Sunday, February 17, 2013

Building Obfuscated OpenSSH on Last Week's Cygwin Build

I resurrected an old but capable WinXP box for my upstairs office, which is much more comfy than my subterranean lair in the winter time.  Down there I have an old, diskless IBM NetVista box (the one that used to house EXP V) that boots BT5R3 off a USB stick.  Works great for doing laundry—I'm doing a lot of domestic stuff these days for reasons I won't get into—but for extended stays it's just too cold.  Plus the cell phone reception sucks serious ass, so meetings are pretty much out of the question.

After all the Windows updates I decided to update Cygwin as well and since this box has never had Obfuscated OpenSSH (OOSSH, as I like to call it) on it I decided to do a fresh install on that.

Guess what?  No go.  Something has changed and OOSSH won't compile anymore.

After about a week of dicking around I finally found the fix, so I thought I'd share it with you.

After you "git" the code, the first thing you should do is edit clientloop.c and change both instances of

char buf[8192];

... to

char buf[65535];

And rather than get into why you should do this, I'll just remind you that I went on and on about it in the old ProxyObsession blog before it was taken down for a (totally bogus) DMCA violation.  In any case, it doesn't hurt anything and makes certain things possible that aren't possible with smaller buffers.

But the Big Fix should be put into openbsd-compat/openbsd-compat.h.  Right at the top, ahead of all the #includes, put in this line:

#define NOCRYPT

And then it will compile without errors.  Why?  Do a Google  search and you'll probably find the same answer I found.


  1. Anonymous3:40 AM

    i tried to make install oossh last night,but get some error ...

    Makefile:240: recipe for target `check-config' failed
    make: [check-config] Error 255 (ignored)

    how should i do to make it success??

  2. this is my steps to build oossh on my cygwin:

    1) download and unzip to / .

    2) edit clientloop.c and openbsd-compat/openbsd-compat.h

    3a) run ./configure

    3b) move to /obfuscated-openssh-master/contrib/cygwin and make cygwin-postinstall

    3c) move to /obfuscated-openssh-master and make then make install

    did i do the right way to build oossh???

  3. Hey... it still works. I just set up another Windows 7 box (how I hate that) and finally got around to installing Cygwin and building ossh. I had to Google my own blog to remember how to do it right.

    New warning: stay away from the "Cygwin64 toolchain" development libs. They'll screw the pooch.

  4. I didn't need to define NO_CRYPT - no errors.