diff options
| author | Etienne Champetier <champetier.etienne@gmail.com> | 2023-07-10 07:56:05 +0200 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2023-07-26 14:00:52 +0200 |
| commit | ee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5 (patch) | |
| tree | ae7d5b6d65647c97c9b2568be3f80960ac9fc61d /package/network | |
| parent | 23953cfa5afa2e8cd9e1c1475d065cb954d8ceb6 (diff) | |
| download | upstream-ee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5.tar.gz upstream-ee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5.tar.bz2 upstream-ee910d1e67c5ebba3bc2c136c8c6b5358a8c17b5.zip | |
dropbear: add ed25519 for failsafe key
At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use
failsafe, we get 'Bad server host key: Invalid key length'
To workaround the issue, we can use: ssh -o RSAMinSize=1024 ...
Generating 2048 bits RSA is extremely slow, so add ed25519.
We keep RSA 1024 to be as compatible as possible.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 6ac61dead99ff6b9df00c29b7a858772449718b2)
Diffstat (limited to 'package/network')
| -rwxr-xr-x | package/network/services/dropbear/files/dropbear.failsafe | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/package/network/services/dropbear/files/dropbear.failsafe b/package/network/services/dropbear/files/dropbear.failsafe index a98ede459a..97bd12d58a 100755 --- a/package/network/services/dropbear/files/dropbear.failsafe +++ b/package/network/services/dropbear/files/dropbear.failsafe @@ -1,8 +1,9 @@ #!/bin/sh failsafe_dropbear () { - dropbearkey -t rsa -s 1024 -f /tmp/dropbear_failsafe_host_key - dropbear -r /tmp/dropbear_failsafe_host_key <> /dev/null 2>&1 + dropbearkey -t rsa -s 1024 -f /tmp/dropbear_rsa_failsafe_host_key + dropbearkey -t ed25519 -f /tmp/dropbear_ed25519_failsafe_host_key + dropbear -r /tmp/dropbear_rsa_failsafe_host_key -r /tmp/dropbear_ed25519_failsafe_host_key <> /dev/null 2>&1 } boot_hook_add failsafe failsafe_dropbear |