Skip to content

W
White Rabbit Switch - Software
Commit 0b21e8ad authored by Alessandro Rubini's avatar Alessandro Rubini
Browse files
Options

userspace/dropbear: generate host key at first boot 

We should not have all switches around run the same host key.  This
removes the pre-generated host keys and fixes the generation at boot
time (/etc is volatile, so it is copied to /usr/etc as well).
Signed-off-by: Alessandro Rubini's avatarAlessandro Rubini <rubini@gnudd.com>
parent 44426475
Hide whitespace changes
Inline Side-by-side
Showing with 4 additions and 1 deletion
build/scripts/wrs_build_wraprootfs
View file @ 0b21e8ad
...@@ -90,7 +90,7 @@ if [ -f $WRS_BASE_DIR/authorized_keys ]; then ...@@ -90,7 +90,7 @@ if [ -f $WRS_BASE_DIR/authorized_keys ]; then
fi fi
chmod g-w $TMPFS/root $TMPFS/root/.ssh chmod g-w $TMPFS/root $TMPFS/root/.ssh
chown -R root:root $TMPFS/root chown -R root:root $TMPFS/root
chown -R root:root $TMPFS/etc/dropbear mkdir -p $TMPFS/etc/dropbear; chown -R root:root $TMPFS/etc/dropbear
chmod a+rx $TMPFS chmod a+rx $TMPFS
##### now move stuff to usr (we need usr to be in flash, / remains initramfs) ##### now move stuff to usr (we need usr to be in flash, / remains initramfs)
......
userspace/rootfs_override/etc/init.d/S50dropbear
View file @ 0b21e8ad
...@@ -12,16 +12,19 @@ start() { ...@@ -12,16 +12,19 @@ start() {
if [ ! -d /etc/dropbear ] ; then if [ ! -d /etc/dropbear ] ; then
mkdir -p /etc/dropbear mkdir -p /etc/dropbear
fi fi
mkdir -p /usr/etc/dropbear
# Check for the Dropbear RSA key # Check for the Dropbear RSA key
if [ ! -f /etc/dropbear/dropbear_rsa_host_key ] ; then if [ ! -f /etc/dropbear/dropbear_rsa_host_key ] ; then
echo -n "generating rsa key... " echo -n "generating rsa key... "
/usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1 /usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1
cp /etc/dropbear/dropbear_rsa_host_key /usr/etc/dropbear
fi fi
# Check for the Dropbear DSS key # Check for the Dropbear DSS key
if [ ! -f /etc/dropbear/dropbear_dss_host_key ] ; then if [ ! -f /etc/dropbear/dropbear_dss_host_key ] ; then
echo -n "generating dsa key... " echo -n "generating dsa key... "
/usr/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1 /usr/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1
cp /etc/dropbear/dropbear_dss_host_key /usr/etc/dropbear
fi fi
umask 077 umask 077
start-stop-daemon -S -q -p /var/run/dropbear.pid --exec /usr/sbin/dropbear start-stop-daemon -S -q -p /var/run/dropbear.pid --exec /usr/sbin/dropbear
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment