From: Markus Mayer <code@mmayer.net>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] dropbear: change start-up script to honour pre-existing keys
Date: Wed, 15 Nov 2017 11:45:09 -0800 [thread overview]
Message-ID: <20171115194509.78132-1-code@mmayer.net> (raw)
From: Markus Mayer <mmayer@broadcom.com>
Rather than starting dropbear with option -R at all times, we only do
so if no existing key file is found. This lets dropbear honour
pre-existing key files, including keys copied into the root file system
at build time.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
---
package/dropbear/S50dropbear | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/package/dropbear/S50dropbear b/package/dropbear/S50dropbear
index 9474eaa..8eea9ae 100644
--- a/package/dropbear/S50dropbear
+++ b/package/dropbear/S50dropbear
@@ -7,7 +7,7 @@
test -r /etc/default/dropbear && . /etc/default/dropbear
start() {
- DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
+ msg=' '
# If /etc/dropbear is a symlink to /var/run/dropbear, and
# - the filesystem is RO (i.e. we can not rm the symlink),
@@ -26,7 +26,14 @@ start() {
fi
fi
- printf "Starting dropbear sshd: "
+ ls /etc/dropbear/*host_key >/dev/null 2>&1
+ if [ $? != 0 ]; then
+ # No key files found. We need to generate a key.
+ DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
+ msg='(with new key) '
+ fi
+
+ printf "Starting dropbear sshd: $msg"
umask 077
start-stop-daemon -S -q -p /var/run/dropbear.pid \
--
2.7.4
next reply other threads:[~2017-11-15 19:45 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-15 19:45 Markus Mayer [this message]
2017-11-15 21:05 ` [Buildroot] [PATCH] dropbear: change start-up script to honour pre-existing keys Peter Korsgaard
2017-11-15 21:18 ` Arnout Vandecappelle
[not found] ` <CAGt4E5uZzBjfTqQh9RAN+wek9B+31PgWn3XJwSrDYz-sg6yFCA@mail.gmail.com>
2017-11-15 22:29 ` Arnout Vandecappelle
2017-11-16 7:32 ` Peter Korsgaard
2017-11-17 0:03 ` Markus Mayer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171115194509.78132-1-code@mmayer.net \
--to=code@mmayer.net \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox