Thank you CamVan, I've applied the patch now. Cheers, Matt
> On Wed 21/2/2018, at 5:54 am, Camvan T Nguyen <ctngu...@us.ibm.com> wrote: > > In our environment, we generate an RSA host key in /var/lib/dropbear and > start the dropbear service with the following command: > > /usr/sbin/dropbear -i -r /var/lib/dropbear/dropbear_rsa_host_key -B > > We are getting the following Warning messages: > > Feb 20 06:08:50 witherspoon dropbear[1406]: Failed loading > /etc/dropbear/dropbear_rsa_host_key > Feb 20 06:08:50 witherspoon dropbear[1406]: Failed loading > /etc/dropbear/dropbear_dss_host_key > Feb 20 06:08:50 witherspoon dropbear[1406]: Failed loading > /etc/dropbear/dropbear_ecdsa_host_key > > This is because in our environment, we don't generate the 3 types of host > keys in /etc/dropbear. Dropbear will first load the host key specified by the > -r option and then will also try to load all 3 types of host keys from the > default path /etc/dropbear. We propose the following patch be made to > dropbear svr-runopts.c such that dropbear will only load the host keys from > the default /etc/dropbear path if a key is not specified by the -r option. > > > From b2048847702e00df8d404896323857f89cda215e Mon Sep 17 00:00:00 2001 > From: CamVan Nguyen <ctngu...@us.ibm.com> > Date: Tue, 20 Feb 2018 15:34:00 -0600 > Subject: [PATCH 1/1] Only load dropbear default host keys if a key is not > specified > > --- > svr-runopts.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/svr-runopts.c b/svr-runopts.c > index 3d97023..38a1b75 100644 > --- a/svr-runopts.c > +++ b/svr-runopts.c > @@ -510,17 +510,20 @@ void load_all_hostkeys() { > m_free(hostkey_file); > } > > + /* Only load default host keys if a host key is not specified by the user */ > + if (0 == svr_opts.num_hostkey_files) { > #if DROPBEAR_RSA > - loadhostkey(RSA_PRIV_FILENAME, 0); > + loadhostkey(RSA_PRIV_FILENAME, 0); > #endif > > #if DROPBEAR_DSS > - loadhostkey(DSS_PRIV_FILENAME, 0); > + loadhostkey(DSS_PRIV_FILENAME, 0); > #endif > > #if DROPBEAR_ECDSA > - loadhostkey(ECDSA_PRIV_FILENAME, 0); > + loadhostkey(ECDSA_PRIV_FILENAME, 0); > #endif > + } > > #if DROPBEAR_DELAY_HOSTKEY > if (svr_opts.delay_hostkey) { > -- > 1.8.2.2 > > > Thanks, > CamVan Nguyen > POWER Firmware Tools Development & Support, STG > 512-286-7756 T/L: 363-7756