[Buildroot] [PATCH] dropbear: Fix host key loading with 521 bit ecdsa keys
Peter Korsgaard
peter at korsgaard.com
Sat May 5 07:14:26 UTC 2018
>>>>> "Stefan" == Stefan Sørensen <stefan.sorensen at spectralink.com> writes:
> Dropbear 2018.76 changed the default ecdsa host key size form 521 to 256
> bits, but this breaks systems with an existing 521 bit key, blocking ssh
> logins.
> Apply the upstream fix from https://secure.ucc.asn.au/hg/dropbear/rev/0dc3103a5900 :
> Only advertise a single server ecdsa key when -R (generate as required) is
> specified. Fixes -R now that default ecdsa key size has changed.
> Signed-off-by: Stefan Sørensen <stefan.sorensen at spectralink.com>
> ---
> package/dropbear/dropbear.hash | 3 +++
> package/dropbear/dropbear.mk | 1 +
> 2 files changed, 4 insertions(+)
> diff --git a/package/dropbear/dropbear.hash b/package/dropbear/dropbear.hash
> index ef2011d907..ba42d6bd0c 100644
> --- a/package/dropbear/dropbear.hash
> +++ b/package/dropbear/dropbear.hash
> @@ -1,2 +1,5 @@
> # From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
> sha256 f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65 dropbear-2018.76.tar.bz2
> +
> +# Locally calculated
> +sha256 d4a63567465f2bae9fd5e575e022587f832647fb41b023513ac880c4eb647fdd 0dc3103a5900
Ehh, how did you test this?
>>> dropbear 2018.76 Patching
PATH=/home/peko/source/buildroot/output/host/bin:$PATH support/scripts/apply-patches.sh /home/peko/source/buildroot/output/build/dropbear-2018.76 /var/lib/downloads/dropbear 0dc3103a5900
Unsupported file type for /var/lib/downloads/dropbear/0dc3103a5900, skipping
So I've added the patch in Buildroot instead and committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list