projects / feed / packages.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2991c20)
openssh: add openwrt failsafe support 10643/head
authorKyle Copperfield <kmcopper@danwin1210.me>
Mon, 11 Nov 2019 12:10:45 +0000 (12:10 +0000)
committerKyle Copperfield <kmcopper@danwin1210.me>
Tue, 15 Dec 2020 10:19:32 +0000 (10:19 +0000)
Adds failsafe support to the openssh package.
Roughly based on an earlier patch.

Ref: https://github.com/openwrt/openwrt/pull/865
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
net/openssh/Makefile patch | blob | history
net/openssh/files/sshd.failsafe [new file with mode: 0755] patch | blob

diff --git a/net/openssh/Makefile b/net/openssh/Makefile
index 2a0863248933248eb5b1cb2046646a369751b9b9..c93ae279434e5c71dc939e54c30b6f2812c6dedc 100644 (file)
--- a/net/openssh/Makefile
+++ b/net/openssh/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssh
 PKG_VERSION:=8.4p1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
@@ -219,6 +219,8 @@ define Package/openssh-server/install
        sed -r -i 's,^#(HostKey /etc/ssh/ssh_host_(rsa|ed25519)_key)$$$$,\1,' $(1)/etc/ssh/sshd_config
        $(INSTALL_DIR) $(1)/etc/init.d
        $(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
+       $(INSTALL_DIR) $(1)/lib/preinit
+       $(INSTALL_BIN) ./files/sshd.failsafe $(1)/lib/preinit/99_10_failsafe_sshd
        $(INSTALL_DIR) $(1)/usr/sbin
        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
 endef
diff --git a/net/openssh/files/sshd.failsafe b/net/openssh/files/sshd.failsafe
new file mode 100755 (executable)
index 0000000..ed1429b
--- /dev/null
+++ b/net/openssh/files/sshd.failsafe
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+failsafe_sshd () {
+
+       # if dropbear is executable it can handle failsafe
+       [ -x /usr/sbin/dropbear ] && return
+
+       sshd_tmpdir=/tmp/sshd
+       mkdir $sshd_tmpdir
+
+       sed -i 's/^root:.*/root::0:17000:::::/g' /etc/shadow
+
+       for type in ed25519; do
+               key=$sshd_tmpdir/ssh_host_${type}_key
+               ssh-keygen -N '' -t ${type} -f ${key}
+       done
+
+       mkdir -m 0700 -p /var/empty
+
+       cat > $sshd_tmpdir/sshd_config <<EOF
+HostKey $sshd_tmpdir/ssh_host_ed25519_key
+PermitRootLogin        yes
+PermitEmptyPasswords yes
+EOF
+
+       /usr/sbin/sshd -f $sshd_tmpdir/sshd_config -E $sshd_tmpdir/sshd.log
+
+}
+
+boot_hook_add failsafe failsafe_sshd
Mirror of packages feed