[Buildroot] [PATCH] dropbear: change start-up script to honour pre-existing keys
Markus Mayer
code at mmayer.net
Wed Nov 15 19:45:09 UTC 2017
From: Markus Mayer <mmayer at broadcom.com>
Rather than starting dropbear with option -R at all times, we only do
so if no existing key file is found. This lets dropbear honour
pre-existing key files, including keys copied into the root file system
at build time.
Signed-off-by: Markus Mayer <mmayer at broadcom.com>
---
package/dropbear/S50dropbear | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/package/dropbear/S50dropbear b/package/dropbear/S50dropbear
index 9474eaa..8eea9ae 100644
--- a/package/dropbear/S50dropbear
+++ b/package/dropbear/S50dropbear
@@ -7,7 +7,7 @@
test -r /etc/default/dropbear && . /etc/default/dropbear
start() {
- DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
+ msg=' '
# If /etc/dropbear is a symlink to /var/run/dropbear, and
# - the filesystem is RO (i.e. we can not rm the symlink),
@@ -26,7 +26,14 @@ start() {
fi
fi
- printf "Starting dropbear sshd: "
+ ls /etc/dropbear/*host_key >/dev/null 2>&1
+ if [ $? != 0 ]; then
+ # No key files found. We need to generate a key.
+ DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
+ msg='(with new key) '
+ fi
+
+ printf "Starting dropbear sshd: $msg"
umask 077
start-stop-daemon -S -q -p /var/run/dropbear.pid \
--
2.7.4
More information about the buildroot
mailing list