Commit | Line | Data |
---|---|---|
2fbf053b | 1 | ;;; GNU Guix --- Functional package management for GNU |
a8b0556e | 2 | ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> |
06ed5982 | 3 | ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr> |
45f2ffb4 | 4 | ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org> |
1121a5c6 | 5 | ;;; Copyright © 2015, 2016, 2018 Efraim Flashner <efraim@flashner.co.il> |
af8f7eb4 | 6 | ;;; Copyright © 2016, 2019 Leo Famulari <leo@famulari.name> |
c777570b | 7 | ;;; Copyright © 2016 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
8caeb117 | 8 | ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> |
d6bbb7e5 | 9 | ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr> |
c9a6a36f | 10 | ;;; Copyright © 2017 Stefan Reichör <stefan@xsteve.at> |
227dbd84 | 11 | ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> |
47956fa0 | 12 | ;;; Copyright © 2017 ng0 <ng0@n0.is> |
ae72b8f5 | 13 | ;;; Copyright © 2018 Manuel Graf <graf@init.at> |
618631f3 | 14 | ;;; Copyright © 2019 Gábor Boskovits <boskovits@gmail.com> |
2fbf053b AE |
15 | ;;; |
16 | ;;; This file is part of GNU Guix. | |
17 | ;;; | |
18 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
19 | ;;; under the terms of the GNU General Public License as published by | |
20 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
21 | ;;; your option) any later version. | |
22 | ;;; | |
23 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
24 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
25 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
26 | ;;; GNU General Public License for more details. | |
27 | ;;; | |
28 | ;;; You should have received a copy of the GNU General Public License | |
29 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
30 | ||
31 | (define-module (gnu packages ssh) | |
2102ae2e DC |
32 | #:use-module (gnu packages) |
33 | #:use-module (gnu packages autotools) | |
34 | #:use-module (gnu packages base) | |
35 | #:autoload (gnu packages boost) (boost) | |
2fbf053b | 36 | #:use-module (gnu packages compression) |
c9a6a36f | 37 | #:use-module (gnu packages crypto) |
2102ae2e | 38 | #:use-module (gnu packages elf) |
2fbf053b | 39 | #:use-module (gnu packages gnupg) |
2102ae2e | 40 | #:use-module (gnu packages gperf) |
fe0b8a78 | 41 | #:use-module (gnu packages groff) |
49d294e5 | 42 | #:use-module (gnu packages guile) |
618631f3 | 43 | #:use-module (gnu packages libedit) |
2102ae2e | 44 | #:use-module (gnu packages linux) |
c9a6a36f | 45 | #:use-module (gnu packages logging) |
2102ae2e DC |
46 | #:use-module (gnu packages m4) |
47 | #:use-module (gnu packages multiprecision) | |
87bf526b | 48 | #:use-module (gnu packages ncurses) |
2102ae2e | 49 | #:use-module (gnu packages nettle) |
89e34644 | 50 | #:use-module (gnu packages kerberos) |
2102ae2e DC |
51 | #:use-module (gnu packages perl) |
52 | #:use-module (gnu packages pkg-config) | |
c9a6a36f | 53 | #:use-module (gnu packages popt) |
87bf526b | 54 | #:autoload (gnu packages protobuf) (protobuf) |
ae72b8f5 | 55 | #:use-module (gnu packages python) |
44d10b1f | 56 | #:use-module (gnu packages python-xyz) |
2102ae2e DC |
57 | #:use-module (gnu packages readline) |
58 | #:use-module (gnu packages texinfo) | |
cc2b77df | 59 | #:use-module (gnu packages tls) |
2102ae2e DC |
60 | #:use-module (gnu packages xorg) |
61 | #:use-module (guix build-system cmake) | |
62 | #:use-module (guix build-system gnu) | |
ae72b8f5 | 63 | #:use-module (guix build-system python) |
2fbf053b | 64 | #:use-module (guix download) |
817efe8b | 65 | #:use-module (guix git-download) |
2102ae2e | 66 | #:use-module ((guix licenses) #:prefix license:) |
befbaebf LC |
67 | #:use-module (guix packages) |
68 | #:use-module (srfi srfi-1)) | |
1681cd4a LC |
69 | |
70 | (define-public libssh | |
eed00f93 LF |
71 | (package |
72 | (name "libssh") | |
81bb5545 | 73 | (version "0.8.7") |
eed00f93 LF |
74 | (source (origin |
75 | (method git-fetch) | |
76 | (uri (git-reference | |
d5401375 | 77 | (url "https://git.libssh.org/projects/libssh.git") |
12995856 | 78 | (commit (string-append "libssh-" version)))) |
eed00f93 LF |
79 | (sha256 |
80 | (base32 | |
81bb5545 | 81 | "1iqik1ba0g008k1mb1n85iih1azi7giy0c485jnlmsrjxik4q3j2")) |
eed00f93 LF |
82 | (file-name (git-file-name name version)))) |
83 | (build-system cmake-build-system) | |
84 | (outputs '("out" "debug")) | |
85 | (arguments | |
86 | '(#:configure-flags '("-DWITH_GCRYPT=ON") | |
deed349b | 87 | |
a8b0556e LC |
88 | #:phases (modify-phases %standard-phases |
89 | (add-before 'configure 'avoid-werror | |
90 | (lambda _ | |
91 | ;; Avoid '-Werror'. Presumably this works fine with | |
92 | ;; gcc@8 on x86_64 but leads to errors with our older | |
93 | ;; compiler. | |
94 | (substitute* "CompilerChecks.cmake" | |
95 | (("-Werror=") "-W")) | |
96 | #t))) | |
97 | ||
eed00f93 LF |
98 | ;; TODO: Add 'CMockery' and '-DWITH_TESTING=ON' for the test suite. |
99 | #:tests? #f)) | |
100 | (inputs `(("zlib" ,zlib) | |
101 | ("libgcrypt" ,libgcrypt))) | |
102 | (synopsis "SSH client library") | |
103 | (description | |
104 | "libssh is a C library implementing the SSHv2 and SSHv1 protocol for client | |
105 | and server implementations. With libssh, you can remotely execute programs, | |
106 | transfer files, and use a secure and transparent tunnel for your remote | |
107 | applications.") | |
108 | (home-page "https://www.libssh.org") | |
109 | (license license:lgpl2.1+))) | |
2fbf053b AE |
110 | |
111 | (define-public libssh2 | |
112 | (package | |
113 | (name "libssh2") | |
32deef23 | 114 | (version "1.8.2") |
2fbf053b AE |
115 | (source (origin |
116 | (method url-fetch) | |
117 | (uri (string-append | |
78d80c5c | 118 | "https://www.libssh2.org/download/libssh2-" |
2fbf053b | 119 | version ".tar.gz")) |
78d80c5c LF |
120 | (sha256 |
121 | (base32 | |
32deef23 | 122 | "0rqd37pc80nm2pz4sa2m9pfc48axys7jwq1l7z0vii5nyvchg0q8")) |
ac2d5de3 MB |
123 | (patches |
124 | (search-patches "libssh2-fix-build-failure-with-gcrypt.patch")))) | |
2fbf053b | 125 | (build-system gnu-build-system) |
e9c14f37 EB |
126 | ;; The installed libssh2.pc file does not include paths to libgcrypt and |
127 | ;; zlib libraries, so we need to propagate the inputs. | |
128 | (propagated-inputs `(("libgcrypt" ,libgcrypt) | |
129 | ("zlib" ,zlib))) | |
fe365a3d | 130 | (arguments `(#:configure-flags `("--with-libgcrypt") |
e2c7b7bb MB |
131 | #:phases (modify-phases %standard-phases |
132 | (replace 'bootstrap | |
133 | (lambda _ | |
134 | (invoke "autoreconf" "-v")))))) | |
ac2d5de3 MB |
135 | (native-inputs `(("autoconf" ,autoconf) |
136 | ("automake" ,automake))) | |
35b9e423 | 137 | (synopsis "Client-side C library implementing the SSH2 protocol") |
2fbf053b AE |
138 | (description |
139 | "libssh2 is a library intended to allow software developers access to | |
35b9e423 | 140 | the SSH-2 protocol in an easy-to-use self-contained package. It can be built |
2fbf053b AE |
141 | into an application to perform many different tasks when communicating with |
142 | a server that supports the SSH-2 protocol.") | |
143 | (license license:bsd-3) | |
18e627be | 144 | (home-page "https://www.libssh2.org/"))) |
fe0b8a78 | 145 | |
71b4974a LC |
146 | ;; XXX A hidden special obsolete libssh2 for temporary use in the curl package. |
147 | ;; <https://bugs.gnu.org/34927> | |
148 | (define-public libssh2-1.8.0 | |
149 | (hidden-package | |
150 | (package | |
151 | (inherit libssh2) | |
152 | (version "1.8.0") | |
153 | (source (origin | |
154 | (method url-fetch) | |
155 | (uri (string-append | |
156 | "https://www.libssh2.org/download/libssh2-" | |
157 | version ".tar.gz")) | |
158 | (sha256 | |
159 | (base32 | |
160 | "1m3n8spv79qhjq4yi0wgly5s5rc8783jb1pyra9bkx1md0plxwrr")) | |
161 | (patches | |
162 | (search-patches "libssh2-fix-build-failure-with-gcrypt.patch"))))))) | |
163 | ||
fe0b8a78 AE |
164 | (define-public openssh |
165 | (package | |
166 | (name "openssh") | |
fa619007 | 167 | (version "8.0p1") |
fe0b8a78 | 168 | (source (origin |
644e5f17 TGR |
169 | (method url-fetch) |
170 | (uri (string-append "mirror://openbsd/OpenSSH/portable/" | |
171 | name "-" version ".tar.gz")) | |
172 | (sha256 | |
173 | (base32 | |
fa619007 | 174 | "0s7xh4s0qcipnjh9ls5blxcpvhyd116z9dxn3q1yi64lwrwki55x")))) |
fe0b8a78 | 175 | (build-system gnu-build-system) |
618631f3 GB |
176 | (native-inputs `(("groff" ,groff) |
177 | ("pkg-config" ,pkg-config))) | |
178 | (inputs `(("libedit" ,libedit) | |
179 | ("openssl" ,openssl) | |
39012aab | 180 | ("pam" ,linux-pam) |
040b6299 | 181 | ("mit-krb5" ,mit-krb5) |
683a4a34 LC |
182 | ("zlib" ,zlib) |
183 | ("xauth" ,xauth))) ;for 'ssh -X' and 'ssh -Y' | |
fe0b8a78 AE |
184 | (arguments |
185 | `(#:test-target "tests" | |
d3552450 LF |
186 | ;; Otherwise, the test scripts try to use a nonexistent directory and |
187 | ;; fail. | |
188 | #:make-flags '("REGRESSTMP=\"$${BUILDDIR}/regress\"") | |
040b6299 | 189 | #:configure-flags `("--sysconfdir=/etc/ssh" |
39012aab | 190 | |
040b6299 | 191 | ;; Default value of 'PATH' used by sshd. |
9af49832 LC |
192 | "--with-default-path=/run/current-system/profile/bin" |
193 | ||
040b6299 JD |
194 | ;; configure needs to find krb5-config |
195 | ,(string-append "--with-kerberos5=" | |
196 | (assoc-ref %build-inputs "mit-krb5") | |
197 | "/bin") | |
198 | ||
618631f3 GB |
199 | ;; libedit needed for sftp completion |
200 | "--with-libedit" | |
201 | ||
39012aab LC |
202 | ;; Enable PAM support in sshd. |
203 | "--with-pam") | |
204 | ||
fe0b8a78 | 205 | #:phases |
a9ee11d5 RW |
206 | (modify-phases %standard-phases |
207 | (add-after 'configure 'reset-/var/empty | |
208 | (lambda* (#:key outputs #:allow-other-keys) | |
209 | (let ((out (assoc-ref outputs "out"))) | |
210 | (substitute* "Makefile" | |
211 | (("PRIVSEP_PATH=/var/empty") | |
212 | (string-append "PRIVSEP_PATH=" out "/var/empty"))) | |
213 | #t))) | |
214 | (add-before 'check 'patch-tests | |
215 | (lambda _ | |
216 | ;; remove 't-exec' regress target which requires user 'sshd' | |
217 | (substitute* "regress/Makefile" | |
218 | (("^(REGRESS_TARGETS=.*) t-exec(.*)" all pre post) | |
219 | (string-append pre post))) | |
220 | #t)) | |
221 | (replace 'install | |
36f26211 | 222 | (lambda* (#:key outputs (make-flags '()) #:allow-other-keys) |
a9ee11d5 | 223 | ;; install without host keys and system configuration files |
27b6adb7 MW |
224 | (apply invoke "make" "install-nosysconf" make-flags) |
225 | (install-file "contrib/ssh-copy-id" | |
226 | (string-append (assoc-ref outputs "out") | |
227 | "/bin/")) | |
228 | (chmod (string-append (assoc-ref outputs "out") | |
229 | "/bin/ssh-copy-id") #o555) | |
230 | (install-file "contrib/ssh-copy-id.1" | |
231 | (string-append (assoc-ref outputs "out") | |
232 | "/share/man/man1/")) | |
233 | #t))))) | |
35b9e423 | 234 | (synopsis "Client and server for the secure shell (ssh) protocol") |
fe0b8a78 AE |
235 | (description |
236 | "The SSH2 protocol implemented in OpenSSH is standardised by the | |
237 | IETF secsh working group and is specified in several RFCs and drafts. | |
238 | It is composed of three layered components: | |
239 | ||
240 | The transport layer provides algorithm negotiation and a key exchange. | |
241 | The key exchange includes server authentication and results in a | |
242 | cryptographically secured connection: it provides integrity, confidentiality | |
243 | and optional compression. | |
244 | ||
245 | The user authentication layer uses the established connection and relies on | |
35b9e423 EB |
246 | the services provided by the transport layer. It provides several mechanisms |
247 | for user authentication. These include traditional password authentication | |
fe0b8a78 AE |
248 | as well as public-key or host-based authentication mechanisms. |
249 | ||
250 | The connection layer multiplexes many different concurrent channels over the | |
251 | authenticated connection and allows tunneling of login sessions and | |
35b9e423 | 252 | TCP-forwarding. It provides a flow control service for these channels. |
fe0b8a78 | 253 | Additionally, various channel-specific options can be negotiated.") |
166191b3 | 254 | (license (license:non-copyleft "file://LICENSE" |
fe0b8a78 | 255 | "See LICENSE in the distribution.")) |
1121a5c6 | 256 | (home-page "https://www.openssh.com/"))) |
fe0b8a78 | 257 | |
49d294e5 LC |
258 | (define-public guile-ssh |
259 | (package | |
260 | (name "guile-ssh") | |
64bcc76c | 261 | (version "0.11.3") |
6634180f | 262 | (home-page "https://github.com/artyom-poptsov/guile-ssh") |
49d294e5 | 263 | (source (origin |
e98c354d LC |
264 | (method git-fetch) |
265 | (uri (git-reference | |
266 | (url home-page) | |
267 | (commit (string-append "v" version)))) | |
6634180f | 268 | (file-name (string-append name "-" version ".tar.gz")) |
49d294e5 LC |
269 | (sha256 |
270 | (base32 | |
e98c354d | 271 | "03bv3hwp2s8f0bqgfjaan9jx4dyab0abv27n2zn2g0izlidv0vl6")) |
a8b0556e LC |
272 | (modules '((guix build utils))) |
273 | (snippet | |
274 | '(begin | |
275 | ;; libssh >= 0.8.0 no longer provides libssh_threads: see | |
276 | ;; <https://github.com/artyom-poptsov/guile-ssh/issues/9>. | |
277 | (substitute* "libguile-ssh/Makefile.am" | |
278 | (("-lssh_threads") "")) | |
279 | ||
280 | ;; This test would wrongfully pick DSS keys when running on | |
281 | ;; libssh >= 0.8.0, which fails: | |
282 | ;; <https://github.com/artyom-poptsov/guile-ssh/issues/10>. | |
283 | (substitute* "tests/server.scm" | |
284 | (("= %libssh-minor-version 7") | |
285 | ">= %libssh-minor-version 7")) | |
286 | #t)))) | |
49d294e5 | 287 | (build-system gnu-build-system) |
74460d11 | 288 | (outputs '("out" "debug")) |
49d294e5 | 289 | (arguments |
c305ac30 LC |
290 | '(;; It makes no sense to build libguile-ssh.a. |
291 | #:configure-flags '("--disable-static") | |
292 | ||
293 | #:phases (modify-phases %standard-phases | |
8a8f6590 LC |
294 | (add-after 'unpack 'autoreconf |
295 | (lambda* (#:key inputs #:allow-other-keys) | |
e7c37ed5 | 296 | (invoke "autoreconf" "-vfi"))) |
92b72582 | 297 | (add-before 'build 'fix-libguile-ssh-file-name |
8a8f6590 | 298 | (lambda* (#:key outputs #:allow-other-keys) |
92b72582 LC |
299 | ;; Build and install libguile-ssh.so so that we can use |
300 | ;; its absolute file name in .scm files, before we build | |
301 | ;; the .go files. | |
e7c37ed5 TGR |
302 | (let* ((out (assoc-ref outputs "out")) |
303 | (lib (string-append out "/lib"))) | |
304 | (invoke "make" "install" | |
305 | "-C" "libguile-ssh" | |
306 | "-j" (number->string | |
307 | (parallel-job-count))) | |
308 | (substitute* (find-files "." "\\.scm$") | |
309 | (("\"libguile-ssh\"") | |
310 | (string-append "\"" lib "/libguile-ssh\""))) | |
311 | #t))) | |
d0002642 RJ |
312 | (add-after 'install 'remove-bin-directory |
313 | (lambda* (#:key outputs #:allow-other-keys) | |
314 | (let* ((out (assoc-ref outputs "out")) | |
315 | (bin (string-append out "/bin")) | |
316 | (examples (string-append | |
317 | out "/share/guile-ssh/examples"))) | |
318 | (mkdir-p examples) | |
319 | (rename-file (string-append bin "/ssshd.scm") | |
320 | (string-append examples "/ssshd.scm")) | |
321 | (rename-file (string-append bin "/sssh.scm") | |
322 | (string-append examples "/sssh.scm")) | |
323 | (delete-file-recursively bin) | |
324 | #t)))) | |
afde8da3 LC |
325 | ;; Tests are not parallel-safe. |
326 | #:parallel-tests? #f)) | |
49d294e5 LC |
327 | (native-inputs `(("autoconf" ,autoconf) |
328 | ("automake" ,automake) | |
3246cc91 | 329 | ("libtool" ,libtool) |
00ee3a71 | 330 | ("texinfo" ,texinfo) |
49d294e5 LC |
331 | ("pkg-config" ,pkg-config) |
332 | ("which" ,which))) | |
4d8806c3 | 333 | (inputs `(("guile" ,guile-2.2) |
6f9d5b2e | 334 | ("libssh" ,libssh) |
44fd0994 | 335 | ("libgcrypt" ,libgcrypt))) |
49d294e5 LC |
336 | (synopsis "Guile bindings to libssh") |
337 | (description | |
338 | "Guile-SSH is a library that provides access to the SSH protocol for | |
339 | programs written in GNU Guile interpreter. It is a wrapper to the underlying | |
340 | libssh library.") | |
49d294e5 | 341 | (license license:gpl3+))) |
513e1950 | 342 | |
befbaebf | 343 | (define-public guile2.2-ssh |
4d8806c3 LC |
344 | (deprecated-package "guile2.2-ssh" guile-ssh)) |
345 | ||
346 | (define-public guile2.0-ssh | |
75c260ba LC |
347 | (package |
348 | (inherit guile-ssh) | |
4d8806c3 LC |
349 | (name "guile2.0-ssh") |
350 | (inputs `(("guile" ,guile-2.0) | |
75c260ba | 351 | ,@(alist-delete "guile" (package-inputs guile-ssh)))))) |
befbaebf | 352 | |
513e1950 SHT |
353 | (define-public corkscrew |
354 | (package | |
355 | (name "corkscrew") | |
356 | (version "2.0") | |
357 | (source | |
358 | (origin | |
359 | (method url-fetch) | |
040ae44a TGR |
360 | ;; The agroman.net domain name expired on 2017-03-23, and the original |
361 | ;; "http://www.agroman.net/corkscrew/corkscrew-2.0.tar.gz" now returns | |
362 | ;; bogus HTML. Perhaps it will yet return. Until then, use a mirror. | |
363 | (uri (string-append "https://downloads.openwrt.org/sources/" | |
364 | "corkscrew-" version ".tar.gz")) | |
513e1950 SHT |
365 | (sha256 (base32 |
366 | "1gmhas4va6gd70i2x2mpxpwpgww6413mji29mg282jms3jscn3qd")))) | |
367 | (build-system gnu-build-system) | |
368 | (arguments | |
d2656332 | 369 | `(#:phases |
91c52629 EF |
370 | (modify-phases %standard-phases |
371 | (replace 'configure | |
5b34f56c TGR |
372 | ;; Replace configure phase as the ./configure script does not like |
373 | ;; CONFIG_SHELL and SHELL passed as parameters | |
374 | (lambda* (#:key outputs build target #:allow-other-keys) | |
375 | (let* ((out (assoc-ref outputs "out")) | |
376 | (bash (which "bash")) | |
91c52629 EF |
377 | ;; Set --build and --host flags as the provided config.guess |
378 | ;; is not able to detect them | |
5b34f56c | 379 | (flags `(,(string-append "--prefix=" out) |
91c52629 EF |
380 | ,(string-append "--build=" build) |
381 | ,(string-append "--host=" (or target build))))) | |
382 | (setenv "CONFIG_SHELL" bash) | |
5b34f56c | 383 | (apply invoke bash "./configure" flags)))) |
81d95a12 TGR |
384 | (add-after 'install 'install-documentation |
385 | (lambda* (#:key outputs #:allow-other-keys) | |
386 | (let* ((out (assoc-ref outputs "out")) | |
d2656332 | 387 | (doc (string-append out "/share/doc/" ,name "-" ,version))) |
81d95a12 TGR |
388 | (install-file "README" doc) |
389 | #t)))))) | |
513e1950 | 390 | (home-page "http://www.agroman.net/corkscrew") |
10c95711 | 391 | (synopsis "SSH tunneling through HTTP(S) proxies") |
513e1950 | 392 | (description |
10c95711 TGR |
393 | "Corkscrew tunnels SSH connections through most HTTP and HTTPS proxies. |
394 | Proxy authentication is only supported through the plain-text HTTP basic | |
395 | authentication scheme.") | |
513e1950 | 396 | (license license:gpl2+))) |
87bf526b LC |
397 | |
398 | (define-public mosh | |
399 | (package | |
400 | (name "mosh") | |
4b8b245b | 401 | (version "1.3.2") |
87bf526b LC |
402 | (source (origin |
403 | (method url-fetch) | |
c3671282 | 404 | (uri (string-append "https://mosh.org/mosh-" version ".tar.gz")) |
87bf526b LC |
405 | (sha256 |
406 | (base32 | |
4b8b245b | 407 | "05hjhlp6lk8yjcy59zywpf0r6s0h0b9zxq0lw66dh9x8vxrhaq6s")))) |
87bf526b LC |
408 | (build-system gnu-build-system) |
409 | (arguments | |
11379192 EF |
410 | '(#:phases |
411 | (modify-phases %standard-phases | |
412 | (add-after 'install 'wrap | |
413 | (lambda* (#:key outputs #:allow-other-keys) | |
414 | ;; Make sure 'mosh' can find 'mosh-client' and | |
415 | ;; 'mosh-server'. | |
416 | (let* ((out (assoc-ref outputs "out")) | |
417 | (bin (string-append out "/bin"))) | |
418 | (wrap-program (string-append bin "/mosh") | |
419 | `("PATH" ":" prefix (,bin))))))))) | |
87bf526b LC |
420 | (native-inputs |
421 | `(("pkg-config" ,pkg-config))) | |
422 | (inputs | |
423 | `(("openssl" ,openssl) | |
424 | ("perl" ,perl) | |
425 | ("perl-io-tty" ,perl-io-tty) | |
426 | ("zlib" ,zlib) | |
427 | ("ncurses" ,ncurses) | |
428 | ("protobuf" ,protobuf) | |
429 | ("boost-headers" ,boost))) | |
c3671282 | 430 | (home-page "https://mosh.org/") |
87bf526b LC |
431 | (synopsis "Remote shell tolerant to intermittent connectivity") |
432 | (description | |
433 | "Remote terminal application that allows roaming, supports intermittent | |
434 | connectivity, and provides intelligent local echo and line editing of user | |
435 | keystrokes. Mosh is a replacement for SSH. It's more robust and responsive, | |
436 | especially over Wi-Fi, cellular, and long-distance links.") | |
437 | (license license:gpl3+))) | |
8c6cfd55 | 438 | |
c9a6a36f SR |
439 | (define-public et |
440 | (package | |
441 | (name "et") | |
442 | (version "3.1.0") | |
443 | (source | |
444 | (origin | |
1be06dda TGR |
445 | (method git-fetch) |
446 | (uri (git-reference | |
447 | (url "https://github.com/MisterTea/EternalTCP.git") | |
448 | (commit (string-append "et-v" version)))) | |
fc32bc45 | 449 | (file-name (git-file-name name version)) |
c9a6a36f | 450 | (sha256 |
1be06dda | 451 | (base32 "1m5caxckn2ihwp9s2pbyh5amxlpwr7yc54q8s0kb10fr52w2vfnm")))) |
c9a6a36f SR |
452 | (build-system cmake-build-system) |
453 | (arguments `(#:tests? #f)) | |
454 | (native-inputs | |
455 | `(("pkg-config" ,pkg-config))) | |
456 | (inputs `(("glog" ,glog) | |
457 | ("gflags" ,gflags) | |
458 | ("libsodium" ,libsodium) | |
459 | ("protobuf" ,protobuf))) | |
460 | (synopsis "Remote shell that automatically reconnects") | |
461 | (description | |
462 | "Eternal Terminal (ET) is a remote shell that automatically reconnects | |
463 | without interrupting the session. Unlike SSH sessions, ET sessions will | |
839ee8d5 TGR |
464 | survive even network outages and IP changes. ET uses a custom protocol over |
465 | TCP, not the SSH protocol.") | |
c9a6a36f SR |
466 | (home-page "https://mistertea.github.io/EternalTCP/") |
467 | (license license:asl2.0))) | |
468 | ||
8c6cfd55 JD |
469 | (define-public dropbear |
470 | (package | |
471 | (name "dropbear") | |
cf9ab49e | 472 | (version "2019.78") |
e190d12e TGR |
473 | (source |
474 | (origin | |
475 | (method url-fetch) | |
476 | (uri (string-append | |
477 | "https://matt.ucc.asn.au/dropbear/releases/" | |
478 | "dropbear-" version ".tar.bz2")) | |
479 | (sha256 | |
cf9ab49e | 480 | (base32 "19242qlr40pbqfqd0gg6h8qpj38q6lgv03ja6sahj9vj2abnanaj")))) |
8c6cfd55 | 481 | (build-system gnu-build-system) |
e190d12e | 482 | (arguments `(#:tests? #f)) ; there is no "make check" or anything similar |
d5612439 LF |
483 | ;; TODO: Investigate unbundling libtommath and libtomcrypt or at least |
484 | ;; cherry-picking important bug fixes from them. See <bugs.gnu.org/24674> | |
485 | ;; for more information. | |
8c6cfd55 JD |
486 | (inputs `(("zlib" ,zlib))) |
487 | (synopsis "Small SSH server and client") | |
488 | (description "Dropbear is a relatively small SSH server and | |
35b9e423 EB |
489 | client. It runs on a variety of POSIX-based platforms. Dropbear is |
490 | particularly useful for embedded systems, such as wireless routers.") | |
8c6cfd55 JD |
491 | (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html") |
492 | (license (license:x11-style "" "See file LICENSE.")))) | |
2102ae2e DC |
493 | |
494 | (define-public liboop | |
495 | (package | |
496 | (name "liboop") | |
506737f1 | 497 | (version "1.0.1") |
2102ae2e DC |
498 | (source |
499 | (origin | |
500 | (method url-fetch) | |
506737f1 TGR |
501 | (uri (string-append "http://ftp.lysator.liu.se/pub/liboop/" |
502 | name "-" version ".tar.gz")) | |
2102ae2e DC |
503 | (sha256 |
504 | (base32 | |
506737f1 | 505 | "1q0p1l72pq9k3bi7a366j2rishv7dzzkg3i6r2npsfg7cnnidbsn")))) |
2102ae2e DC |
506 | (build-system gnu-build-system) |
507 | (home-page "http://www.lysator.liu.se/liboop/") | |
508 | (synopsis "Event loop library") | |
509 | (description "Liboop is a low-level event loop management library for | |
510 | POSIX-based operating systems. It supports the development of modular, | |
511 | multiplexed applications which may respond to events from several sources. It | |
512 | replaces the \"select() loop\" and allows the registration of event handlers | |
513 | for file and network I/O, timers and signals. Since processes use these | |
514 | mechanisms for almost all external communication, liboop can be used as the | |
515 | basis for almost any application.") | |
516 | (license license:lgpl2.1+))) | |
517 | ||
518 | (define-public lsh | |
519 | (package | |
520 | (name "lsh") | |
521 | (version "2.1") | |
522 | (source (origin | |
523 | (method url-fetch) | |
524 | (uri (string-append "mirror://gnu/lsh/lsh-" | |
525 | version ".tar.gz")) | |
526 | (sha256 | |
527 | (base32 | |
528 | "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb")) | |
529 | (modules '((guix build utils))) | |
530 | (snippet | |
531 | '(begin | |
532 | (substitute* "src/testsuite/functions.sh" | |
533 | (("localhost") | |
534 | ;; Avoid host name lookups since they don't work in | |
535 | ;; chroot builds. | |
536 | "127.0.0.1") | |
537 | (("set -e") | |
538 | ;; Make tests more verbose. | |
539 | "set -e\nset -x")) | |
540 | ||
541 | (substitute* (find-files "src/testsuite" "-test$") | |
542 | (("localhost") "127.0.0.1")) | |
543 | ||
544 | (substitute* "src/testsuite/login-auth-test" | |
6cbee49d MW |
545 | (("/bin/cat") "cat")) |
546 | #t)))) | |
2102ae2e DC |
547 | (build-system gnu-build-system) |
548 | (native-inputs | |
549 | `(("m4" ,m4) | |
550 | ("guile" ,guile-2.0) | |
551 | ("gperf" ,gperf) | |
552 | ("psmisc" ,psmisc))) ; for `killall' | |
553 | (inputs | |
554 | `(("nettle" ,nettle-2) | |
555 | ("linux-pam" ,linux-pam) | |
556 | ||
557 | ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in | |
558 | ;; Readline 6.3. | |
559 | ("readline" ,readline-6.2) | |
560 | ||
561 | ("liboop" ,liboop) | |
562 | ("zlib" ,zlib) | |
563 | ("gmp" ,gmp) | |
564 | ||
565 | ;; The server (lshd) invokes xauth when X11 forwarding is requested. | |
566 | ;; This adds 24 MiB (or 27%) to the closure of lsh. | |
567 | ("xauth" ,xauth))) | |
568 | (arguments | |
569 | '(;; Skip the `configure' test that checks whether /dev/ptmx & | |
570 | ;; co. work as expected, because it relies on impurities (for | |
571 | ;; instance, /dev/pts may be unavailable in chroots.) | |
d5c969ce LC |
572 | #:configure-flags '("lsh_cv_sys_unix98_ptys=yes" |
573 | ||
574 | ;; Use glibc's argp rather than the bundled one. | |
575 | "--with-system-argp" | |
576 | ||
577 | ;; 'lsh_argp.h' checks HAVE_ARGP_PARSE but nothing | |
578 | ;; defines it. | |
579 | "CPPFLAGS=-DHAVE_ARGP_PARSE") | |
2102ae2e DC |
580 | |
581 | ;; FIXME: Tests won't run in a chroot, presumably because | |
582 | ;; /etc/profile is missing, and thus clients get an empty $PATH | |
583 | ;; and nothing works. | |
584 | #:tests? #f | |
585 | ||
586 | #:phases | |
587 | (modify-phases %standard-phases | |
588 | (add-before 'configure 'pre-configure | |
589 | (lambda* (#:key inputs #:allow-other-keys) | |
590 | (let* ((nettle (assoc-ref inputs "nettle")) | |
591 | (sexp-conv (string-append nettle "/bin/sexp-conv"))) | |
d5c969ce LC |
592 | ;; Remove argp from the list of sub-directories; we don't want |
593 | ;; to build it, really. | |
594 | (substitute* "src/Makefile.in" | |
595 | (("^SUBDIRS = argp") | |
596 | "SUBDIRS =")) | |
597 | ||
2102ae2e DC |
598 | ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place |
599 | ;; by default. | |
600 | (substitute* "src/environ.h.in" | |
601 | (("^#define PATH_SEXP_CONV.*") | |
602 | (string-append "#define PATH_SEXP_CONV \"" | |
603 | sexp-conv "\"\n"))) | |
604 | ||
605 | ;; Same for the 'lsh-authorize' script. | |
606 | (substitute* "src/lsh-authorize" | |
607 | (("=sexp-conv") | |
608 | (string-append "=" sexp-conv))) | |
609 | ||
610 | ;; Tell lshd where 'xauth' lives. Another option would be to | |
611 | ;; hardcode "/run/current-system/profile/bin/xauth", thereby | |
612 | ;; reducing the closure size, but that wouldn't work on foreign | |
613 | ;; distros. | |
614 | (with-fluids ((%default-port-encoding "ISO-8859-1")) | |
615 | (substitute* "src/server_x11.c" | |
616 | (("define XAUTH_PROGRAM.*") | |
617 | (string-append "define XAUTH_PROGRAM \"" | |
618 | (assoc-ref inputs "xauth") | |
619 | "/bin/xauth\"\n"))))) | |
620 | ||
621 | ;; Tests rely on $USER being set. | |
622 | (setenv "USER" "guix")))))) | |
623 | (home-page "http://www.lysator.liu.se/~nisse/lsh/") | |
624 | (synopsis "GNU implementation of the Secure Shell (ssh) protocols") | |
625 | (description | |
626 | "GNU lsh is a free implementation of the SSH version 2 protocol. It is | |
627 | used to create a secure line of communication between two computers, | |
628 | providing shell access to the server system from the client. It provides | |
629 | both the server daemon and the client application, as well as tools for | |
630 | manipulating key files.") | |
631 | (license license:gpl2+))) | |
c777570b NG |
632 | |
633 | (define-public sshpass | |
634 | (package | |
635 | (name "sshpass") | |
636 | (version "1.06") | |
637 | (synopsis "Non-interactive password authentication with SSH") | |
638 | (home-page "https://sourceforge.net/projects/sshpass/") | |
639 | (source | |
640 | (origin | |
641 | (method url-fetch) | |
642 | (uri (string-append "mirror://sourceforge/sshpass/sshpass/" | |
643 | version "/sshpass-" version ".tar.gz")) | |
644 | (sha256 | |
645 | (base32 | |
646 | "0q7fblaczb7kwbsz0gdy9267z0sllzgmf0c7z5c9mf88wv74ycn6")))) | |
647 | (build-system gnu-build-system) | |
648 | (description "sshpass is a tool for non-interactivly performing password | |
649 | authentication with SSH's so-called @dfn{interactive keyboard password | |
650 | authentication}.") | |
651 | (license license:gpl2+))) | |
8caeb117 CAW |
652 | |
653 | (define-public autossh | |
654 | (package | |
655 | (name "autossh") | |
d6bbb7e5 | 656 | (version "1.4g") |
8caeb117 CAW |
657 | (source |
658 | (origin | |
659 | (method url-fetch) | |
660 | (uri (string-append | |
26045af9 | 661 | "https://www.harding.motd.ca/autossh/autossh-" |
8caeb117 CAW |
662 | version ".tgz")) |
663 | (sha256 | |
d6bbb7e5 | 664 | (base32 "0xqjw8df68f4kzkns5gcah61s5wk0m44qdk2z1d6388w6viwxhsz")))) |
8caeb117 CAW |
665 | (build-system gnu-build-system) |
666 | (arguments `(#:tests? #f)) ; There is no "make check" or anything similar | |
667 | (inputs `(("openssh" ,openssh))) | |
668 | (synopsis "Automatically restart SSH sessions and tunnels") | |
669 | (description "autossh is a program to start a copy of @command{ssh} and | |
670 | monitor it, restarting it as necessary should it die or stop passing traffic.") | |
26045af9 | 671 | (home-page "https://www.harding.motd.ca/autossh/") |
8caeb117 CAW |
672 | (license |
673 | ;; Why point to a source file? Well, all the individual files have a | |
674 | ;; copy of this license in their headers, but there's no separate file | |
675 | ;; with that information. | |
676 | (license:non-copyleft "file://autossh.c")))) | |
227dbd84 RW |
677 | |
678 | (define-public pdsh | |
679 | (package | |
680 | (name "pdsh") | |
b982fb1c | 681 | (version "2.33") |
227dbd84 RW |
682 | (source |
683 | (origin | |
684 | (method url-fetch) | |
b982fb1c | 685 | (uri (string-append "https://github.com/chaos/pdsh/" |
686 | "releases/download/pdsh-" version | |
687 | "/pdsh-" version ".tar.gz")) | |
688 | (file-name (string-append name "-" version ".tar.gz")) | |
227dbd84 | 689 | (sha256 |
b982fb1c | 690 | (base32 "0bwlkl9inj66iwvafg00pi3sk9n673phdi0kcc59y9nn55s0hs3k")))) |
227dbd84 RW |
691 | (build-system gnu-build-system) |
692 | (arguments | |
693 | `(#:configure-flags | |
694 | (list "--with-ssh") | |
695 | #:phases | |
696 | (modify-phases %standard-phases | |
697 | (add-after 'unpack 'patch-/bin/sh | |
698 | (lambda _ | |
b982fb1c | 699 | (substitute* '("tests/t0006-pdcp.sh" |
700 | "tests/t0004-module-loading.sh" | |
701 | "tests/t2001-ssh.sh" | |
702 | "tests/t1003-slurm.sh" | |
703 | "tests/t6036-long-output-lines.sh" | |
704 | "tests/aggregate-results.sh" | |
705 | "tests/t2000-exec.sh" | |
706 | "tests/t0002-internal.sh" | |
707 | "tests/t1002-dshgroup.sh" | |
708 | "tests/t5000-dshbak.sh" | |
709 | "tests/t0001-basic.sh" | |
710 | "tests/t0005-rcmd_type-and-user.sh" | |
227dbd84 | 711 | "tests/test-lib.sh" |
b982fb1c | 712 | "tests/t2002-mrsh.sh" |
713 | "tests/t0003-wcoll.sh" | |
227dbd84 RW |
714 | "tests/test-modules/pcptest.c") |
715 | (("/bin/sh") (which "bash"))) | |
b982fb1c | 716 | #t)) |
717 | (add-after 'unpack 'patch-tests | |
718 | (lambda _ | |
719 | (substitute* "tests/t6036-long-output-lines.sh" | |
720 | (("which") (which "which"))) | |
227dbd84 RW |
721 | #t))))) |
722 | (inputs | |
723 | `(("openssh" ,openssh) | |
724 | ("mit-krb5" ,mit-krb5) | |
725 | ("perl" ,perl))) | |
b982fb1c | 726 | (native-inputs |
727 | `(("which" ,which))) | |
728 | (home-page "https://github.com/chaos/pdsh") | |
227dbd84 RW |
729 | (synopsis "Parallel distributed shell") |
730 | (description "Pdsh is a an efficient, multithreaded remote shell client | |
731 | which executes commands on multiple remote hosts in parallel. Pdsh implements | |
732 | dynamically loadable modules for extended functionality such as new remote | |
733 | shell services and remote host selection.") | |
734 | (license license:gpl2+))) | |
ae72b8f5 MG |
735 | |
736 | (define-public clustershell | |
737 | (package | |
738 | (name "clustershell") | |
739 | (version "1.8") | |
740 | (source | |
741 | (origin | |
742 | (method url-fetch) | |
743 | (uri (string-append "https://github.com/cea-hpc/clustershell/archive/v" | |
744 | version | |
745 | ".tar.gz")) | |
746 | (sha256 | |
747 | (base32 "1qyf6zp5ikk8rk7zvx5ssbgr9si2bqv3a3415590kd07s7i16nmd")) | |
748 | (file-name (string-append name "-" version ".tar.gz")))) | |
749 | (build-system python-build-system) | |
750 | (inputs `(("openssh" ,openssh))) | |
751 | (propagated-inputs `(("python-pyyaml" ,python-pyyaml))) | |
752 | (arguments | |
753 | `(#:phases (modify-phases %standard-phases | |
754 | (add-before 'build 'record-openssh-file-name | |
755 | (lambda* (#:key inputs #:allow-other-keys) | |
756 | (let ((ssh (assoc-ref inputs "openssh"))) | |
757 | (substitute* "lib/ClusterShell/Worker/Ssh.py" | |
758 | (("info\\(\"ssh_path\"\\) or \"ssh\"") | |
759 | (string-append "info(\"ssh_path\") or \"" | |
760 | ssh "/bin/ssh\""))) | |
761 | #t)))))) | |
762 | (home-page "https://cea-hpc.github.io/clustershell/") | |
763 | (synopsis "Scalable event-driven Python framework for cluster administration") | |
764 | (description | |
765 | "ClusterShell is an event-driven Python framework, designed to run local | |
766 | or distant commands in parallel on server farms or on large GNU/Linux | |
767 | clusters. It will take care of common issues encountered on HPC clusters, | |
768 | such as operating on groups of nodes, running distributed commands using | |
769 | optimized execution algorithms, as well as gathering results and merging | |
770 | identical outputs, or retrieving return codes. ClusterShell takes advantage | |
771 | of existing remote shell facilities such as SSH.") | |
772 | (license license:lgpl2.1+))) |