summaryrefslogtreecommitdiff
path: root/gnu/packages/ssh.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/ssh.scm')
-rw-r--r--gnu/packages/ssh.scm211
1 files changed, 104 insertions, 107 deletions
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 0a6d97e46c..4dd8bb6d96 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -1,8 +1,8 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <[email protected]>
+;;; Copyright © 2012-2021 Ludovic Courtès <[email protected]>
;;; Copyright © 2013, 2014 Andreas Enge <[email protected]>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <[email protected]>
-;;; Copyright © 2015, 2016, 2018, 2019, 2020, 2021 Efraim Flashner <[email protected]>
+;;; Copyright © 2015, 2016, 2018, 2019, 2020, 2021, 2022 Efraim Flashner <[email protected]>
;;; Copyright © 2016, 2019 Leo Famulari <[email protected]>
;;; Copyright © 2016, 2021 Nicolas Goaziou <[email protected]>
;;; Copyright © 2016 Christine Lemmer-Webber <[email protected]>
@@ -15,7 +15,7 @@
;;; Copyright © 2019, 2020 Mathieu Othacehe <[email protected]>
;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <[email protected]>
;;; Copyright © 2020 Oleg Pykhalov <[email protected]>
-;;; Copyright © 2020 Maxim Cournoyer <[email protected]>
+;;; Copyright © 2020, 2021 Maxim Cournoyer <[email protected]>
;;; Copyright © 2021 Brice Waegeneire <[email protected]>
;;;
;;; This file is part of GNU Guix.
@@ -63,6 +63,7 @@
#:use-module (gnu packages python-web)
#:use-module (gnu packages python-xyz)
#:use-module (gnu packages readline)
+ #:use-module (gnu packages security-token)
#:use-module (gnu packages texinfo)
#:use-module (gnu packages tls)
#:use-module (gnu packages xorg)
@@ -90,7 +91,7 @@
(base32
"1rpysj65j9ls30bf2c5k5hykzzjfknrihs58imp178bx1wqzw4jl"))))
(inputs
- `(("readline" ,readline)))
+ (list readline))
(arguments
`(#:make-flags
(list ,(string-append "CC=" (cc-for-target))
@@ -143,9 +144,7 @@ file names.
;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite.
#:tests? #f))
- (inputs `(("zlib" ,zlib)
- ("libgcrypt" ,libgcrypt)
- ("mit-krb5" ,mit-krb5)))
+ (inputs (list zlib libgcrypt mit-krb5))
(synopsis "SSH client library")
(description
"libssh is a C library implementing the SSHv2 and SSHv1 protocol for client
@@ -171,8 +170,7 @@ applications.")
(build-system gnu-build-system)
;; The installed libssh2.pc file does not include paths to libgcrypt and
;; zlib libraries, so we need to propagate the inputs.
- (propagated-inputs `(("libgcrypt" ,libgcrypt)
- ("zlib" ,zlib)))
+ (propagated-inputs (list libgcrypt zlib))
(arguments `(#:configure-flags `("--with-libgcrypt")))
(synopsis "Client-side C library implementing the SSH2 protocol")
(description
@@ -186,7 +184,7 @@ a server that supports the SSH-2 protocol.")
(define-public openssh
(package
(name "openssh")
- (version "8.7p1")
+ (version "8.8p1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://openbsd/OpenSSH/portable/"
@@ -194,15 +192,15 @@ a server that supports the SSH-2 protocol.")
(patches (search-patches "openssh-hurd.patch"))
(sha256
(base32
- "090yxpi03pxxzb4ppx8g8hdpw7c4nf8p0avr6c7ybsaana5lp8vw"))))
+ "1s8z6f7mi1pwsl79cqai8cr350m5lf2ifcxff57wx6mvm478k425"))))
(build-system gnu-build-system)
- (native-inputs `(("groff" ,groff)
- ("pkg-config" ,pkg-config)))
+ (native-inputs (list groff pkg-config))
(inputs `(("libedit" ,libedit)
("openssl" ,openssl)
,@(if (hurd-target?)
- '()
- `(("pam" ,linux-pam)))
+ '()
+ `(("pam" ,linux-pam)
+ ("libfido2" ,libfido2))) ;fails to build on GNU/Hurd
("mit-krb5" ,mit-krb5)
("zlib" ,zlib)
("xauth" ,xauth))) ; for 'ssh -X' and 'ssh -Y'
@@ -227,7 +225,13 @@ a server that supports the SSH-2 protocol.")
;; Enable PAM support in sshd.
,,@(if (hurd-target?)
'()
- '("--with-pam"))
+ '("--with-pam"
+
+ ;; Support creation and use of ecdsa-sk,
+ ;; ed25519-sk keys.
+ "--with-security-key-builtin"))
+
+
;; "make install" runs "install -s" by default,
;; which doesn't work for cross-compiled binaries
@@ -244,8 +248,7 @@ a server that supports the SSH-2 protocol.")
(let ((out (assoc-ref outputs "out")))
(substitute* "Makefile"
(("PRIVSEP_PATH=/var/empty")
- (string-append "PRIVSEP_PATH=" out "/var/empty")))
- #t)))
+ (string-append "PRIVSEP_PATH=" out "/var/empty"))))))
(add-before 'check 'patch-tests
(lambda _
(substitute* "regress/test-exec.sh"
@@ -255,21 +258,20 @@ a server that supports the SSH-2 protocol.")
(substitute* (list "Makefile"
"regress/Makefile")
(("^(tests:.*) t-exec(.*)" all pre post)
- (string-append pre post)))
- #t))
+ (string-append pre post)))))
(replace 'install
- (lambda* (#:key outputs (make-flags '()) #:allow-other-keys)
- ;; Install without host keys and system configuration files.
- (apply invoke "make" "install-nosysconf" make-flags)
- (install-file "contrib/ssh-copy-id"
- (string-append (assoc-ref outputs "out")
- "/bin/"))
- (chmod (string-append (assoc-ref outputs "out")
- "/bin/ssh-copy-id") #o555)
- (install-file "contrib/ssh-copy-id.1"
- (string-append (assoc-ref outputs "out")
- "/share/man/man1/"))
- #t)))))
+ (lambda* (#:key outputs (make-flags '()) #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ ;; Install without host keys and system configuration files.
+ ;; This will install /var/empty to the store, which is needed
+ ;; by the system openssh-service-type.
+ (apply invoke "make" "install-nosysconf" make-flags)
+ (with-directory-excursion "contrib"
+ (chmod "ssh-copy-id" #o555)
+ (install-file "ssh-copy-id"
+ (string-append out "/bin/"))
+ (install-file "ssh-copy-id.1"
+ (string-append out "/share/man/man1/")))))))))
(synopsis "Client and server for the secure shell (ssh) protocol")
(description
"The SSH2 protocol implemented in OpenSSH is standardised by the
@@ -292,6 +294,8 @@ TCP-forwarding. It provides a flow control service for these channels.
Additionally, various channel-specific options can be negotiated.")
(license (license:non-copyleft "file://LICENSE"
"See LICENSE in the distribution."))
+ (properties
+ '((release-monitoring-url . "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/")))
(home-page "https://www.openssh.com/")))
;; OpenSSH without X support. This allows to use OpenSSH without dragging X
@@ -313,11 +317,12 @@ Additionally, various channel-specific options can be negotiated.")
(uri (git-reference
(url home-page)
(commit (string-append "v" version))))
- (file-name (string-append name "-" version ".tar.gz"))
+ (file-name (git-file-name name version))
(sha256
(base32
"1xpxkvgj7wgcl450djkcrmrf957mcy2f36hfs5g6kpla1gax2d1g"))
- (modules '((guix build utils)))))
+ (patches (search-patches "guile-ssh-fix-test-suite.patch"
+ "guile-ssh-read-error.patch"))))
(build-system gnu-build-system)
(outputs '("out" "debug"))
(arguments
@@ -362,16 +367,14 @@ Additionally, various channel-specific options can be negotiated.")
(string-append examples "/sssh.scm"))
(delete-file-recursively bin)
#t))))))
- (native-inputs `(("autoconf" ,autoconf)
- ("automake" ,automake)
- ("libtool" ,libtool)
- ("texinfo" ,texinfo)
- ("pkg-config" ,pkg-config)
- ("which" ,which)
- ("guile" ,guile-3.0))) ;needed when cross-compiling.
- (inputs `(("guile" ,guile-3.0)
- ("libssh" ,libssh)
- ("libgcrypt" ,libgcrypt)))
+ (native-inputs (list autoconf
+ automake
+ libtool
+ texinfo
+ pkg-config
+ which
+ guile-3.0)) ;needed when cross-compiling.
+ (inputs (list guile-3.0 libssh libgcrypt))
(synopsis "Guile bindings to libssh")
(description
"Guile-SSH is a library that provides access to the SSH protocol for
@@ -383,24 +386,31 @@ libssh library.")
(package
(inherit guile-ssh)
(name "guile2.0-ssh")
+ (source (origin
+ (inherit (package-source guile-ssh))
+ (patches (search-patches "guile-ssh-fix-test-suite.patch"))))
(native-inputs
- `(("guile" ,guile-2.0) ;needed when cross-compiling.
- ,@(alist-delete "guile" (package-native-inputs guile-ssh))))
- (inputs `(("guile" ,guile-2.0)
- ,@(alist-delete "guile" (package-inputs guile-ssh))))))
+ (modify-inputs (package-native-inputs guile-ssh)
+ (delete "guile")
+ (prepend guile-2.0 ;needed when cross-compiling.
+ )))
+ (inputs (modify-inputs (package-inputs guile-ssh)
+ (replace "guile" guile-2.0)))))
(define-public guile2.2-ssh
(package
(inherit guile-ssh)
(name "guile2.2-ssh")
+ (source (origin
+ (inherit (package-source guile-ssh))
+ (patches (search-patches "guile-ssh-fix-test-suite.patch"))))
(native-inputs
- `(("guile" ,guile-2.2) ;needed when cross-compiling.
- ,@(alist-delete "guile" (package-native-inputs guile-ssh))))
- (inputs `(("guile" ,guile-2.2)
- ,@(alist-delete "guile" (package-inputs guile-ssh))))))
-
-(define-public guile3.0-ssh
- (deprecated-package "guile3.0-ssh" guile-ssh))
+ (modify-inputs (package-native-inputs guile-ssh)
+ (delete "guile")
+ (prepend guile-2.2 ;needed when cross-compiling.
+ )))
+ (inputs (modify-inputs (package-inputs guile-ssh)
+ (replace "guile" guile-2.2)))))
(define-public corkscrew
;; The last 2.0 release hails from 2009. Use a fork (submitted upstream as
@@ -442,11 +452,9 @@ libssh library.")
(install-file "README.md" doc)
#t))))))
(native-inputs
- `(("autoconf" ,autoconf)
- ("automake" ,automake)
- ("pkg-config" ,pkg-config)))
+ (list autoconf automake pkg-config))
(inputs
- `(("openssl" ,openssl)))
+ (list openssl))
(home-page "https://github.com/patpadgett/corkscrew")
(synopsis "SSH tunneling through HTTP(S) proxies")
(description
@@ -484,7 +492,7 @@ with optional @acronym{TLS, Transport-Level Security} to protect credentials.")
(wrap-program (string-append bin "/mosh")
`("PATH" ":" prefix (,bin)))))))))
(native-inputs
- `(("pkg-config" ,pkg-config)))
+ (list pkg-config))
(inputs
`(("openssl" ,openssl)
("perl" ,perl)
@@ -527,9 +535,7 @@ responsive, especially over Wi-Fi, cellular, and long-distance links.")
`(#:configure-flags '("--disable-bundled-libtom")
#:tests? #f)) ; there is no "make check" or anything similar
(inputs
- `(("libtomcrypt" ,libtomcrypt)
- ("libtommath" ,libtommath)
- ("zlib" ,zlib)))
+ (list libtomcrypt libtommath zlib))
(synopsis "Small SSH server and client")
(description "Dropbear is a relatively small SSH server and
client. It runs on a variety of POSIX-based platforms. Dropbear is
@@ -593,28 +599,25 @@ basis for almost any application.")
(patches (search-patches "lsh-fix-x11-forwarding.patch"))))
(build-system gnu-build-system)
(native-inputs
- `(("autoconf" ,autoconf)
- ("automake" ,automake)
- ("m4" ,m4)
- ("guile" ,guile-2.0)
- ("gperf" ,gperf)
- ("psmisc" ,psmisc))) ; for `killall'
+ (list autoconf
+ automake
+ m4
+ guile-2.0
+ gperf
+ psmisc)) ; for `killall'
(inputs
- `(("nettle" ,nettle-2)
- ("linux-pam" ,linux-pam)
-
- ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
- ;; Readline 6.3.
- ("readline" ,readline-6.2)
-
- ("liboop" ,liboop)
- ("zlib" ,zlib)
- ("gmp" ,gmp)
-
- ;; The server (lshd) invokes xauth when X11 forwarding is requested.
- ;; This adds 24 MiB (or 27%) to the closure of lsh.
- ("xauth" ,xauth)
- ("libxau" ,libxau))) ;also required for x11-forwarding
+ (list nettle-2
+ linux-pam
+ ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
+ ;; Readline 6.3.
+ readline-6.2
+ liboop
+ zlib
+ gmp
+ ;; The server (lshd) invokes xauth when X11 forwarding is requested.
+ ;; This adds 24 MiB (or 27%) to the closure of lsh.
+ xauth
+ libxau)) ;also required for x11-forwarding
(arguments
'(;; Skip the `configure' test that checks whether /dev/ptmx &
;; co. work as expected, because it relies on impurities (for
@@ -719,7 +722,7 @@ authentication}.")
(base32 "0xqjw8df68f4kzkns5gcah61s5wk0m44qdk2z1d6388w6viwxhsz"))))
(build-system gnu-build-system)
(arguments `(#:tests? #f)) ; There is no "make check" or anything similar
- (inputs `(("openssh" ,openssh)))
+ (inputs (list openssh))
(synopsis "Automatically restart SSH sessions and tunnels")
(description "autossh is a program to start a copy of @command{ssh} and
monitor it, restarting it as necessary should it die or stop passing traffic.")
@@ -774,11 +777,9 @@ monitor it, restarting it as necessary should it die or stop passing traffic.")
(("which") (which "which")))
#t)))))
(inputs
- `(("openssh" ,openssh)
- ("mit-krb5" ,mit-krb5)
- ("perl" ,perl)))
+ (list openssh mit-krb5 perl))
(native-inputs
- `(("which" ,which)))
+ (list which))
(home-page "https://github.com/chaos/pdsh")
(synopsis "Parallel distributed shell")
(description "Pdsh is a an efficient, multithreaded remote shell client
@@ -800,13 +801,10 @@ shell services and remote host selection.")
"0lnhh2h1mj79j66ni883s9f3xldnbjb10vh80g24b7m003mm524c"))))
(build-system python-build-system)
(propagated-inputs
- `(("python-cryptography" ,python-cryptography)
- ("python-pyopenssl" ,python-pyopenssl)
- ("python-gssapi" ,python-gssapi)
- ("python-bcrypt" ,python-bcrypt)))
+ (list python-cryptography python-pyopenssl python-gssapi
+ python-bcrypt))
(native-inputs
- `(("openssh" ,openssh)
- ("openssl" ,openssl)))
+ (list openssh openssl))
(arguments
`(#:phases
(modify-phases %standard-phases
@@ -829,18 +827,19 @@ framework.")
(define-public clustershell
(package
(name "clustershell")
- (version "1.8.3")
+ (version "1.8.4")
(source
(origin
- (method url-fetch)
- (uri (string-append "https://github.com/cea-hpc/clustershell/releases"
- "/download/v" version
- "/ClusterShell-" version ".tar.gz"))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/cea-hpc/clustershell")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
(sha256
- (base32 "1qdcgh733szwj9r1gambrgfkizvbjci0bnnkds9a8mnyb3sasnan"))))
+ (base32 "11b87vyamcw4rvgxz74jxwkr9ly0h9ldp2wqsi5wc19p0r06la5j"))))
(build-system python-build-system)
- (inputs `(("openssh" ,openssh)))
- (propagated-inputs `(("python-pyyaml" ,python-pyyaml)))
+ (inputs (list openssh))
+ (propagated-inputs (list python-pyyaml))
(arguments
`(#:phases (modify-phases %standard-phases
(add-before 'build 'record-openssh-file-name
@@ -849,8 +848,7 @@ framework.")
(substitute* "lib/ClusterShell/Worker/Ssh.py"
(("info\\(\"ssh_path\"\\) or \"ssh\"")
(string-append "info(\"ssh_path\") or \""
- ssh "/bin/ssh\"")))
- #t))))))
+ ssh "/bin/ssh\"")))))))))
(home-page "https://cea-hpc.github.io/clustershell/")
(synopsis "Scalable event-driven Python framework for cluster administration")
(description
@@ -913,8 +911,7 @@ clients at a time.")
"1bcy9flrzbvams5p77swwiygv54ac58ia7hpic1bvg30b3wpvv7b"))))
(build-system python-build-system)
(propagated-inputs
- `(("python-paramiko" ,python-paramiko)
- ("python-tornado" ,python-tornado)))
+ (list python-paramiko python-tornado))
(home-page "https://webssh.huashengdun.org/")
(synopsis "Web application to be used as an SSH client")
(description "This package provides a web application to be used as an SSH
generated by cgit v1.2.3 (git 2.45.2) at 2025-06-27 17:04:39 +0000