Re: [ptxdist] [APPLIED] openssh: make host key generation optional

[Michael Olbrich]

Thanks, applied as abfc4e40a6c5358d00a7f0e24b4b10888b7e8090.

Michael

[sent from post-receive hook]

On Fri, 27 Nov 2020 09:39:14 +0100, Artur Wiebe <ar...@4wiebe.de> wrote:
> If not set host keys must be provided in some other way
> (otherwise sshd will not start)
> 
> Signed-off-by: Artur Wiebe <ar...@4wiebe.de>
> Acked-by: Roland Hieber <r...@pengutronix.de>
> Message-Id: <20201116191113.239636-1-ar...@4wiebe.de>
> Signed-off-by: Michael Olbrich <m.olbr...@pengutronix.de>
> 
> diff --git a/rules/openssh.in b/rules/openssh.in
> index 09f5c55551d7..37013250cd8b 100644
> --- a/rules/openssh.in
> +++ b/rules/openssh.in
> @@ -6,10 +6,10 @@ menuconfig OPENSSH
>       select OPENSSL
>       select LIBC_CRYPT
>       select LIBC_UTIL
> -     select RC_ONCE if OPENSSH_SSHD && RUNTIME
> +     select RC_ONCE if OPENSSH_SSHD_GENKEYS && RUNTIME
>       select BUSYBOX_START_STOP_DAEMON if OPENSSH_SSHD_STARTSCRIPT
>       select LIBSELINUX if GLOBAL_SELINUX
> -     select OPENSSH_KEYGEN if OPENSSH_SSHD
> +     select OPENSSH_KEYGEN if OPENSSH_SSHD_GENKEYS
>       prompt "openssh                       "
>       help
>         secure shell client/server, an rlogin/rsh/rcp replacement
> @@ -49,6 +49,14 @@ config OPENSSH_SSHD_SYSTEMD_UNIT
>       depends on OPENSSH_SSHD && SYSTEMD
>       prompt "install systemd unit files for sshd"
>  
> +config OPENSSH_SSHD_GENKEYS
> +     bool "generate sshd host keys at first boot"
> +     default y
> +     depends on OPENSSH_SSHD
> +     help
> +       If not set host keys must be provided in some other way
> +       (otherwise sshd will not start)
> +
>  config OPENSSH_SCP
>       bool "scp"
>       help
> diff --git a/rules/openssh.make b/rules/openssh.make
> index cae04487f8af..99fca3f4600f 100644
> --- a/rules/openssh.make
> +++ b/rules/openssh.make
> @@ -105,8 +105,10 @@ ifdef PTXCONF_OPENSSH_SSHD
>               /etc/ssh/moduli)
>       @$(call install_copy, openssh, 0, 0, 0755, -, \
>               /usr/sbin/sshd)
> +ifdef PTXCONF_OPENSSH_SSHD_GENKEYS
>       @$(call install_alternative, openssh, 0, 0, 0755, 
> /etc/rc.once.d/openssh)
>  endif
> +endif
>  
>  ifdef PTXCONF_INITMETHOD_BBINIT
>  ifdef PTXCONF_OPENSSH_SSHD_STARTSCRIPT
> diff --git a/rules/openssh.postinst b/rules/openssh.postinst
> index fcfbf9149342..a7bbf1c5889b 100644
> --- a/rules/openssh.postinst
> +++ b/rules/openssh.postinst
> @@ -1,2 +1,4 @@
>  #!/bin/sh
> -$DESTDIR/usr/sbin/enable-rc-once openssh
> +if [ -f $DESTDIR/etc/rc.once.d/openssh ]; then
> +     $DESTDIR/usr/sbin/enable-rc-once openssh
> +fi

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to 
ptxdist-requ...@pengutronix.de