{"id":14156532,"url":"https://github.com/noloader/Build-Scripts","last_synced_at":"2025-08-06T02:33:55.477Z","repository":{"id":23503960,"uuid":"86779754","full_name":"noloader/Build-Scripts","owner":"noloader","description":"Collection of build scripts useful when testing on downlevel, abandonware and ransomware clients","archived":false,"fork":false,"pushed_at":"2024-03-30T21:02:35.000Z","size":68587,"stargazers_count":70,"open_issues_count":2,"forks_count":21,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-12-08T07:42:10.858Z","etag":null,"topics":["build-system","package-manager","shell"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/noloader.png","metadata":{"files":{"readme":"README-Darwin.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":"audit-checksec-bins.sh","citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-03-31T05:01:36.000Z","updated_at":"2024-11-22T06:04:28.000Z","dependencies_parsed_at":"2023-01-14T00:00:22.741Z","dependency_job_id":"9878704b-7463-425c-9fa4-b240800a0b78","html_url":"https://github.com/noloader/Build-Scripts","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noloader%2FBuild-Scripts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noloader%2FBuild-Scripts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noloader%2FBuild-Scripts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noloader%2FBuild-Scripts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/noloader","download_url":"https://codeload.github.com/noloader/Build-Scripts/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228829205,"owners_count":17978167,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["build-system","package-manager","shell"],"created_at":"2024-08-17T08:05:58.375Z","updated_at":"2025-08-06T02:33:55.462Z","avatar_url":"https://github.com/noloader.png","language":"Shell","funding_links":[],"categories":["shell"],"sub_categories":[],"readme":"# Darwin\r\n\r\nThe Build-Scripts should work out-of-the-box for modern Darwin, like OS X 10.5. Once you run the setup recipes you should be able to build most programs with the scripts.\r\n\r\nModern OpenSSH no longer supports DSA keys by default. Default DSA support was disabled at OpenSSH 7.9. You should ensure you have an Ecdsa or Ed25519 key (or enable DSA keys in `sshd_config`). Also see [OpenSSH Release Notes](https://www.openssh.com/releasenotes.html).\r\n\r\nAfter installing OpenSSH you should also tune `sshd_config` to suit your taste. You can disable password logins, enable public key logins, etc.\r\n\r\n## System Integrity Protection\r\n\r\nOS X 10.12 added System Integrity Protection (SIP). If SIP is in effect, then you have to disable SIP to modify the Launch Daemon and install `ssh-8.plist`. Also see [Disabling and Enabling System Integrity Protection](https://developer.apple.com/documentation/security/disabling_and_enabling_system_integrity_protection) and [About macOS Recovery on Intel-based Mac computers](https://support.apple.com/en-us/HT201314)..\r\n\r\n## Setup\r\n\r\nOnce you clone the repo you should perform a one-time setup. The setup installs updated CA certificates and builds a modern Wget. `setup-cacerts.sh` installs a local copy of 11 CA certificates in `$HOME/.build-scripts/cacerts`. They are used to download source code packages for programs and libraries. `setup-wget.sh` installs a local copy of `wget` in `$HOME/.build-scripts/wget`. It is a reduced-functionality version of Wget with only HTTPS, IPv4, IPv6 and large-file support. It is anemic but functional enough to download packages over HTTPS.\r\n\r\n```\r\n$ ./setup-cacerts.sh\r\n...\r\n\r\n$ ./setup-wget.sh\r\n...\r\n```\r\n\r\nYou can build the fully-functional version of Wget by running `./build-wget.sh`, but it is not needed for OpenSSH.\r\n\r\n## OpenSSH\r\n\r\nThe following steps should be performed to update OpenSSH. The new OpenSSH is permanently installed at `/opt/ssh` (as opposed to a location like `/usr/local`). `/opt/ssh` will have a standard filesystem below it.\r\n\r\n```\r\n$ INSTX_PREFIX=/opt/ssh ./build-openssh.sh\r\n```\r\n\r\nAfter building and installing OpenSSH you have to tell Darwin to use it. To do so you create a plist and tell the launch daemon about it.\r\n\r\nFirst, generate new keys and/or copy existing keys to `$INSTX_PREFIX/etc`. You probably have new keys from `make install`, so copy existing keys as required.\r\n\r\nSecond, create or copy an existing `sshd_config` to `$INSTX_PREFIX/etc`.\r\n\r\nThird, open `/System/Library/LaunchDaemons/ssh-8.plist` in a text editor. Add the following launch configuration.\r\n\r\n```\r\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\r\n\u003c!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\"\u003e\r\n\u003cplist version=\"1.0\"\u003e\r\n\u003cdict\u003e\r\n        \u003ckey\u003eLabel\u003c/key\u003e\r\n        \u003cstring\u003ecom.openssh.sshd.8\u003c/string\u003e\r\n        \u003ckey\u003eProgram\u003c/key\u003e\r\n        \u003cstring\u003e/opt/ssh/sbin/sshd\u003c/string\u003e\r\n        \u003ckey\u003eProgramArguments\u003c/key\u003e\r\n        \u003carray\u003e\r\n                \u003cstring\u003e/opt/ssh/sbin/sshd\u003c/string\u003e\r\n                \u003cstring\u003e-i\u003c/string\u003e\r\n                \u003cstring\u003e-e\u003c/string\u003e\r\n                \u003cstring\u003e-f\u003c/string\u003e\r\n                \u003cstring\u003e/opt/ssh/etc/sshd_config\u003c/string\u003e\r\n        \u003c/array\u003e\r\n        \u003ckey\u003eSHAuthorizationRight\u003c/key\u003e\r\n        \u003cstring\u003esystem.preferences\u003c/string\u003e\r\n        \u003ckey\u003eSockets\u003c/key\u003e\r\n        \u003cdict\u003e\r\n                \u003ckey\u003eListeners\u003c/key\u003e\r\n                \u003cdict\u003e\r\n                        \u003ckey\u003eSockServiceName\u003c/key\u003e\r\n                        \u003cstring\u003e22\u003c/string\u003e\r\n                \u003c/dict\u003e\r\n        \u003c/dict\u003e\r\n        \u003ckey\u003eStandardErrorPath\u003c/key\u003e\r\n        \u003cstring\u003e/var/log/sshd.8.log\u003c/string\u003e\r\n        \u003ckey\u003einetdCompatibility\u003c/key\u003e\r\n        \u003cdict\u003e\r\n                \u003ckey\u003eWait\u003c/key\u003e\r\n                \u003cfalse/\u003e\r\n        \u003c/dict\u003e\r\n\u003c/dict\u003e\r\n\u003c/plist\u003e\r\n```\r\n\r\nBe sure to use a name like `com.openssh.sshd.8` to avoid collisions with Apple's SSH service.\r\n\r\nFinally, load the new configuration.\r\n\r\n```\r\nsudo launchctl load -w /System/Library/LaunchDaemons/ssh-8.plist\r\n```\r\n\r\nIf needed, you can disable Apple's SSH daemon with the following.\r\n\r\n```\r\nsudo launchctl unload -w /System/Library/LaunchDaemons/ssh.plist\r\n```\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnoloader%2FBuild-Scripts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnoloader%2FBuild-Scripts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnoloader%2FBuild-Scripts/lists"}