diff options
author | Travis Kemen <thepeople@openwrt.org> | 2010-03-14 21:26:45 +0000 |
---|---|---|
committer | Travis Kemen <thepeople@openwrt.org> | 2010-03-14 21:26:45 +0000 |
commit | 6aca925ca80969382b943ddb401dd1238d815554 (patch) | |
tree | ad4826b48e84089b0541ad9b002193790a80a247 /package/dropbear/files | |
parent | 73f61a64eba854ea115feecbed97c0a35907d914 (diff) | |
download | upstream-6aca925ca80969382b943ddb401dd1238d815554.tar.gz upstream-6aca925ca80969382b943ddb401dd1238d815554.tar.bz2 upstream-6aca925ca80969382b943ddb401dd1238d815554.zip |
this patch allow to set -g option 1. -g allow to make a more secure ssh server configuration by avoiding brute force attack on root while allowing user to use password (where the username is more difficult to guess).
Matthieu
from #6736
SVN-Revision: 20219
Diffstat (limited to 'package/dropbear/files')
-rwxr-xr-x | package/dropbear/files/dropbear.init | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/package/dropbear/files/dropbear.init b/package/dropbear/files/dropbear.init index 85a90d02fd..6250636fc1 100755 --- a/package/dropbear/files/dropbear.init +++ b/package/dropbear/files/dropbear.init @@ -37,15 +37,20 @@ dropbear_start() config_get port "${section}" Port # C) banner file local bannerfile - config_get bannerfile ${section} BannerFile - [ -f $bannerfile ] || bannerfile='' + config_get bannerfile "${section}" BannerFile + [ -f "$bannerfile" ] || bannerfile='' # D) gatewayports local gatewayports config_get_bool gatewayports "${section}" GatewayPorts 0 [ "${gatewayports}" -eq 1 ] || gatewayports='' + # E) root password authentication + local norootpasswd + local rootpassauth + config_get_bool rootpassauth "${section}" RootPasswordAuth 1 + [ "${rootpassauth}" -eq 0 ] && norootpasswd=1 # concatenate parameters local args - args="${nopasswd:+-s }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid" + args="${nopasswd:+-s }${norootpasswd:+-g }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid" # execute program and return its exit code [ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}" |