* [PATCH] image.bbclass: Catch readonly sshd config in ssh_allow_empty_password.
@ 2015-01-03 23:52 Philip Tricca
2015-01-20 4:26 ` Philip Tricca
0 siblings, 1 reply; 2+ messages in thread
From: Philip Tricca @ 2015-01-03 23:52 UTC (permalink / raw)
To: openembedded-core
The ssh_allow_empty_password function modifies the standard sshd_config
file but not sshd_config_readonly. This patch uses a simple shell wildcard
to catch all openssh server config files so long as they're in /etc/ssh
and are named with the sshd_config prefix.
Signed-off-by: Philip Tricca <flihp@twobit.us>
---
meta/classes/image.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 07e7f99..80c90f6 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -323,8 +323,8 @@ zap_empty_root_password () {
# allow dropbear/openssh to accept root logins and logins from accounts with an empty password string
ssh_allow_empty_password () {
if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
- sed -i 's/^[#[:space:]]*PermitRootLogin.*/PermitRootLogin yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
- sed -i 's/^[#[:space:]]*PermitEmptyPasswords.*/PermitEmptyPasswords yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
+ sed -i 's/^[#[:space:]]*PermitRootLogin.*/PermitRootLogin yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config*
+ sed -i 's/^[#[:space:]]*PermitEmptyPasswords.*/PermitEmptyPasswords yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config*
fi
if [ -e ${IMAGE_ROOTFS}${sbindir}/dropbear ] ; then
--
1.7.10.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] image.bbclass: Catch readonly sshd config in ssh_allow_empty_password.
2015-01-03 23:52 [PATCH] image.bbclass: Catch readonly sshd config in ssh_allow_empty_password Philip Tricca
@ 2015-01-20 4:26 ` Philip Tricca
0 siblings, 0 replies; 2+ messages in thread
From: Philip Tricca @ 2015-01-20 4:26 UTC (permalink / raw)
To: openembedded-core
ping. Any interest in this. Fixes an annoying bug for me: password-less
root logins are broken if image is readonly. If there's a better way I'm
happy to revise.
Thanks,
Philip
On 01/03/2015 06:52 PM, Philip Tricca wrote:
> The ssh_allow_empty_password function modifies the standard sshd_config
> file but not sshd_config_readonly. This patch uses a simple shell wildcard
> to catch all openssh server config files so long as they're in /etc/ssh
> and are named with the sshd_config prefix.
>
> Signed-off-by: Philip Tricca <flihp@twobit.us>
> ---
> meta/classes/image.bbclass | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index 07e7f99..80c90f6 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -323,8 +323,8 @@ zap_empty_root_password () {
> # allow dropbear/openssh to accept root logins and logins from accounts with an empty password string
> ssh_allow_empty_password () {
> if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
> - sed -i 's/^[#[:space:]]*PermitRootLogin.*/PermitRootLogin yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
> - sed -i 's/^[#[:space:]]*PermitEmptyPasswords.*/PermitEmptyPasswords yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config
> + sed -i 's/^[#[:space:]]*PermitRootLogin.*/PermitRootLogin yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config*
> + sed -i 's/^[#[:space:]]*PermitEmptyPasswords.*/PermitEmptyPasswords yes/' ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config*
> fi
>
> if [ -e ${IMAGE_ROOTFS}${sbindir}/dropbear ] ; then
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-01-20 4:26 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-01-03 23:52 [PATCH] image.bbclass: Catch readonly sshd config in ssh_allow_empty_password Philip Tricca
2015-01-20 4:26 ` Philip Tricca
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox