Ping!
Any comments?
On 09-08-16 13:36, Mike Looijmans wrote:
> This patch adds DROPBEAR_RSAKEY_ARGS and DROPBEAR_DSSKEY_ARGS optional
> parameters to /etc/default/dropbear. The contents are simply passed to
> the 'dropbearkey' program when generating a host key.
>
> The default keysize for RSA is currently 2048 bits. It takes a CortexA9
> running at 700MHz between 4 and 10 seconds to calculate a keypair. The
> board boots Linux in about a second, but you have to wait for several
> seconds because of the keypair generation. This patch allows one to put
> the line DROPBEAR_RSAKEY_ARGS="-s 1024" into /etc/default/dropbear, and
> have a host key generated in about 0.2 seconds on the same CPU. This is
> particulary useful for read-only rootfs systems which generate a key on
> each boot.
>
> Signed-off-by: Mike Looijmans <[email protected]>
> ---
> meta/recipes-core/dropbear/dropbear/init | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-core/dropbear/dropbear/init
> b/meta/recipes-core/dropbear/dropbear/init
> index e8fed3f..434bd6b 100755
> --- a/meta/recipes-core/dropbear/dropbear/init
> +++ b/meta/recipes-core/dropbear/dropbear/init
> @@ -62,13 +62,13 @@ for t in $DROPBEAR_KEYTYPES; do
> if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then
> rm $DROPBEAR_RSAKEY || true
> fi
> - test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
> + test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
> $DROPBEAR_RSAKEY_ARGS
> ;;
> dsa)
> if [ -f "$DROPBEAR_DSSKEY" -a ! -s "$DROPBEAR_DSSKEY" ]; then
> rm $DROPBEAR_DSSKEY || true
> fi
> - test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
> + test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
> $DROPBEAR_DSSKEY_ARGS
> ;;
> esac
> done
> --
> 1.9.1
>
> Kind regards,
>
> Mike Looijmans
>
> System Expert
>
>
>
> *TOPIC Products*
>
>
>
>
>
> Materiaalweg 4
>
>
>
>
>
> 5681 RJ Best
>
>
>
> T:
>
>
>
> +31 (0) 499 33 69 69
>
> Postbus 440
>
>
>
> E:
>
>
>
> [email protected]
>
> 5680 AK Best
>
>
>
> W:
>
>
>
> www.topicproducts.com <http://www.topicproducts.com>
>
> The Netherlands
>
> <https://www.facebook.com/TopicProducts><https://twitter.com/TopicProducts><https://www.linkedin.com/company/topic-embedded-products>
> Please consider the environment before printing this e-mail
>
>
> Topic zoekt gedreven (embedded) software specialisten!
> <http://topic.nl/vacancy/topic-zoekt-technische-software-engineers/>
>
Any comments?
On 09-08-16 13:36, Mike Looijmans wrote:
> This patch adds DROPBEAR_RSAKEY_ARGS and DROPBEAR_DSSKEY_ARGS optional
> parameters to /etc/default/dropbear. The contents are simply passed to
> the 'dropbearkey' program when generating a host key.
>
> The default keysize for RSA is currently 2048 bits. It takes a CortexA9
> running at 700MHz between 4 and 10 seconds to calculate a keypair. The
> board boots Linux in about a second, but you have to wait for several
> seconds because of the keypair generation. This patch allows one to put
> the line DROPBEAR_RSAKEY_ARGS="-s 1024" into /etc/default/dropbear, and
> have a host key generated in about 0.2 seconds on the same CPU. This is
> particulary useful for read-only rootfs systems which generate a key on
> each boot.
>
> Signed-off-by: Mike Looijmans <[email protected]>
> ---
> meta/recipes-core/dropbear/dropbear/init | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-core/dropbear/dropbear/init
> b/meta/recipes-core/dropbear/dropbear/init
> index e8fed3f..434bd6b 100755
> --- a/meta/recipes-core/dropbear/dropbear/init
> +++ b/meta/recipes-core/dropbear/dropbear/init
> @@ -62,13 +62,13 @@ for t in $DROPBEAR_KEYTYPES; do
> if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then
> rm $DROPBEAR_RSAKEY || true
> fi
> - test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
> + test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
> $DROPBEAR_RSAKEY_ARGS
> ;;
> dsa)
> if [ -f "$DROPBEAR_DSSKEY" -a ! -s "$DROPBEAR_DSSKEY" ]; then
> rm $DROPBEAR_DSSKEY || true
> fi
> - test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
> + test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
> $DROPBEAR_DSSKEY_ARGS
> ;;
> esac
> done
> --
> 1.9.1
>
> Kind regards,
>
> Mike Looijmans
>
> System Expert
>
>
>
> *TOPIC Products*
>
>
>
>
>
> Materiaalweg 4
>
>
>
>
>
> 5681 RJ Best
>
>
>
> T:
>
>
>
> +31 (0) 499 33 69 69
>
> Postbus 440
>
>
>
> E:
>
>
>
> [email protected]
>
> 5680 AK Best
>
>
>
> W:
>
>
>
> www.topicproducts.com <http://www.topicproducts.com>
>
> The Netherlands
>
> <https://www.facebook.com/TopicProducts><https://twitter.com/TopicProducts><https://www.linkedin.com/company/topic-embedded-products>
> Please consider the environment before printing this e-mail
>
>
> Topic zoekt gedreven (embedded) software specialisten!
> <http://topic.nl/vacancy/topic-zoekt-technische-software-engineers/>
>
Kind regards,
Mike Looijmans
System Expert
|
TOPIC Products |
|
| |
|
Materiaalweg 4 |
|
| |
|
5681 RJ Best |
T: |
+31 (0) 499 33 69 69 | |
|
Postbus 440 |
E: |
||
|
5680 AK Best |
W: |
||
| The Netherlands |
Please consider the environment before printing this
e-mail
Topic zoekt gedreven (embedded) software specialisten!
-- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
