From: Philip Tricca <flihp@twobit.us>
To: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH] image.bbclass: Catch readonly sshd config in ssh_allow_empty_password.
Date: Mon, 19 Jan 2015 23:26:25 -0500 [thread overview]
Message-ID: <54BDD8F1.6040402@twobit.us> (raw)
In-Reply-To: <1420329130-19982-1-git-send-email-flihp@twobit.us>
ping. Any interest in this. Fixes an annoying bug for me: password-less
root logins are broken if image is readonly. If there's a better way I'm
happy to revise.
Thanks,
Philip
On 01/03/2015 06:52 PM, Philip Tricca wrote:
> The ssh_allow_empty_password function modifies the standard sshd_config
> file but not sshd_config_readonly. This patch uses a simple shell wildcard
> to catch all openssh server config files so long as they're in /etc/ssh
> and are named with the sshd_config prefix.
>
> Signed-off-by: Philip Tricca <flihp@twobit.us>
> ---
> meta/classes/image.bbclass | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index 07e7f99..80c90f6 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -323,8 +323,8 @@ zap_empty_root_password () {
> # allow dropbear/openssh to accept root logins and logins from accounts with an empty password string
> ssh_allow_empty_password () {
> if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
> - sed -i 's/^[#[:space:]]*PermitRootLogin.*/PermitRootLogin yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
> - sed -i 's/^[#[:space:]]*PermitEmptyPasswords.*/PermitEmptyPasswords yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
> + sed -i 's/^[#[:space:]]*PermitRootLogin.*/PermitRootLogin yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config*
> + sed -i 's/^[#[:space:]]*PermitEmptyPasswords.*/PermitEmptyPasswords yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config*
> fi
>
> if [ -e ${IMAGE_ROOTFS}${sbindir}/dropbear ] ; then
>
prev parent reply other threads:[~2015-01-20 4:26 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-03 23:52 [PATCH] image.bbclass: Catch readonly sshd config in ssh_allow_empty_password Philip Tricca
2015-01-20 4:26 ` Philip Tricca [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54BDD8F1.6040402@twobit.us \
--to=flihp@twobit.us \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.