search

licoded / self-study-drafts

buffer for records
0 stars 0 forks source link

steamdeck openssh run successfully! #174

Open licoded opened 7 months ago

licoded commented 7 months ago

事情起因是找到了一个B站教程

一开始的虚假需求:学习版资源? 我的最终需求:只狼学习版+开挂(可选)+替换存档 --> 能够一直刷对应BOSS 也可以正常学习版+一直替换存档。。。

steamdeck安装archlinuxcn源+scp传文件

简介信息

添加archlinuxcn源
编辑/etc/pacman.conf
命令:sudo vim /etc/pacman.conf
在视频位置添加内容:
[archlinuxcn]
Server = https://mirrors.tuna.tsinghua.edu.cn/archlinuxcn/$arch
先按esc,然后输入:wq保存
如果用不惯vim就用nano吧
sudo pacman -Syy 同步源
安装archlinuxcn-keyring
sudo paceman -S archlinuxcn-keyring
完成后可通过archlinuxcn源安装喜欢的应用,如网易云音乐,wine微信(虽然没什么用 >.<)
安装openSSH
终端执行 sudo pacman -S openssh
开启ssh服务:sudo systemctl enable sshd
查看服务是否正常开启:systemctl status sshd
查看22端口是否正常监听:netstat -an|grep 22
看到0.0.0.0:22 说明steamdeck已经正常本地监听22端口
通过ssh远程登录steamdeck,或用scp远程拷贝文件,也可以迁移已安装的游戏。
scp /本地文件 用户名@ip:/远程/保存的目录
如果说拷贝文件夹可用 -r,如ssh端口不是默认22端口,可用 -P 端口号 指定端口。

评论回复及截图

fcf2f0aee48e97ab1f292dd9f9c03d6d39071109

1f782e93f211a8b40885d8b0d08eb4ec39071109

1.这里你可以看到我的源都改成了 xxx-rel,我们Syy失败的原因就是因为源上 叫xxx的文件夹改名了。。。

2.具体修改方法就是直接编辑pacman.conf,把绿色的字,在原来的名字后加个 -rel

3. 这里是直接浏览器访问steamOS的官方源,看到文件夹有各种名称,带版本号的,原始配置中不带后缀的文件夹已经没有了,之前网上流传一种解决方式是后面加 -3,但也是有的有效,有的不行,原因还是因为源里没有 xxx-3的文件夹。

那这么多同前缀的文件夹,我为什么选的rel后缀的呢,其实我也是蒙的,哈哈哈,经验上,感觉rel应该代表 release,也就是正式版,但这也只是我个人猜测,并不一定对,你改成xxx-3.3 xxx-3.5也都能Syy。具体是选-rel 还是3.3 3.5 还是别的什么,感觉只能找到steamOS的发型文档看看才能知道这些文件夹到底是做什么用的,就目前来说的话,我改成rel暂时没有遇到任何问题,而且看起来这个文件夹也不会随版本更替改变。

在线查看,发现steam做了修改,所以不能用清华源了

tsinghua archlinux mirror config help: https://mirrors.tuna.tsinghua.edu.cn/help/archlinux/

image image

配置文件记录

#
# /etc/pacman.conf
#
# See the pacman.conf(5) manpage for option and repository directives

#
# GENERAL OPTIONS
#
[options]
# The following paths are commented out with their default values listed.
# If you wish to use different paths, uncomment and update the paths.
#RootDir     = /
DBPath = /usr/lib/holo/pacmandb/
#CacheDir    = /var/cache/pacman/pkg/
#LogFile     = /var/log/pacman.log
#GPGDir      = /etc/pacman.d/gnupg/
#HookDir     = /etc/pacman.d/hooks/
HoldPkg     = pacman glibc
#XferCommand = /usr/bin/curl -L -C - -f -o %o %u
#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
#CleanMethod = KeepInstalled
Architecture = auto

# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
#IgnorePkg   =
#IgnoreGroup =

#NoUpgrade   =
#NoExtract   =

# Misc options
#UseSyslog
Color
#TotalDownload
# We cannot check disk space from within a chroot environment
CheckSpace
#VerbosePkgLists
ParallelDownloads = 10

# By default, pacman accepts packages signed by keys that its local keyring
# trusts (see pacman-key and its man page), as well as unsigned packages.
SigLevel    = Required DatabaseOptional
LocalFileSigLevel = Optional
#RemoteFileSigLevel = Required

# NOTE: You must run `pacman-key --init` before first using pacman; the local
# keyring can then be populated with the keys of all official Arch Linux
# packagers with `pacman-key --populate archlinux`.

#
# REPOSITORIES
#   - can be defined here or included from another file
#   - pacman will search repositories in the order defined here
#   - local/custom mirrors can be added here or in separate files
#   - repositories listed first will take precedence when packages
#     have identical names, regardless of version number
#   - URLs will have $repo replaced by the name of the current repo
#   - URLs will have $arch replaced by the name of the architecture
#
# Repository entries are of the format:
#       [repo-name]
#       Server = ServerName
#       Include = IncludePath
#
# The header [repo-name] is crucial - it must be present and
# uncommented to enable the repo.
#

# The testing repositories are disabled by default. To enable, uncomment the
# repo name header and Include lines. You can add preferred servers immediately
# after the header, and they will be used before the default mirrors.

#[testing]
#Include = /etc/pacman.d/mirrorlist

[jupiter-3.5]
Include = /etc/pacman.d/mirrorlist
SigLevel = Never

[holo-3.5]
Include = /etc/pacman.d/mirrorlist
SigLevel = Never

[core-3.5]
Include = /etc/pacman.d/mirrorlist
SigLevel = Never

[extra-3.5]
Include = /etc/pacman.d/mirrorlist

#[community-testing]
#Include = /etc/pacman.d/mirrorlist

[community-3.5]
Include = /etc/pacman.d/mirrorlist

[multilib-3.5]
Include = /etc/pacman.d/mirrorlist

[archlinuxcn]
Server = https://mirrors.tuna.tsinghua.edu.cn/archlinuxcn/$arch

# An example of a custom package repository.  See the pacman manpage for
# tips on creating your own repositories.
#[custom]
#SigLevel = Optional TrustAll
#Server = file:///home/custompkgs
# Server = https://mirrors.tuna.tsinghua.edu.cn/archlinux/community/os/$arch
# cannot use tsinghua mirror here!!!!!!!
# steam modify a lot
Server = https://steamdeck-packages.steamos.cloud/archlinux-mirror/$repo/os/$arch
(deck@steamdeck ~)$ openssl version
OpenSSL 3.1.1 30 May 2023 (Library: OpenSSL 3.1.1 30 May 2023)
(deck@steamdeck ~)$ sudo pacman -S openssl-1.1
[sudo] password for deck:
warning: openssl-1.1-1.1.1.u-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...

Packages (1) openssl-1.1-1.1.1.u-1

Total Installed Size:  5.50 MiB
Net Upgrade Size:      0.00 MiB

:: Proceed with installation? [Y/n] n
(1)(deck@steamdeck ~)$ sshd -h
option requires an argument -- h
OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023
usage: sshd [-46DdeGiqTtV] [-C connection_spec] [-c host_cert_file]
            [-E log_file] [-f config_file] [-g login_grace_time]
            [-h host_key_file] [-o option] [-p port] [-u len]
(1)(deck@steamdeck ~)$ lsb_release -a
LSB Version:    n/a
Distributor ID: SteamOS
Description:    SteamOS Holo
Release:    rolling
Codename:   Holo
# 实际版本是3.5.7
(deck@steamdeck ~)$ pacman -V

 .--.                  Pacman v6.0.2 - libalpm v13.0.2
/ _.-' .-.  .-.  .-.   Copyright (C) 2006-2021 Pacman Development Team
\  '-. '-'  '-'  '-'   Copyright (C) 2002-2006 Judd Vinet
 '--'
                       This program may be freely redistributed under
                       the terms of the GNU General Public License.

总结

  1. up说让在/etc/pacman.conf中加上-rel
  2. 我二话不说直接把/etc/pacman.conf中的-3.5改成了-rel,把自己坑的死死的
  3. 报错:sshd error while loading shared libraries libcrypt.so.1.1
  4. ldd /usr/lib/sshd确实这个库找不到
  5. 搜了半天解决方法,一个一个尝试都不行
  6. 最后自己对比了下tsinghua和steam mirror仓库,发现确实不一样;注意下面的改变不是因为这句其实。。。
  7. 这里给了我灵感,思考了一会儿知道要换回来(-rel改回到-3.5
  8. 实际上两个的openssh版本不一样,新版9.3(-3.5)和老版9.1(-rel),新版9.3(-3.5)的不直接依赖libcrypt.so.1.1
  9. 但从/usr/lib/systemd/system/sshd.service中看,它的前置动作/脚本依赖ssh-keygen -A还是会依赖libcrypt.so.1.1
  10. 这是我直接手动执行sudo sshd的反馈知道的,实际上之前通过这种方式发现了缺少libcrypt.so.1.1,并且通过搜索发现libcrypt.so.1.1包含于openssl包中,即只能通过安装openssl来提供这个支持
  11. 结果openssl-1.1能搜到了但ssl校验不通过,我只能添加SigLevel = Never去跳过检查了
  12. 这里还有一个小技巧,就是可以通过搜索命令sudo pacman -Ss openssl-1.1来看该包是属于哪个$arch里的,这样可以针对性地放开ssl检查,稍微安全点。。。

TODO

ssl检查的处理

现在的做法(添加SigLevel = Never去跳过检查了)太不安全了; 有没有类似archlinuxcn-keyring的包装一下就能正常检查了。。

貌似这样就解决了?

image