aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEtienne Champetier <champetier.etienne@gmail.com>2023-07-10 07:56:05 +0200
committerHauke Mehrtens <hauke@hauke-m.de>2023-07-26 14:00:52 +0200
commitee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5 (patch)
treeae7d5b6d65647c97c9b2568be3f80960ac9fc61d
parent23953cfa5afa2e8cd9e1c1475d065cb954d8ceb6 (diff)
downloadupstream-ee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5.tar.gz
upstream-ee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5.tar.bz2
upstream-ee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5.zip
dropbear: add ed25519 for failsafe key
At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use failsafe, we get 'Bad server host key: Invalid key length' To workaround the issue, we can use: ssh -o RSAMinSize=1024 ... Generating 2048 bits RSA is extremely slow, so add ed25519. We keep RSA 1024 to be as compatible as possible. Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> (cherry picked from commit 6ac61dead99ff6b9df00c29b7a858772449718b2)
Diffstat
-rwxr-xr-xpackage/network/services/dropbear/files/dropbear.failsafe5
1 files changed, 3 insertions, 2 deletions
diff --git a/package/network/services/dropbear/files/dropbear.failsafe b/package/network/services/dropbear/files/dropbear.failsafe
index a98ede459a..97bd12d58a 100755
--- a/package/network/services/dropbear/files/dropbear.failsafe
+++ b/package/network/services/dropbear/files/dropbear.failsafe
@@ -1,8 +1,9 @@
#!/bin/sh
failsafe_dropbear () {
- dropbearkey -t rsa -s 1024 -f /tmp/dropbear_failsafe_host_key
- dropbear -r /tmp/dropbear_failsafe_host_key <> /dev/null 2>&1
+ dropbearkey -t rsa -s 1024 -f /tmp/dropbear_rsa_failsafe_host_key
+ dropbearkey -t ed25519 -f /tmp/dropbear_ed25519_failsafe_host_key
+ dropbear -r /tmp/dropbear_rsa_failsafe_host_key -r /tmp/dropbear_ed25519_failsafe_host_key <> /dev/null 2>&1
}
boot_hook_add failsafe failsafe_dropbear
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-06 01:31:37 +0000