Commit ded43b13 authored by Ryan Jackson's avatar Ryan Jackson

Added support for OpenSSH v2 host keys

The init script for Dropbear will now convert OpenSSH format
host keys to the Dropbear format if they are found at startup.

/etc/ssh/ssh_host_rsa_key -> /etc/dropbear/dropbear_rsa_host_key
/etc/ssh/ssh_host_dsa_key -> /etc/dropbear/dropbear_dss_host_key
parent 990de36f
......@@ -65,6 +65,8 @@ $(TARGET_PATH)/usr/sbin/dropbear: $(DROPBEAR_PATH)/dropbearmulti
mkdir -p $(TARGET_PATH)/etc/init.d
install -m 755 $(SOURCE_PATH)/dropbear/S50dropbear $(TARGET_PATH)/etc/init.d/S50dropbear
mkdir -p $(TARGET_PATH)/usr/lib
mkdir -p $(TARGET_PATH)/etc/dropbear
ln -snf /etc/dropbear $(TARGET_PATH)/etc/ssh
touch -c $@
clean:
......
......@@ -3,8 +3,14 @@
# Starts dropbear sshd.
#
DROPBEAR_RSA_KEY=/etc/dropbear/dropbear_rsa_key
DROPBEAR_DSA_KEY=/etc/dropbear/dropbear_dss_key
SSH_RSA_KEY=/etc/ssh/ssh_host_rsa_key
SSH_DSA_KEY=/etc/ssh/ssh_host_dsa_key
# Make sure the dropbearkey progam exists
[ -f /usr/bin/dropbearkey ] || exit 0
[ -f /usr/bin/dropbearconvert ] || exit 0
start() {
echo -n "Starting dropbear sshd: "
......@@ -12,17 +18,33 @@ start() {
if [ ! -d /etc/dropbear ] ; then
mkdir -p /etc/dropbear
fi
# Check for the Dropbear RSA key
if [ ! -f /etc/dropbear/dropbear_rsa_host_key ] ; then
echo -n "generating rsa key... "
/usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key > /dev/null 2>&1
# Check for an OpenSSH v2 RSA key and convert it. If not present, generate a
# new key
if ! [ -f $DROPBEAR_RSA_KEY ]; then
if [ -f $SSH_RSA_KEY ]; then
echo -n "converting OpenSSH RSA key... "
/usr/bin/dropbearconvert openssh dropbear $SSH_RSA_KEY \
$DROPBEAR_RSA_KEY > /dev/null 2>&1
else
echo -n "generating rsa key... "
/usr/bin/dropbearkey -t rsa -f $DROPBEAR_RSA_KEY > /dev/null 2>&1
fi
fi
# Check for the Dropbear DSS key
if [ ! -f /etc/dropbear/dropbear_dss_host_key ] ; then
echo -n "generating dsa key... "
/usr/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key > /dev/null 2>&1
# Check for an OpenSSH v2 DSA key and convert it. If not present, generate a
# new key
if ! [ -f $DROPBEAR_DSA_KEY ]; then
if [ -f $SSH_DSA_KEY ]; then
echo -n "converting OpenSSH DSA key... "
/usr/bin/dropbearconvert openssh dropbear $SSH_DSA_KEY \
$DROPBEAR_DSA_KEY > /dev/null 2>&1
else
echo -n "generating dss key... "
/usr/bin/dropbearkey -t dss -f $DROPBEAR_DSA_KEY > /dev/null 2>&1
fi
fi
umask 077
start-stop-daemon -S -q -p /var/run/dropbear.pid --exec /usr/sbin/dropbear
echo "OK"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment