Package Details: openssh-hpn-shim 9.1p1.hpn17v10-1

Git Clone URL: https://aur.archlinux.org/openssh-hpn.git (read-only, click to copy)
Package Base: openssh-hpn
Description: A Secure SHell server/client fork with High Performance patches included
Upstream URL: https://www.psc.edu/index.php/hpn-ssh/
Licenses: custom:BSD
Conflicts: openssh, openssh-hpn-git
Provides: openssh
Submitter: zer0def
Maintainer: zer0def
Last Packager: zer0def
Votes: 10
Popularity: 0.000051
First Submitted: 2019-03-04 06:50 (UTC)
Last Updated: 2022-12-21 13:05 (UTC)

Required by (339)

Sources (10)

Pinned Comments

zer0def commented on 2023-02-02 20:19 (UTC) (edited on 2023-02-06 08:23 (UTC) by zer0def)

Due to a potentially significant security fix affecting exclusively OpenSSH 9.1, I've marked this package as out of date as a means of discouraging users from installing it until HPN rebases onto 9.2. Users are temporarily encouraged to either roll back to hpn-9.0 or install upstream OpenSSH.

Correct checksums for latest hpn-9_0_P1 tag, dated Dec 5th, 2022 are:

  • sha256: b0e345425d5fe52c93e1fb313288076f0c5c3a6f9b56bedfb17d0d822269cbffc192d0a7967fbf94a5dee775c3d7c5dfc178dd3053bac82ba747571f7c665952
  • blake2: c02da824ffe4e25ea9003f3e43baeeebbbd1cd5faf8437de60d3c1232a9905dcf44e1e6e58ebac3ddb00262c9085ff272b19dc7767d0cdeab88d55e775b5d719
  • blake3: 346813d846cfb590de895cc11675e7751cf5e758817db12635551c2fcab48d5a

ref: https://www.openssh.com/releasenotes.html | https://bugzilla.mindrot.org/show_bug.cgi?id=3522

zer0def commented on 2022-05-13 05:47 (UTC)

To maintain behavior pre-HPN17v0, install openssh-hpn-shim.

Latest Comments

1 2 3 Next › Last »

zer0def commented on 2023-02-02 20:19 (UTC) (edited on 2023-02-06 08:23 (UTC) by zer0def)

Due to a potentially significant security fix affecting exclusively OpenSSH 9.1, I've marked this package as out of date as a means of discouraging users from installing it until HPN rebases onto 9.2. Users are temporarily encouraged to either roll back to hpn-9.0 or install upstream OpenSSH.

Correct checksums for latest hpn-9_0_P1 tag, dated Dec 5th, 2022 are:

  • sha256: b0e345425d5fe52c93e1fb313288076f0c5c3a6f9b56bedfb17d0d822269cbffc192d0a7967fbf94a5dee775c3d7c5dfc178dd3053bac82ba747571f7c665952
  • blake2: c02da824ffe4e25ea9003f3e43baeeebbbd1cd5faf8437de60d3c1232a9905dcf44e1e6e58ebac3ddb00262c9085ff272b19dc7767d0cdeab88d55e775b5d719
  • blake3: 346813d846cfb590de895cc11675e7751cf5e758817db12635551c2fcab48d5a

ref: https://www.openssh.com/releasenotes.html | https://bugzilla.mindrot.org/show_bug.cgi?id=3522

louisl commented on 2022-12-21 12:35 (UTC)

new checksums:

diff --git a/PKGBUILD b/PKGBUILD
index f537e9c..7ccf251 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -83 +83 @@ sha512sums=(
-  'b487eceec2158fd2caf429316d60e1d0cc5b16e79f965b31921f1664ebb0393dac9a3896a08847123aa201bd2cfa9bd8ffd390560a78a8d4f407acb7a8fc73d5'
+  'c0047d47570e3dde4b3531ca99d506d5d415fa608994875740d1e0b0f3a73237150b3a45de6c62071a2ea92e8915e80b73c340ecb20f14d098ccf9e95199bd51'
@@ -99 +99 @@ b2sums=(
-  'f5030284afd2b86960c3879214f548d3c0b53ddb2c4958d05f7c91db30a6f563700489cb6a2ad5ad936566d51d7c94fed33f1093052884797c804169959488eb'
+  'a9eee5c2189ae4fb5b8cfc0f9f4022fdd6b2f42b3356e6cb7c0e947bd3240bb2a42b0e3f48df035034563d0625bb16ae410cb3fffa39976828347d0181fbe501'

npfeiler commented on 2022-09-30 22:54 (UTC)

with 9.0p1.hpn17v4-2

error: failed to commit transaction (conflicting files)
openssh-hpn: /usr/share/man/man1/slogin.1.gz exists in filesystem (owned by openssh)

melvyn2 commented on 2022-05-17 22:43 (UTC)

to fix the below message and other missing files (like man pages):

diff --git a/PKGBUILD b/PKGBUILD
index 010ca5a..e62d32c 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -49,7 +49,7 @@ _hpn_ver=hpn17v0
 #_pkgver="$(sed -e 's/\./_/' -e 's/p/_P/' <<< ${_openssh_ver})_new"
 _pkgver="$(sed -e 's/\./_/' -e 's/p/_P/' <<< ${_openssh_ver})"
 pkgver="${_openssh_ver}.${_hpn_ver}"
-pkgrel=6
+pkgrel=7
 pkgdesc='A Secure SHell server/client fork with High Performance patches included'
 url='https://www.psc.edu/index.php/hpn-ssh/'
 license=('custom:BSD')
@@ -75,14 +75,6 @@ source=(
   'sshd.pam'
   'sshd.conf'
 )
-backup=(
-  'etc/ssh/ssh_config'
-  'etc/ssh/sshd_config'
-  'etc/pam.d/sshd'
-  'etc/hpnssh/ssh_config'
-  'etc/hpnssh/sshd_config'
-  'etc/pam.d/hpnsshd'
-)

 sha512sums=(
   '190e4261a76ce5b31f8cdc76bc149c3c240611410461dd400e41ca55f4be4d5675473f16edbd648eaeb6d373136b831d61a9ae9f59c4e38ef8ecde738fda7880'
@@ -190,6 +182,12 @@ build() {
 #}

 package_openssh-hpn() {
+  backup=(
+    'etc/hpnssh/ssh_config'
+    'etc/hpnssh/sshd_config'
+    'etc/pam.d/hpnsshd'
+  )
+
   cd "${srcdir}/openssh-portable-hpn-${_pkgver}/"

   make DESTDIR="${pkgdir}" install
@@ -215,6 +213,11 @@ package_openssh-hpn() {
 }

 package_openssh-hpn-shim(){
+  backup=(
+    'etc/ssh/ssh_config'
+    'etc/ssh/sshd_config'
+    'etc/pam.d/sshd'
+  )
   depends=('openssh-hpn')
   provides=('openssh')
   conflicts=('openssh' 'openssh-hpn-git')
@@ -222,14 +225,35 @@ package_openssh-hpn-shim(){
   cd "${srcdir}/openssh-portable-hpn-${_pkgver}/"

   install -dm0755 "${pkgdir}/usr/bin" "${pkgdir}/usr/lib/ssh";
-  pushd "${pkgdir}/usr/bin"
+  pushd "${pkgdir}/usr/bin" > /dev/null
   for i in findssl.sh scp sftp ssh ssh-add ssh-agent ssh-copy-id ssh-keygen ssh-keyscan sshd; do
     ln -s "hpn${i}" "${i}"
-  done; popd
-  pushd "${pkgdir}/usr/lib/ssh"
+  done; popd > /dev/null
+  pushd "${pkgdir}/usr/lib/ssh" > /dev/null
   for i in sftp-server ssh-keysign ssh-pkcs11-helper ssh-sk-helper; do
     ln -s "../hpnssh/hpn${i}" "${i}"
-  done; popd
+  done; popd > /dev/null
+  install -dm0755 "${pkgdir}/usr/share/man/man1" "${pkgdir}/usr/share/man/man5" "${pkgdir}/usr/share/man/man8"
+  pushd "${pkgdir}/usr/share/man" > /dev/null
+    pushd man1 > /dev/null
+    for i in scp sftp ssh-add ssh-agent ssh-copy-id ssh-keygen ssh-keyscan ssh; do
+      ln -s "hpn${i}.1.gz" "${i}.1.gz"
+    done; popd > /dev/null
+    pushd man5 > /dev/null
+    for i in moduli ssh_config sshd_config; do
+      ln -s "hpn${i}.5.gz" "${i}.5.gz"
+    done; popd > /dev/null
+    pushd man8 > /dev/null
+    for i in sftp-server ssh-keysign ssh-pkcs11-helper ssh-sk-helper sshd; do
+      ln -s "hpn${i}.8.gz" "${i}.8.gz"
+    done; popd > /dev/null
+  popd > /dev/null
+  install -dm0755 "${pkgdir}/etc/ssh"
+  pushd "${pkgdir}/etc" > /dev/null
+  for i in moduli ssh_config sshd_config; do
+    ln -s "hpnssh/${i}" "ssh/${i}"
+  done
+  popd > /dev/null

   install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service
   install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service

fow0ryl commented on 2022-05-16 12:34 (UTC)

Ok. Since update via normal update function (trizen -Syu) did not work, I got it installed with "trizen -S openssh-hpn-shim" But after reboot sshd.service failed to start :(

After some investigating I found that my old "/etc/ssh/sshd_config" was removed :( Veryfied this on 2 notebooks. The old config was removed on every device.

So I have to create a new one. i.e. cp /etc/hpnssh/sshd_config /etc/ssh/

Afterwards I have to change the port in /etc/ssh/sshd_config to 22. And so change "HostKey" line to point to my original key files again. Check if other features fits your needs ... (i.e. I have to set the non chipher to NoneEnabled yes)

zer0def commented on 2022-05-13 05:47 (UTC)

To maintain behavior pre-HPN17v0, install openssh-hpn-shim.

melvyn2 commented on 2022-05-13 00:32 (UTC) (edited on 2022-05-13 00:32 (UTC) by melvyn2)

Personally, the upstream changes make this package useless for me, as I perform large file transfers that actually benefit only in other apps that call the openssh binaries or libraries...

Would it be possible to make an (optional) patch to allow for the previous drop-in behavior?

hrast commented on 2022-05-12 01:20 (UTC)

Word of warning, there are a lot of changes in hpn17v0-1 version (paths, filenames, etc). You will most likely need to access your system via some other method while correcting the issues. It looks like most (if not all) changes were done to allow openssh-hpn to coexist with upstream openssh.

hasardeur commented on 2021-08-30 10:35 (UTC)

Thank you for the update. The new checksum works.

Thank you for your time!

hasardeur commented on 2021-08-30 09:21 (UTC) (edited on 2021-08-30 09:23 (UTC) by hasardeur)

I get an error while updating to the latest version, it seems the checksums do not match:

==> Validating source files with sha512sums...
    hpn-8_7_P1.tar.gz ... FAILED
    openssh-tests-scp.patch ... Passed
    glibc-2.31.patch ... Passed
    sshdgenkeys.service ... Passed
    sshd@.service ... Passed
    sshd.service ... Passed
    sshd.socket ... Passed
    sshd.pam ... Passed

When running

sha512sum hpn-8_7_P1.tar.gz
I get:
9c1c2246b9ba75bcc0d346a1bd694293b581d2173d3c1e6d5b9e12bbe3dcf4466c4977e93529f8ae299515a87b13c22ac7dc533081e4e1e8ce898be5ebba6e59  hpn-8_7_P1.tar.gz
Is this something I need to fix on my end?