[Buildroot] [PATCH] package/dropbear: fix when readlink is busybox'
Peter Korsgaard
peter at korsgaard.com
Tue Aug 25 18:48:47 UTC 2015
>>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:
Hi,
>> Well, with a RO filesystem you only have the option to either generate
>> at each boot or bake in a hardcoded host key in the rootfs. Neither is
>> really great for security.
> Or, as some are doing (Paul for example), have /etc/dropbear point to a
> R/W location (e.g. a persistent FS done at first boot) and have the
> symlink overwritten by an overlay to point to that location.
> Which is anyway something sane to do in most case of a R/O FS.
Sure, or simply union mount a persistent R/W FS on top of /etc so you
don't need to mess around with symlinks like I usually do.
>> Those fairly obscure messages are imho not really helpful - But on the
>> other hand I'm not sure a dedicated message is really warranted.
> Maybe something along the lines of;
> I have no persistent location to store SSH host keys.
> I will generate new ones on each boot.
> Are you sure that's what you wanted to do?
I don't feel strongly about it. If you think it is needed then that's
fine by me. I think it sounds a bit odd to use the 'I' form, so perhaps
something like this instead:
No persistent location to store SSH host keys. New keys will be
generated at each boot. Are you sure this is what you want to do?
And perhaps the message should contain hints about how to fix this?
--
Venlig hilsen,
Peter Korsgaard
More information about the buildroot
mailing list