This Magisk module contains OpenSSH for Android

These OpenSSH binaries are compiled with SELinux support.

The configure options used are copied from the Termux Build script for OpenSSH:

    https://github.com/termux/termux-packages/blob/master/packages/openssh/build.sh

The configure command used to create the config for Compiling OpenSSH in Android is in the file

   source/myconfigure

in the Magisk Module

All patches for OpenSSH from Termux that are useful for a Magisk Module with OpenSSH are applied to the source code.

The patches for OpenSSH in Termux are available here:

    https://github.com/termux/termux-packages/tree/master/packages/openssh

The patches used are in the directory ./source/patches in the Magisk Module; the patches were copied from the repo at 2024-10-04.
The script source/patches/apply_patches.sh can be used to apply the patches.

An additional patch was necessary to get the OpenSSH binaries working for the user shell:

Source: https://stackoverflow.com/questions/76376942/openssh-9-3p-fails-to-build-for-android
(This is the patch misc.c.additional.patch in the directory source/patches in this Magisk Module)

 ----

2024-01-31 I've little idea if my post is of any help, but anyway, today I built LP64 version of ssh client and found that, LP64 version of struct passwd does have pw_gecos member (so you need to set ac_cv_member_struct_passwd_pw_gecos=yes for LP64 build), but, the value of it is set to NULL, causing SEGV, at least on Android 8.0 device with uid = AID_SHELL (2000). So you need to fix the source like this.

diff -rup openssh-9.6p1/misc.c openssh-9.6p1-droid-p01/misc.c
--- openssh-9.6p1/misc.c        2023-12-18 23:59:50.000000000 +0900
+++ openssh-9.6p1-droid-p01/misc.c      2024-01-31 17:10:46.530066587 +0900
@@ -488,7 +488,7 @@ pwcopy(struct passwd *pw)
        copy->pw_name = xstrdup(pw->pw_name);
        copy->pw_passwd = xstrdup(pw->pw_passwd == NULL ? "*" : pw->pw_passwd);
 #ifdef HAVE_STRUCT_PASSWD_PW_GECOS
-       copy->pw_gecos = xstrdup(pw->pw_gecos);
+       copy->pw_gecos = xstrdup(pw->pw_gecos == NULL ? "null" : pw->pw_gecos);
 #endif
        copy->pw_uid = pw->pw_uid;
        copy->pw_gid = pw->pw_gid;

 ---

OpenSSH has been configured with the following options:
                     User binaries: /system/usr/bin
                   System binaries: /system/usr/sbin
               Configuration files: /system/etc/ssh
                   Askpass program: /system/usr/libexec/ssh-askpass
                      Manual pages: /system/usr/man/manX
                          PID file: /data/local/tmp/var/run
  Privilege separation chroot path: /data/local/tmp/var/empty
            sshd default user PATH: /system/bin
                    Manpage format: doc
                       PAM support: no
                   OSF SIA support: no
                 KerberosV support: no
                   SELinux support: yes
                   libedit support: yes
                   libldns support: yes
  Solaris process contract support: no
           Solaris project support: no
         Solaris privilege support: no
       IP address in $DISPLAY hack: no
           Translate v4 in v6 hack: no
                  BSD Auth support: no
              Random number source: OpenSSL internal ONLY
             Privsep sandbox style: none
                   PKCS#11 support: yes
                  U2F/FIDO support: yes

              Host: aarch64-unknown-linux-android
          Compiler: /data/develop/android/android-ndk-r27b/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android33-clang
    Compiler flags: --sysroot /data/develop/android/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/sysroot  -static -O2 -I/data/develop/android/sysroot/usr/include   -Wno-implicit-function-declaration -Wno-int-conversion -I/data/develop/android/sysroot/selinux/usr/include -pipe -Wunknown-warning-option -Wno-error=format-truncation -Qunused-arguments -Wall -Wextra -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter -Wno-unused-result -Wmisleading-indentation -Wbitwise-instead-of-logical -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=used -ftrivial-auto-var-init=zero -mretpoline -fno-builtin-memset -Dfd_mask=int  
Preprocessor flags: -I/data/develop/android/sysroot/usr/include  -DHAVE_ATTRIBUTE__SENTINEL__=1 -DBROKEN_SETRESGID  -I/system/usr/include -I/data/local/tmp/develop/sysroot/usr/include
      Linker flags: -L/data/develop/android/sysroot/usr/lib -L/data/local/tmp/develop/sysroot/usr/lib --sysroot /data/develop/android/android-ndk/toolchains/llvm/prebuilt/linux-x86_64/sysroot  -static -s -L/data/develop/android/sysroot/usr/lib  -ldl -lcrypto -lssl -L/data/develop/android/sysroot/selinux/usr/lib -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -Wl,-z,retpolineplt -L/system/usr/lib 
         Libraries: -lldns  -lselinux
     +for channels: -lcrypto  -lz


[aarch64-linux-android] [ OmniRom 14 Dev - xtrnaw7@t15g /data/develop/android/source/openssh-9.9p1 ] 


Trouble Shooting

Due to the energy saving functions of Android, the wifi connection can be put into sleep mode too often, so that the ssh connection to the phone is very sluggish. To work around this problem, start a ping command in the background to use the WIfi connection continuously, e.g:

ping -i 0.2 192.168.1.1 >/dev/null & 

 ---

History

05.10.2024 v1.0.0
  initial release

17.10.2024 v1.1.0
  re-created the binaries with SELinux support

25.12.2024 v1.1.1
  added the trouble shooting infos in this README file

