cirros-testvm/src-cirros/patches-buildroot/dropbear-init-generate-keys.patch

   1 generate keys in dropbear sysvinit script
   2
   3 buildroot upstream now uses '-R' to get their keys generated
   4 which is to generate them on the fly.  We'd rather they're explicitly
   5 generated ahead of time so that we can log them.
   6 Index: buildroot/package/dropbear/S50dropbear
   7 ===================================================================
   8 --- buildroot.orig/package/dropbear/S50dropbear 2014-09-01 11:20:56.000000000 +0000
   9 +++ buildroot/package/dropbear/S50dropbear      2014-09-16 19:29:54.320096000 +0000
  10 @@ -6,9 +6,17 @@
  11  # Allow a few customizations from a config file
  12  test -r /etc/default/dropbear && . /etc/default/dropbear
  13
  14 +DROPBEAR_KEYTYPES="rsa dss ecc"
  15  start() {
  16         DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
  17
  18 +       local ktype file
  19 +       for ktype in rsa dss ecdsa; do
  20 +               file="/etc/dropbear/dropbear_${ktype}_host_key"
  21 +               cirros-per instance dropbear-keygen-$ktype -- \
  22 +                       dropbearkey -t "$ktype" -f "$file" >/dev/null 2>&1 ||
  23 +               echo "WARN: generating key of type $ktype failed!"
  24 +       done
  25         echo -n "Starting dropbear sshd: "
  26         umask 077
  27         start-stop-daemon -S -q -p /var/run/dropbear.pid \