I am trying to configure dropbear to do the following. 1) Only listen on port 22 of the tun0 interface (made by openvpn service). 2) Only use public key authorization.
To do this I've overridden the dropbear.socket file with my own. ---------------------------------------------------- start [Unit] Conflicts=dropbear.service After=openvpn@foo.service Wants=openvpn@foo.service [Socket] ListenStream=22 Accept=yes BindToDevice=tun0 <<<<<<< made by open vpn [Install] WantedBy=sockets.target Also=dropbearkey.service ----------------------------------------------------finish I also install my public key to where I think dropbear needs the keys. --------bb append snippet----------------------------------- do_install_append() { install -d ${D}/root/.ssh install -m 0600 ${WORKDIR}/authorized_keys ${D}/root/.ssh/authorized_keys echo 'DROPBEAR_EXTRA_ARGS="-E -g"'> ${D}${sysconfdir}/default/dropbear } FILES_${PN} += "/home/root/.ssh/authorized_keys" ------------------------------------------------------------------- Currently the system finds a system ordering loop and shuts down openvpn. How do I get the dropbear.socket to depend on openvpn - when openvpn depends on the sockets being up (and sockets.target wants dropbear.socket)? Is there another way to have dropbear only look at the tun0 port 22 and not the eth0 port 22? Thanks -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto