Browse Source

Merge pull request #10643 from kmcopper/openssh

OpenSSH: Add failsafe support
lilik-openwrt-22.03
Rosen Penev 4 years ago
committed by GitHub
parent
commit
24002cdc38
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 33 additions and 1 deletions
  1. +3
    -1
      net/openssh/Makefile
  2. +30
    -0
      net/openssh/files/sshd.failsafe

+ 3
- 1
net/openssh/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openssh PKG_NAME:=openssh
PKG_VERSION:=8.4p1 PKG_VERSION:=8.4p1
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
@ -219,6 +219,8 @@ define Package/openssh-server/install
sed -r -i 's,^#(HostKey /etc/ssh/ssh_host_(rsa|ed25519)_key)$$$$,\1,' $(1)/etc/ssh/sshd_config sed -r -i 's,^#(HostKey /etc/ssh/ssh_host_(rsa|ed25519)_key)$$$$,\1,' $(1)/etc/ssh/sshd_config
$(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd $(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
$(INSTALL_DIR) $(1)/lib/preinit
$(INSTALL_BIN) ./files/sshd.failsafe $(1)/lib/preinit/99_10_failsafe_sshd
$(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
endef endef


+ 30
- 0
net/openssh/files/sshd.failsafe View File

@ -0,0 +1,30 @@
#!/bin/sh
failsafe_sshd () {
# if dropbear is executable it can handle failsafe
[ -x /usr/sbin/dropbear ] && return
sshd_tmpdir=/tmp/sshd
mkdir $sshd_tmpdir
sed -i 's/^root:.*/root::0:17000:::::/g' /etc/shadow
for type in ed25519; do
key=$sshd_tmpdir/ssh_host_${type}_key
ssh-keygen -N '' -t ${type} -f ${key}
done
mkdir -m 0700 -p /var/empty
cat > $sshd_tmpdir/sshd_config <<EOF
HostKey $sshd_tmpdir/ssh_host_ed25519_key
PermitRootLogin yes
PermitEmptyPasswords yes
EOF
/usr/sbin/sshd -f $sshd_tmpdir/sshd_config -E $sshd_tmpdir/sshd.log
}
boot_hook_add failsafe failsafe_sshd

Loading…
Cancel
Save