NoMachine Support

Your questions answered

Knowledge Base

Searching in: Articles & FAQs
Filter the search results
Applies to:
Last update:
Searching in: Articles & FAQs
ID: AR01J00621
Applies to: NX Software
Added on: 2012-01-24
Last update: 2013-11-29
Build and installation instructions for the NoMachine OpenSSH Win32 Port

Although it should be possible to build with Visual C++ 2005 and SDK Platform for Windows XP or later, the following instructions refer to compiling the NoMachine OpenSSH portable version with MingW under a Cygwin environment.

 

Build instructions for openssh-5.9p1-win32-2 and later versions
 

STEP 1Prepare the Cygwin environment

1. Download the Cygwin installer from  www.cygwin.com

2. Launch the Cygwin installer, and ensure that packages listed below are selected as  'install':

   devel/mingw-*
   devel/mingw64-*
   perl/*
   devel/make: GNU Tool
   devel/autoconf
   devel/autoconf-2.69-2
   
   See REFERENCE VERSIONS below for the detailed list of packages used for reference build.

   

STEP 2: Compile


Build with Cygwin 32-bit

1. Ensure that are you using correct mingw32 toolchain. You must have administrative rights.
   
   To do that, create symbolic links:

   /bin/i686-pc-mingw32-* |-> /bin/*
   
   or run the <openssh_dir>/scripts/set-mingw32.sh script  from the Cygwin /bin directory
  

2. Prepare the 32-bit libssl.a and libcrypto.a libraries and the openssl headers.

   These libraries are used by 32-bit openssh and 32-bit ssh-lsa.

   - Download OpenSSL sources from http://www.openssl.org/source/.

     Version used as reference build is openssl-1.0.1e.

   - Compile sources by running:

     $./Configure mingw
     $make
     

3. Prepare 32-bit libz.a and zlib.dll.
     
   - Download ZLIB sources from http://www.zlib.net

     Version used as reference build is 1.2.8.
     
   - Compile sources by running:
   
     make -f win32/Makefile.gcc
     

4. Build 32-bit OpenSSH:

Run the following commands under a Cygwin shell in the openssh directory:
      
     $autoreconf

     $./configure --build=i686-pc-mingw32
                    --host=i686-pc-mingw32
                    --with-ssl-dir=<OPENSSL_DIR>
                    --with-zlib=<ZLIB_DIR>
                    --with-kerberos5
                  
where <OPENSSL_DIR> is a directory where openssl sources are extracted and <ZLIB_DIR> is a directory where zlib sources are extracted


     
     $cat config.h.tail >> config.h   
 

 

Build one of SSH family tool:

Run:
    
      $make <program>
      
       where <program> is any of the OpenSSH tools ported to Win32.
   

       sftp.exe          available starting from openssh-5.9p1-win32
       ssh-agent.exe     available starting from openssh-4.7p1-win32
       ssh-add.exe       available starting from openssh-4.7p1-win32
       ssh-keygen.exe    available starting from openssh-4.7p1-win32
       sftp-server.exe   available starting from openssh-4.7p1-win32
       ssh.exe
       sshd.exe

4. Build 32-bit ssh-lsa for native RSA/DSA key authorization

Move to <openssh_directory>contribwin32win32compatlsa directory and run:

    $export LIBSSL_PATH="/home/nars/openssl-1.0.1e"
    
    $make -f Makefile.mingw32
           
  - This command should produce the 32-bit ssh-lsa.dll file.

 
Build with Cygwin 64-bit

1. Build 32-bit openssl, zlib and openssh following 1-4 steps from  32-bit instruction.  OpenSSH tools are always 32-bit.
   
2. Ensure that you are using correct mingw64 toolchain. You must have administrative rights.
   
   To do that you must create symbolic links:

   /bin/x86_64-w64-mingw32-* |-> /bin/*
   
   or run <openssh_dir>/scripts/set-mingw64.sh from the Cygwin /bin directory.
   

3. Prepare the 64-bit libssl.a and libcrypto.a libraries and the openssl headers. These libraries are used by 64-bit ssh-lsa.

   - Move clean OpenSSL sources into another directory, e.g. openssl-64.

   - Compile sources by running:

     $./Configure mingw64
     $make

4. Build 64-bit ssh-lsa for native RSA/DSA key authorization

  - Move to <openssh_directory>contribwin32win32compatlsa directory and run:

    $export LIBSSL_PATH="/home/nars/openssl-1.0.1e"

    $make -f Makefile.mingw32
    
  - This command should produce 64-bit ssh-lsa.dll file.
 

 

STEP 3 - Install ssh-lsa on system where sshd server is running


- Copy the ssh-lsa.dll to the %WINDIR%/System32 directory.
 

IMPORTANT NOTE:

If your Windows is at 64-bit, be sure that you use a 64-bit file manager to copy ssh-lsa.dll, otherwise this dll will be not visible on the 64-bit OS.

For example:

- Drag and drop file using Windows explorer.

Or:

-  Run copy ssh-lsa.dll c:/windows/system32 under a cmd.exe console. 

- Then, by using the regedit tool, add 'ssh-lsa' string to the end of the registry key below:

    HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Lsa/Authentication Packages
 

Reboot the machine.
 

 

REFERENCE VERSIONS 

 

CYGWIN PACKAGES

13-1           Devel/autoconf: Wrapper for autoconf command

2.13-12        Devel/autoconf2.1: Stable version of the automatic configure builder

2.69-2         Devel/autoconf2.5: An extensible package of m4 macros shell scripts
                                  to automatically configure software code packages

2.23.51-1      Devel/binutils: The GNU assembler, linker and binary utilites
4.8.2-1        Devel/libgcc1: GCC C runtime library
4.8.2-1        Devel/libssp0: GCC Stack-smashing Protection runtime library
4.8.2-1        Devel/libstdc++6: GCC C++ runtime library
4.0-2          Devel/make: The GNU version of 'make' utility
2.23.1-1       Devel/mingw-binutils: Bintutils for MinGW.org win32 toolchain (util)

4.7.3-1        Devel/mingw-gcc-core
4.7.3-1        Devel/mingw-gcc-g++
4.7.3-1        Devel/mingw-gcc-obj
               
20110507-2     Devel/mingw-pthreads: Libpthread for MinGW.org

4.0-1          Devel/mingw-runtime: MinGW.org MSVC & compiler runtime header and libraries
4.0-1          Devel/mingw-w32api

2.22.52-1      Devel/mingw64-i686-binutils
4.7.3-1        Devel/mingw64-i686-gcc-core
4.7.3-1        Devel/mingw64-i686-gcc-g++
3.0.0-1        Devel/mingw64-i686-headers
20100619-5     Devel/mingw64-i686-pthreads
3.0.0-1        Devel/mingw64-i686-runtime
3.0b_svn5935-1 Devel/mingw64-winpthreads

2.22.52-1      Devel/mingw64-x86_64-binutils
4.7.3-1        Devel/mingw64-x86_64-gcc
4.7.3-1        Devel/mingw64-x86_64-core
4.7.3-1        Devel/mingw64-x86_64-g++
3.0.0-1        Devel/mingw64-x86_64-headers
20100619-5     Devel/mingw64-x86_64-pthreads
3.0.0-1        Devel/mingw64-x86_64-runtime
3.0b-svn5935-1 Devel/mingw64-x86_64-winpthreads

5.14.2-3       Perl/perl

 


OpenSSL

openssl-1.0.1e
 

ZLIB 

zlib-1.2.8
 

 


BUILD INSTRUCTIONS FOR EARLIER VERSIONS

These instructions are provided as it is for earlier version of the OpenSSH port to Windows. We strongly suggest to always use the most recent version made available on our web site.


Build instructions for openssh-5.9p1-win32-1

Prepare the build environment

Download the newest OpenSSL library.
Compile and install OpenSSL by running the following commands in the OpenSSL root directory:   

      $ ./Configure mingw
      $ make  
      $ make install
      
Download the newest zlib library.
Compile zlib by running the following commands in the zlib root  directory:
      
      $ make -f win32/Makefile.gcc
 

Build OpenSSH

Run the following commands under a  cygwin shell:
 
      $export CPPFLAGS="-mno-cygwin -I$PWD/openbsd-compat -I$PWD/contrib/win32/win32compat/includes -I$PWD/libkrb"
 
      $autoreconf  

 Run configure with options listed below:

       * --build=i686-pc-mingw32
       * --host=i686-pc-mingw32
       * --with-ssl-dir=/usr/local/ssl
       * --with-kerberos5
       * --with-zlib=../zlib-1.2.8
 

Run command:
    
      $cat config.h.tail >> config.h
      
Build one of SSH family tool

Run:
    
      $make <program>
      
      where <program> is any of OpenSSH tools ported to Win32.
   
      Tool available starting from openssh-5.9p1-win32:
        
        sftp.exe
   
      Tools available starting from openssh-4.7p1-win32:
        
        ssh-agent.exe
        ssh-add.exe
        ssh-keygen.exe
        sftp-server.exe
        
Build ssh-lsa for native RSA/DSA key authorization

Move to contribwin32win32compatlsa directory and run:
    
    $make -f Makefile.mingw32
    
    or:
    
    $make -f Makefile.mingw64
      
    depending on system architecture, where sshd server will be installed.
    

Install ssh-lsa on system where sshd server is running
 
Copy the ssh-lsa.dll to the %WINDIR%/System32 directory.

By using the regedit tool, add 'ssh-lsa' string to the end of the registry key below:

    HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Lsa/Authentication Packages

Reboot the machine.  

 

Build instructions for openssh-4.7p1-win32, openssh-4.7p1-win32-1, openssh-5.4p1-win32 and openssh-5.9p1-win32

Download OpenSSH portable for native Win32 from the NoMachine web site.
     
Compile OpenSSH portable for native Win32 by running the following   commands in the ssh root directory:
    $ export CPPFLAGS="-mno-cygwin -I$PWD/openbsd-compat -I
    $ PWD/contrib/win32/win32compat/includes"
    $ export LDFLAGS="-mno-cygwin"
    $ autoreconf
    $ ./configure --build=i686-pc-mingw32 --host=i686-pc-mingw32
    --with-ssl-dir=/usr/local/ssl --with-zlib=../zlib-1.2.4
    $ cat config.h.tail >> config.h
    $ make <program>

where <program> is any of OpenSSH tools ported to Win32.
   
Tool available starting from openssh-5.9p1-win32:
- sftp.exe
   
Tools available starting from openssh-4.7p1-win32:
- ssh-agent.exe
- ssh-add.exe
- ssh-keygen.exe
- sftp-server.exe
   
Tools available starting from openssh-4.7p1-win32:
- ssh.exe
- sshd.exe

   
How to enable Kerberos support in the SSH client

Download and install latest MIT Kerberos For Windows from:

http://web.mit.edu/kerberos/dist/index.html
     
Run the OpenSSH configure including the following command:

$ ./configure --with-kerberos5=<KFW_INCLUDE>
    --build=i686-pc-mingw32 --host=i686-pc-mingw32 
    --with-ssl-dir=/usr/local/ssl --with-zlib=../zlib-1.2.4

where <KFW_INCLUDE> is the 'inc' (include) directory for Kerberos 5 support, available inside the installation on Windows.  E.g.: "C:Program FilesKfWinckrb5"
 

Install and use the SSH Client and Server

Copy the ssh.exe and sshd.exe executable files to the installation directory.

The ssh client should be ready to work, while further operations are needed to get the ssh server up and running:

Copy the sshd_config file from source directory to installation directory and change 'UsePrivilegeSeparation' from 'yes' to 'no'.   
     
Generate the SSH keys pairs by using the ssh-keygen tool. Copy the generated keys, namely ssh_host_rsa_key and ssh_host_dsa_key  to the installation directory.
     
Execute the sshd server:

    $ sshd -r

Note: the user who executes the sshd daemon requires some additional privileges to be set:

    SeCreateTokenPrivilege
    SeAssignPrimaryTokenPrivilege
    SeServiceLogonRight
    SeIncreaseQuotaPrivilege
    SeTcbPrivilege
    SeImpersonatePrivilege