Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] dropbear: add help text about key creation
@ 2016-01-09  1:15 Arnout Vandecappelle
  2016-01-12 22:35 ` Peter Korsgaard
  0 siblings, 1 reply; 2+ messages in thread
From: Arnout Vandecappelle @ 2016-01-09  1:15 UTC (permalink / raw)
  To: buildroot

Commit e7d04dd2d replaced /etc/dropbear with a symlink to /var/run and
updated the start scripts to replace it with a real directory, so the
keys would be persistent. However, it turns out that this is pretty
confusing even for expert users, who don't know how to make the keys
really persistent now.

Update the help text explaining what the issue is, and telling the user
to replace the /etc/dropbear symlink with a symlink to a persistent
directory. Also mention the possiblity of unionfs.

Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
---
 package/dropbear/Config.in | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
index c14c654..d92361f 100644
--- a/package/dropbear/Config.in
+++ b/package/dropbear/Config.in
@@ -4,6 +4,15 @@ config BR2_PACKAGE_DROPBEAR
 	help
 	  A small SSH 2 server designed for small memory environments.
 
+	  Note that dropbear requires a per-device unique host key. The
+	  key will be generated when dropbear starts, but it is not
+	  persistent over reboot (if you have a read-only rootfs) or
+	  upgrade (if you have a read-write rootfs). To make the key
+	  persistent, replace /etc/dropbear with a symlink to a
+	  directory on a persistent, writeable filesystem.
+	  Alternatively, mount a persistent unionfs over your root
+	  filesystem.
+
 	  http://matt.ucc.asn.au/dropbear/dropbear.html
 
 if BR2_PACKAGE_DROPBEAR
-- 
2.7.0.rc3

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* [Buildroot] [PATCH] dropbear: add help text about key creation
  2016-01-09  1:15 [Buildroot] [PATCH] dropbear: add help text about key creation Arnout Vandecappelle
@ 2016-01-12 22:35 ` Peter Korsgaard
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Korsgaard @ 2016-01-12 22:35 UTC (permalink / raw)
  To: buildroot

>>>>> "Arnout" == Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> writes:

 > Commit e7d04dd2d replaced /etc/dropbear with a symlink to /var/run and
 > updated the start scripts to replace it with a real directory, so the
 > keys would be persistent. However, it turns out that this is pretty
 > confusing even for expert users, who don't know how to make the keys
 > really persistent now.

 > Update the help text explaining what the issue is, and telling the user
 > to replace the /etc/dropbear symlink with a symlink to a persistent
 > directory. Also mention the possiblity of unionfs.

 > Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
 > Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Committed, thanks.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-01-12 22:35 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-09  1:15 [Buildroot] [PATCH] dropbear: add help text about key creation Arnout Vandecappelle
2016-01-12 22:35 ` Peter Korsgaard

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox