openssh: update 8.8 -> 8.9

License-Update: blowfish relicensed under 3-BSD. Fix up ptests; listing the helper binaries one by one is not necessary. Unittests are skipped explicitly in run-ptest, no need to avoid building them. They still take long, but they can be executed on target if wanted. (From OE-Core rev: 9f031d936edb69c038639656288c84564434b906) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Alexander Kanavin <alex.kanavin@gmail.com> 2022-03-08 10:32:24 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-09 11:46:27 +0000
commit: 2c86f586d55d0f6b99053e3e4d14c9ee36fa8aa8 (patch)
tree: 84da17ca98ee0bb7347cee9d513b2d3955689c4a /meta/recipes-connectivity/openssh/openssh_8.9p1.bb
parent: 19e1beb5ae21254854c11873ae0298d466ee1c08 (diff)
download: poky-2c86f586d55d0f6b99053e3e4d14c9ee36fa8aa8.tar.gz
1 files changed, 187 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
new file mode 100644
index 0000000000..6c5c1912e8
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -0,0 +1,187 @@
+SUMMARY = "A suite of security-related network utilities based on \
+the SSH protocol including the ssh client and sshd server"
+DESCRIPTION = "Secure rlogin/rsh/rcp/telnet replacement (OpenSSH) \
+Ssh (Secure Shell) is a program for logging into a remote machine \
+and for executing commands on a remote machine."
+HOMEPAGE = "http://www.openssh.com/"
+SECTION = "console/network"
+LICENSE = "BSD-2-Clause & BSD-3-Clause & ISC & MIT"
+LIC_FILES_CHKSUM = "file://LICENCE;md5=8baf365614c9bdd63705f298c9afbfb9"
+DEPENDS = "zlib openssl virtual/crypt"
+DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
+SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \
+           file://sshd_config \
+           file://ssh_config \
+           file://init \
+           ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
+           file://sshd.socket \
+           file://sshd@.service \
+           file://sshdgenkeys.service \
+           file://volatiles.99_sshd \
+           file://run-ptest \
+           file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
+           file://sshd_check_keys \
+           file://add-test-support-for-busybox.patch \
+           file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
+           "
+SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
+# This CVE is specific to OpenSSH with the pam opie which we don't build/use here
+CVE_CHECK_IGNORE += "CVE-2007-2768"
+# This CVE is specific to OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7
+# and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded
+CVE_CHECK_IGNORE += "CVE-2014-9278"
+# CVE only applies to some distributed RHEL binaries
+CVE_CHECK_IGNORE += "CVE-2008-3844"
+PAM_SRC_URI = "file://sshd"
+inherit manpages useradd update-rc.d update-alternatives systemd
+USERADD_PACKAGES = "${PN}-sshd"
+USERADD_PARAM:${PN}-sshd = "--system --no-create-home --home-dir /var/run/sshd --shell /bin/false --user-group sshd"
+INITSCRIPT_PACKAGES = "${PN}-sshd"
+INITSCRIPT_NAME:${PN}-sshd = "sshd"
+INITSCRIPT_PARAMS:${PN}-sshd = "defaults 9"
+SYSTEMD_PACKAGES = "${PN}-sshd"
+SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket"
+inherit autotools-brokensep ptest
+PACKAGECONFIG ??= "rng-tools"
+PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5"
+PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns"
+PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
+PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat"
+# Add RRECOMMENDS to rng-tools for sshd package
+PACKAGECONFIG[rng-tools] = ""
+EXTRA_AUTORECONF += "--exclude=aclocal"
+# login path is hardcoded in sshd
+EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \
+                ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \
+                --without-zlib-version-check \
+                --with-privsep-path=${localstatedir}/run/sshd \
+                --sysconfdir=${sysconfdir}/ssh \
+                --with-xauth=${bindir}/xauth \
+                --disable-strip \
+                "
+# musl doesn't implement wtmp/utmp and logwtmp
+EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog"
+# https://bugzilla.mindrot.org/show_bug.cgi?id=3398
+EXTRA_OECONF:append:powerpc = " --with-sandbox=no"
+# Since we do not depend on libbsd, we do not want configure to use it
+# just because it finds libutil.h.  But, specifying --disable-libutil
+# causes compile errors, so...
+CACHED_CONFIGUREVARS += "ac_cv_header_bsd_libutil_h=no ac_cv_header_libutil_h=no"
+# passwd path is hardcoded in sshd
+CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd"
+# We don't want to depend on libblockfile
+CACHED_CONFIGUREVARS += "ac_cv_header_maillock_h=no"
+do_configure:prepend () {
+        export LD="${CC}"
+        install -m 0644 ${WORKDIR}/sshd_config ${B}/
+        install -m 0644 ${WORKDIR}/ssh_config ${B}/
+}
+do_compile_ptest() {
+        oe_runmake regress-binaries regress-unit-binaries
+}
+do_install:append () {
+        if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
+                install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
+                sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
+        fi
+        if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then
+                sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' ${D}${sysconfdir}/ssh/sshd_config
+        fi
+        install -d ${D}${sysconfdir}/init.d
+        install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd
+        rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin
+        rmdir ${D}${localstatedir}/run/sshd ${D}${localstatedir}/run ${D}${localstatedir}
+        install -d ${D}/${sysconfdir}/default/volatiles
+        install -m 644 ${WORKDIR}/volatiles.99_sshd ${D}/${sysconfdir}/default/volatiles/99_sshd
+        install -m 0755 ${S}/contrib/ssh-copy-id ${D}${bindir}
+        # Create config files for read-only rootfs
+        install -d ${D}${sysconfdir}/ssh
+        install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly
+        sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly
+        echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
+        echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
+        echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
+        install -d ${D}${systemd_system_unitdir}
+        install -c -m 0644 ${WORKDIR}/sshd.socket ${D}${systemd_system_unitdir}
+        install -c -m 0644 ${WORKDIR}/sshd@.service ${D}${systemd_system_unitdir}
+        install -c -m 0644 ${WORKDIR}/sshdgenkeys.service ${D}${systemd_system_unitdir}
+        sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
+                -e 's,@SBINDIR@,${sbindir},g' \
+                -e 's,@BINDIR@,${bindir},g' \
+                -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \
+                ${D}${systemd_system_unitdir}/sshd.socket ${D}${systemd_system_unitdir}/*.service
+        sed -i -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \
+                ${D}${sysconfdir}/init.d/sshd
+        install -D -m 0755 ${WORKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys
+}
+do_install_ptest () {
+        sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libexecdir}/sftp-server|" regress/test-exec.sh
+        cp -r regress ${D}${PTEST_PATH}
+        cp config.h ${D}${PTEST_PATH}
+}
+ALLOW_EMPTY:${PN} = "1"
+PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server"
+FILES:${PN}-scp = "${bindir}/scp.${BPN}"
+FILES:${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config"
+FILES:${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_system_unitdir}"
+FILES:${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd"
+FILES:${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys"
+FILES:${PN}-sftp = "${bindir}/sftp"
+FILES:${PN}-sftp-server = "${libexecdir}/sftp-server"
+FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*"
+FILES:${PN}-keygen = "${bindir}/ssh-keygen"
+RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen"
+RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}"
+RRECOMMENDS:${PN}-sshd:append:class-target = "\
+    ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \
+"
+# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies
+RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils"
+RPROVIDES:${PN}-ssh = "ssh"
+RPROVIDES:${PN}-sshd = "sshd"
+RCONFLICTS:${PN} = "dropbear"
+RCONFLICTS:${PN}-sshd = "dropbear"
+CONFFILES:${PN}-sshd = "${sysconfdir}/ssh/sshd_config"
+CONFFILES:${PN}-ssh = "${sysconfdir}/ssh/ssh_config"
+ALTERNATIVE_PRIORITY = "90"
+ALTERNATIVE:${PN}-scp = "scp"
+ALTERNATIVE:${PN}-ssh = "ssh"
+BBCLASSEXTEND += "nativesdk"
author	Alexander Kanavin <alex.kanavin@gmail.com>	2022-03-08 10:32:24 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-03-09 11:46:27 +0000
commit	2c86f586d55d0f6b99053e3e4d14c9ee36fa8aa8 (patch)
tree	84da17ca98ee0bb7347cee9d513b2d3955689c4a /meta/recipes-connectivity/openssh/openssh_8.9p1.bb
parent	19e1beb5ae21254854c11873ae0298d466ee1c08 (diff)
download	poky-2c86f586d55d0f6b99053e3e4d14c9ee36fa8aa8.tar.gz

diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb new file mode 100644 index 0000000000..6c5c1912e8 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -0,0 +1,187 @@
	1	SUMMARY = "A suite of security-related network utilities based on \
	2	the SSH protocol including the ssh client and sshd server"
	3	DESCRIPTION = "Secure rlogin/rsh/rcp/telnet replacement (OpenSSH) \
	4	Ssh (Secure Shell) is a program for logging into a remote machine \
	5	and for executing commands on a remote machine."
	6	HOMEPAGE = "http://www.openssh.com/"
	7	SECTION = "console/network"
	8	LICENSE = "BSD-2-Clause & BSD-3-Clause & ISC & MIT"
	9	LIC_FILES_CHKSUM = "file://LICENCE;md5=8baf365614c9bdd63705f298c9afbfb9"
	10
	11	DEPENDS = "zlib openssl virtual/crypt"
	12	DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
	13
	14	SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \
	15	file://sshd_config \
	16	file://ssh_config \
	17	file://init \
	18	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
	19	file://sshd.socket \
	20	file://sshd@.service \
	21	file://sshdgenkeys.service \
	22	file://volatiles.99_sshd \
	23	file://run-ptest \
	24	file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
	25	file://sshd_check_keys \
	26	file://add-test-support-for-busybox.patch \
	27	file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
	28	"
	29	SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
	30
	31	# This CVE is specific to OpenSSH with the pam opie which we don't build/use here
	32	CVE_CHECK_IGNORE += "CVE-2007-2768"
	33
	34	# This CVE is specific to OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7
	35	# and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded
	36	CVE_CHECK_IGNORE += "CVE-2014-9278"
	37
	38	# CVE only applies to some distributed RHEL binaries
	39	CVE_CHECK_IGNORE += "CVE-2008-3844"
	40
	41	PAM_SRC_URI = "file://sshd"
	42
	43	inherit manpages useradd update-rc.d update-alternatives systemd
	44
	45	USERADD_PACKAGES = "${PN}-sshd"
	46	USERADD_PARAM:${PN}-sshd = "--system --no-create-home --home-dir /var/run/sshd --shell /bin/false --user-group sshd"
	47	INITSCRIPT_PACKAGES = "${PN}-sshd"
	48	INITSCRIPT_NAME:${PN}-sshd = "sshd"
	49	INITSCRIPT_PARAMS:${PN}-sshd = "defaults 9"
	50
	51	SYSTEMD_PACKAGES = "${PN}-sshd"
	52	SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket"
	53
	54	inherit autotools-brokensep ptest
	55
	56	PACKAGECONFIG ??= "rng-tools"
	57	PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5"
	58	PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns"
	59	PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
	60	PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat"
	61
	62	# Add RRECOMMENDS to rng-tools for sshd package
	63	PACKAGECONFIG[rng-tools] = ""
	64
	65	EXTRA_AUTORECONF += "--exclude=aclocal"
	66
	67	# login path is hardcoded in sshd
	68	EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \
	69	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \
	70	--without-zlib-version-check \
	71	--with-privsep-path=${localstatedir}/run/sshd \
	72	--sysconfdir=${sysconfdir}/ssh \
	73	--with-xauth=${bindir}/xauth \
	74	--disable-strip \
	75	"
	76
	77	# musl doesn't implement wtmp/utmp and logwtmp
	78	EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog"
	79
	80	# https://bugzilla.mindrot.org/show_bug.cgi?id=3398
	81	EXTRA_OECONF:append:powerpc = " --with-sandbox=no"
	82
	83	# Since we do not depend on libbsd, we do not want configure to use it
	84	# just because it finds libutil.h. But, specifying --disable-libutil
	85	# causes compile errors, so...
	86	CACHED_CONFIGUREVARS += "ac_cv_header_bsd_libutil_h=no ac_cv_header_libutil_h=no"
	87
	88	# passwd path is hardcoded in sshd
	89	CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd"
	90
	91	# We don't want to depend on libblockfile
	92	CACHED_CONFIGUREVARS += "ac_cv_header_maillock_h=no"
	93
	94	do_configure:prepend () {
	95	export LD="${CC}"
	96	install -m 0644 ${WORKDIR}/sshd_config ${B}/
	97	install -m 0644 ${WORKDIR}/ssh_config ${B}/
	98	}
	99
	100	do_compile_ptest() {
	101	oe_runmake regress-binaries regress-unit-binaries
	102	}
	103
	104	do_install:append () {
	105	if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
	106	install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
	107	sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
	108	fi
	109
	110	if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then
	111	sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' ${D}${sysconfdir}/ssh/sshd_config
	112	fi
	113
	114	install -d ${D}${sysconfdir}/init.d
	115	install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd
	116	rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin
	117	rmdir ${D}${localstatedir}/run/sshd ${D}${localstatedir}/run ${D}${localstatedir}
	118	install -d ${D}/${sysconfdir}/default/volatiles
	119	install -m 644 ${WORKDIR}/volatiles.99_sshd ${D}/${sysconfdir}/default/volatiles/99_sshd
	120	install -m 0755 ${S}/contrib/ssh-copy-id ${D}${bindir}
	121
	122	# Create config files for read-only rootfs
	123	install -d ${D}${sysconfdir}/ssh
	124	install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly
	125	sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly
	126	echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
	127	echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
	128	echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
	129
	130	install -d ${D}${systemd_system_unitdir}
	131	install -c -m 0644 ${WORKDIR}/sshd.socket ${D}${systemd_system_unitdir}
	132	install -c -m 0644 ${WORKDIR}/sshd@.service ${D}${systemd_system_unitdir}
	133	install -c -m 0644 ${WORKDIR}/sshdgenkeys.service ${D}${systemd_system_unitdir}
	134	sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
	135	-e 's,@SBINDIR@,${sbindir},g' \
	136	-e 's,@BINDIR@,${bindir},g' \
	137	-e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \
	138	${D}${systemd_system_unitdir}/sshd.socket ${D}${systemd_system_unitdir}/*.service
	139
	140	sed -i -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \
	141	${D}${sysconfdir}/init.d/sshd
	142
	143	install -D -m 0755 ${WORKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys
	144	}
	145
	146	do_install_ptest () {
	147	sed -i -e "s\|^SFTPSERVER=.*\|SFTPSERVER=${libexecdir}/sftp-server\|" regress/test-exec.sh
	148	cp -r regress ${D}${PTEST_PATH}
	149	cp config.h ${D}${PTEST_PATH}
	150	}
	151
	152	ALLOW_EMPTY:${PN} = "1"
	153
	154	PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server"
	155	FILES:${PN}-scp = "${bindir}/scp.${BPN}"
	156	FILES:${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config"
	157	FILES:${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_system_unitdir}"
	158	FILES:${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd"
	159	FILES:${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys"
	160	FILES:${PN}-sftp = "${bindir}/sftp"
	161	FILES:${PN}-sftp-server = "${libexecdir}/sftp-server"
	162	FILES:${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*"
	163	FILES:${PN}-keygen = "${bindir}/ssh-keygen"
	164
	165	RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen"
	166	RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}"
	167	RRECOMMENDS:${PN}-sshd:append:class-target = "\
	168	${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \
	169	"
	170
	171	# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies
	172	RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils"
	173
	174	RPROVIDES:${PN}-ssh = "ssh"
	175	RPROVIDES:${PN}-sshd = "sshd"
	176
	177	RCONFLICTS:${PN} = "dropbear"
	178	RCONFLICTS:${PN}-sshd = "dropbear"
	179
	180	CONFFILES:${PN}-sshd = "${sysconfdir}/ssh/sshd_config"
	181	CONFFILES:${PN}-ssh = "${sysconfdir}/ssh/ssh_config"
	182
	183	ALTERNATIVE_PRIORITY = "90"
	184	ALTERNATIVE:${PN}-scp = "scp"
	185	ALTERNATIVE:${PN}-ssh = "ssh"
	186
	187	BBCLASSEXTEND += "nativesdk"