[ssh_x509] pkixssh-10.2 build failure

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Sat May 12 12:45:33 EEST 2018


Hi Mohit,

ssh_x509 at roumenpetrov.info wrote:
> Hi Roumen,
>
> When I am trying to build OpenSSH, I am getting error.
>
> checking whether OpenSSL has NID_X9_62_prime256v1... yes
> checking whether OpenSSL has NID_secp384r1... yes
> checking whether OpenSSL has NID_secp521r1... yes
> checking if OpenSSL's NID_secp521r1 is functional... configure: error: in
> `/openssh/openssh-7.5p1':
> configure: error: cannot run test program while cross compiling
> See `config.log' for more details
> make: *** [openssh-7.5p1/config.h] Error 1
>
> So, when I included ssh_cv_working_secp521r1=false\ argument in configure
> in Makefile, the build went fine. But due to this, enable_nistp521=1
> couldn't be set leading to ecdh-sha2-nistp521 algorithm not supported by
> sshd. I checked in openssh-7.5-p1/configure and there are some changes
> w.r.t. nistp521.
>
> Can you suggest what I need to do in order to pass build and also
> support ecdh-sha2-nistp521
> algorithm?
> [SNIP]

As usual autoconf  "cache variables" that enable a feature 
ssh_cv_working_secp521r1 has to be set into  environment with value 
either yes or no.

Sample command line:
$ ssh_cv_working_secp521r1=yes \
./configure ...

With above command output should look like this:
...
checking whether OpenSSL has NID_secp521r1... yes
checking if OpenSSL's NID_secp521r1 is functional... yes
...


> Thanks & Regards
> Mohit Gupta

Regards,
Roumen Petrov


-- 
Secure shell with X.509 certificate support
http://roumenpetrov.info/secsh/




More information about the ssh_x509 mailing list