and ssh, follow the steps below:

  1. Go to the project directory:
  2. cd ${INSTALL_ROOT}/projects/networking

  3. Edit the .initramfs root filesystem specification file and add the following lines:
  4. ...
    file /usr/bin/dbclient ${INSTALL_ROOT}/A2F/root/usr/bin/dbclient 755 0 0
    file /usr/bin/scp ${INSTALL_ROOT}/A2F/root/usr/bin/scp 755 0 0
    slink /usr/bin/ssh dbclient 777 0 0
    ...


Running scp and ssh on the Target

Securely copy a file from a host to the target:

~ # scp psl​@172.17.0.212:/etc/issue /
...
~ # cat /issue
Fedora release 14 (Laughlin)
Kernel \r on an \m (\l)
~ #

... and backwards:

[psl@pvr ~]$ scp /etc/profile This e-mail address is being protected from spambots. You need JavaScript enabled to view it :/
This e-mail address is being protected from spambots. You need JavaScript enabled to view it 's password:
profile 100% 1249 1.2KB/s 00:00
[psl@pvr ~]
(back to the target console)
~ # cat /profile
# /etc/profile

# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc
# /etc/profile

# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc
...
~ #

Login to a host over a secure link:

~ # ssh psl​@172.17.0.212
psl @172.17.0.212's password:
Last login: Sun Feb 17 14:50:49 2013 from ocean.emcraft.com
[psl@pvr ~]$