Write the ssh authorized key to /etc/dropbear/ssh_authorized_keys if present
inside boad.json.
Signed-off-by: John Crispin <j...@phrozen.org>
---
package/network/services/dropbear/Makefile | 2 ++
.../services/dropbear/files/dropbear.defaults | 15 +++++++++++++++
2 files changed, 17 insertions(+)
create mode 100644 package/network/services/dropbear/files/dropbear.defaults
diff --git a/package/network/services/dropbear/Makefile
b/package/network/services/dropbear/Makefile
index 3367fd7f74..e9f3bd693c 100644
--- a/package/network/services/dropbear/Makefile
+++ b/package/network/services/dropbear/Makefile
@@ -227,6 +227,8 @@ define Package/dropbear/install
$(INSTALL_DIR) $(1)/etc/dropbear
$(INSTALL_DIR) $(1)/lib/preinit
$(INSTALL_DATA) ./files/dropbear.failsafe
$(1)/lib/preinit/99_10_failsafe_dropbear
+ $(INSTALL_DIR) $(1)/etc/uci-defaults
+ $(INSTALL_DATA) ./files/dropbear.defaults
$(1)/etc/uci-defaults/50-dropbear
$(foreach f,$(filter
/etc/dropbear/%,$(Package/dropbear/conffiles)),$(if $(wildcard
$(TOPDIR)/files/$(f)),chmod 0600 $(TOPDIR)/files/$(f) || :; ))
endef
diff --git a/package/network/services/dropbear/files/dropbear.defaults
b/package/network/services/dropbear/files/dropbear.defaults
new file mode 100644
index 0000000000..ad831521b1
--- /dev/null
+++ b/package/network/services/dropbear/files/dropbear.defaults
@@ -0,0 +1,15 @@
+[ ! -s /etc/dropbear/authorized_keys ] || exit 0
+
+. /usr/share/libubox/jshn.sh
+
+json_init
+json_load "$(cat /etc/board.json)"
+
+json_select credentials
+ json_get_vars ssh_authorized_keys ssh_authorized_key
+ [ -z "$ssh_authorized_key" ] || {
+ echo -n "$ssh_authorized_key" > /etc/dropbear/authorized_keys
+ uci set dropbear.@dropbear[-1].PasswordAuth='off'
+ uci set dropbear.@dropbear[-1].RootPasswordAuth='off'
+ }
+json_select ..
--
2.34.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
