[OE-core][scarthgap][PATCH] ssh-pregen-hostkeys: Limit to qemu machines by default

[OE-core][scarthgap][PATCH] ssh-pregen-hostkeys: Limit to qemu machines by default

[Ankur Tyagi]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

There are potential security issues from using pre-generated host keys. We made
the recipe available for autobuilder testing purposes but concerns remain about
how easily this could end up in production.

I thought we'd already done this, but limit the recipe to qemu* machines,
which means any real hardware trying to use it will need to be a bit more
explicit about it and specifically enable it.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b0405972d4fd6fa12f90afea5ecb9a50c01c21c6)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 .../ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb            | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
index ddd10e6eeb..e6863d9bd8 100644
--- a/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
+++ b/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
@@ -8,6 +8,8 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda
 
 INHIBIT_DEFAULT_DEPS = "1"
 
+COMPATIBLE_MACHINE = "^qemu.*$"
+
 do_install () {
 	install -d ${D}${sysconfdir}/dropbear
 	install ${WORKDIR}/dropbear_rsa_host_key -m 0600 ${D}${sysconfdir}/dropbear/
@@ -16,4 +18,4 @@ do_install () {
 	install ${WORKDIR}/openssh/* ${D}${sysconfdir}/ssh/
 	chmod 0600 ${D}${sysconfdir}/ssh/*
 	chmod 0644 ${D}${sysconfdir}/ssh/*.pub
-}
\ No newline at end of file
+}