diff options
author | Alexander Dahl <ada@thorsis.com> | 2021-11-05 16:47:31 +0100 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2021-11-12 10:12:15 +0100 |
commit | cf0424f8ba234645b8706edc2e9105eb7f421b2e (patch) | |
tree | 2de6c2fc1802542aad2574fe1953a39d39620f3d | |
parent | 377f4c01cc541fcef039332ec1abf028b2b8bbea (diff) | |
download | ptxdist-cf0424f8ba234645b8706edc2e9105eb7f421b2e.tar.gz ptxdist-cf0424f8ba234645b8706edc2e9105eb7f421b2e.tar.xz |
dropbear: Refactor rc-once and init to use KEYTYPES
Previously DSS and RSA keys were always generated, regardless if
dropbear was built with support for that host key or not, which somehow
contradicts what commit message of 01ac7cc409b5 ("dropbear: Remove
deprecated options") promised.
No other things changed here, just considering that KEYTYPES list for
'rsa' for now.
Signed-off-by: Alexander Dahl <ada@thorsis.com>
Message-Id: <20211105154734.19983-6-ada@thorsis.com>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
-rw-r--r-- | projectroot/etc/init.d/dropbear | 13 | ||||
-rw-r--r-- | projectroot/etc/rc.once.d/dropbear | 23 |
2 files changed, 32 insertions, 4 deletions
diff --git a/projectroot/etc/init.d/dropbear b/projectroot/etc/init.d/dropbear index 15671c9d8..4dda9aaf7 100644 --- a/projectroot/etc/init.d/dropbear +++ b/projectroot/etc/init.d/dropbear @@ -15,9 +15,18 @@ test -z "$DROPBEAR_BANNER" || \ DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER" dropbear_start() { - KEY_ARGS="" - test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY" + for keytype in $DROPBEAR_KEYTYPES + do + case "$keytype" in + rsa) + test -f "$DROPBEAR_RSAKEY" && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY" + ;; + *) + echo "Key type '$keytype' not supported" + ;; + esac + done echo -n "starting dropbear..." diff --git a/projectroot/etc/rc.once.d/dropbear b/projectroot/etc/rc.once.d/dropbear index b70f5f22e..0735fed38 100644 --- a/projectroot/etc/rc.once.d/dropbear +++ b/projectroot/etc/rc.once.d/dropbear @@ -5,10 +5,11 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin . /usr/lib/init/dropbear.sh gen_key() { - key_type=$1 key_file=$2 + [ -e "$key_file" ] && return + rm -f $key_file > /dev/null 2>&1 echo -n "generating $key_type key..." @@ -22,4 +23,22 @@ gen_key() { fi } -[ -e "$DROPBEAR_RSAKEY" ] || gen_key rsa "$DROPBEAR_RSAKEY" +gen_keys() { + for keytype in $DROPBEAR_KEYTYPES + do + case "$keytype" in + rsa) + gen_key rsa "$DROPBEAR_RSAKEY" + ;; + *) + echo "Key type '$keytype' not supported" + ;; + esac + done +} + +if ! gen_keys +then + echo "Generating SSH keys failed!" + exit 1 +fi |