On Mon, Nov 16, 2020 at 08:11:13PM +0100, Artur Wiebe wrote: > If not set host keys must be provided in some other way > (otherwise sshd will not start) > > Signed-off-by: Artur Wiebe <ar...@4wiebe.de>
Looks like an elegant solution to me. Acked-by: Roland Hieber <r...@pengutronix.de> > --- > rules/openssh.in | 12 ++++++++++-- > rules/openssh.make | 2 ++ > rules/openssh.postinst | 4 +++- > 3 files changed, 15 insertions(+), 3 deletions(-) > > diff --git a/rules/openssh.in b/rules/openssh.in > index 09f5c5555..37013250c 100644 > --- a/rules/openssh.in > +++ b/rules/openssh.in > @@ -6,10 +6,10 @@ menuconfig OPENSSH > select OPENSSL > select LIBC_CRYPT > select LIBC_UTIL > - select RC_ONCE if OPENSSH_SSHD && RUNTIME > + select RC_ONCE if OPENSSH_SSHD_GENKEYS && RUNTIME > select BUSYBOX_START_STOP_DAEMON if OPENSSH_SSHD_STARTSCRIPT > select LIBSELINUX if GLOBAL_SELINUX > - select OPENSSH_KEYGEN if OPENSSH_SSHD > + select OPENSSH_KEYGEN if OPENSSH_SSHD_GENKEYS > prompt "openssh " > help > secure shell client/server, an rlogin/rsh/rcp replacement > @@ -49,6 +49,14 @@ config OPENSSH_SSHD_SYSTEMD_UNIT > depends on OPENSSH_SSHD && SYSTEMD > prompt "install systemd unit files for sshd" > > +config OPENSSH_SSHD_GENKEYS > + bool "generate sshd host keys at first boot" > + default y > + depends on OPENSSH_SSHD > + help > + If not set host keys must be provided in some other way > + (otherwise sshd will not start) > + > config OPENSSH_SCP > bool "scp" > help > diff --git a/rules/openssh.make b/rules/openssh.make > index cae04487f..99fca3f46 100644 > --- a/rules/openssh.make > +++ b/rules/openssh.make > @@ -105,8 +105,10 @@ ifdef PTXCONF_OPENSSH_SSHD > /etc/ssh/moduli) > @$(call install_copy, openssh, 0, 0, 0755, -, \ > /usr/sbin/sshd) > +ifdef PTXCONF_OPENSSH_SSHD_GENKEYS > @$(call install_alternative, openssh, 0, 0, 0755, > /etc/rc.once.d/openssh) > endif > +endif > > ifdef PTXCONF_INITMETHOD_BBINIT > ifdef PTXCONF_OPENSSH_SSHD_STARTSCRIPT > diff --git a/rules/openssh.postinst b/rules/openssh.postinst > index fcfbf9149..a7bbf1c58 100644 > --- a/rules/openssh.postinst > +++ b/rules/openssh.postinst > @@ -1,2 +1,4 @@ > #!/bin/sh > -$DESTDIR/usr/sbin/enable-rc-once openssh > +if [ -f $DESTDIR/etc/rc.once.d/openssh ]; then > + $DESTDIR/usr/sbin/enable-rc-once openssh > +fi > -- > 2.29.2 > > > _______________________________________________ > ptxdist mailing list > ptxdist@pengutronix.de > To unsubscribe, send a mail with subject "unsubscribe" to > ptxdist-requ...@pengutronix.de > -- Roland Hieber, Pengutronix e.K. | r.hie...@pengutronix.de | Steuerwalder Str. 21 | https://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de