[Buildroot] [PATCH] package/dropbear: add warning about volatile keys

Peter Korsgaard peter at korsgaard.com
Sun Aug 30 20:05:26 UTC 2015


>>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:

 > When the rootfs is read-only, keys will be generated in a volatile
 > location, which is inherently bad as host keys will change on each boot,
 > rendering virtually useless.

+them

 > Add a warning so the user is at least aware of the issue.

 > Consign the rm output to oblivion, to avoid noisy output, now that we
 > have a proper warning.

Is consign a English word? I changed it to 'hide' as I think that is clearer.

 > Move the starting message after the symlink-block, to avoid messages
 > collision. Move the umask as well, sicne /etc/dropbear/ may be world
 > readable; just the private host keys should be ?00 (and dropbear handles
 > that by itself).

 > Signed-off-by: "Yann E. MORIN" <yann.morin.1998 at free.fr>
 > Cc: Peter Korsgaard <jacmet at uclibc.org>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list