On 15-05-29 10:40:35, Matthew Karas wrote: > I am trying to configure dropbear to do the following. > > 1) Only listen on port 22 of the tun0 interface (made by openvpn service). > 2) Only use public key authorization. > > To do this I've overridden the dropbear.socket file with my own. > > ---------------------------------------------------- start > [Unit] > Conflicts=dropbear.service > After=openvpn@foo.service > Wants=openvpn@foo.service
may be ise 'Requires' here > > [Socket] > ListenStream=22 > Accept=yes > BindToDevice=tun0 <<<<<<< made by open vpn > > [Install] > WantedBy=sockets.target > Also=dropbearkey.service > > ----------------------------------------------------finish > > I also install my public key to where I think dropbear needs the keys. > > --------bb append snippet----------------------------------- > do_install_append() { > install -d ${D}/root/.ssh > install -m 0600 ${WORKDIR}/authorized_keys ${D}/root/.ssh/authorized_keys > echo 'DROPBEAR_EXTRA_ARGS="-E -g"'> ${D}${sysconfdir}/default/dropbear > } > > FILES_${PN} += "/home/root/.ssh/authorized_keys" > ------------------------------------------------------------------- > > Currently the system finds a system ordering loop and shuts down openvpn. > > How do I get the dropbear.socket to depend on openvpn - when openvpn > depends on the sockets being up (and sockets.target wants > dropbear.socket)? Is there another way to have dropbear only look at > the tun0 port 22 and not the eth0 port 22? > > Thanks > -- > _______________________________________________ > yocto mailing list > yocto@yoctoproject.org > https://lists.yoctoproject.org/listinfo/yocto -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto