diff options
| -rw-r--r-- | meta/recipes-connectivity/openssh/openssh_9.7p1.bb | 48 |
1 files changed, 26 insertions, 22 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_9.7p1.bb b/meta/recipes-connectivity/openssh/openssh_9.7p1.bb index 69eade3ee7..4a08c0bd66 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.7p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.7p1.bb | |||
| @@ -113,6 +113,31 @@ do_compile_ptest() { | |||
| 113 | oe_runmake regress-binaries regress-unit-binaries | 113 | oe_runmake regress-binaries regress-unit-binaries |
| 114 | } | 114 | } |
| 115 | 115 | ||
| 116 | sshd_hostkey_setup() { | ||
| 117 | # Enable specific ssh host keys | ||
| 118 | sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config | ||
| 119 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-rsa','true','false',d)}; then | ||
| 120 | echo "HostKey /etc/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config | ||
| 121 | fi | ||
| 122 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ecdsa','true','false',d)}; then | ||
| 123 | echo "HostKey /etc/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config | ||
| 124 | fi | ||
| 125 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ed25519','true','false',d)}; then | ||
| 126 | echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config | ||
| 127 | fi | ||
| 128 | |||
| 129 | sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 130 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-rsa','true','false',d)}; then | ||
| 131 | echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 132 | fi | ||
| 133 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ecdsa','true','false',d)}; then | ||
| 134 | echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 135 | fi | ||
| 136 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ed25519','true','false',d)}; then | ||
| 137 | echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 138 | fi | ||
| 139 | } | ||
| 140 | |||
| 116 | do_install:append () { | 141 | do_install:append () { |
| 117 | if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then | 142 | if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then |
| 118 | install -D -m 0644 ${UNPACKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd | 143 | install -D -m 0644 ${UNPACKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd |
| @@ -131,31 +156,9 @@ do_install:append () { | |||
| 131 | install -m 644 ${UNPACKDIR}/volatiles.99_sshd ${D}/${sysconfdir}/default/volatiles/99_sshd | 156 | install -m 644 ${UNPACKDIR}/volatiles.99_sshd ${D}/${sysconfdir}/default/volatiles/99_sshd |
| 132 | install -m 0755 ${S}/contrib/ssh-copy-id ${D}${bindir} | 157 | install -m 0755 ${S}/contrib/ssh-copy-id ${D}${bindir} |
| 133 | 158 | ||
| 134 | # Enable specific ssh host keys | ||
| 135 | sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config | ||
| 136 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-rsa','true','false',d)}; then | ||
| 137 | echo "HostKey /etc/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config | ||
| 138 | fi | ||
| 139 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ecdsa','true','false',d)}; then | ||
| 140 | echo "HostKey /etc/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config | ||
| 141 | fi | ||
| 142 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ed25519','true','false',d)}; then | ||
| 143 | echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config | ||
| 144 | fi | ||
| 145 | |||
| 146 | # Create config files for read-only rootfs | 159 | # Create config files for read-only rootfs |
| 147 | install -d ${D}${sysconfdir}/ssh | 160 | install -d ${D}${sysconfdir}/ssh |
| 148 | install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly | 161 | install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly |
| 149 | sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 150 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-rsa','true','false',d)}; then | ||
| 151 | echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 152 | fi | ||
| 153 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ecdsa','true','false',d)}; then | ||
| 154 | echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 155 | fi | ||
| 156 | if ${@bb.utils.contains('PACKAGECONFIG','hostkey-ed25519','true','false',d)}; then | ||
| 157 | echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly | ||
| 158 | fi | ||
| 159 | 162 | ||
| 160 | install -d ${D}${systemd_system_unitdir} | 163 | install -d ${D}${systemd_system_unitdir} |
| 161 | if ${@bb.utils.contains('PACKAGECONFIG','systemd-sshd-socket-mode','true','false',d)}; then | 164 | if ${@bb.utils.contains('PACKAGECONFIG','systemd-sshd-socket-mode','true','false',d)}; then |
| @@ -181,6 +184,7 @@ do_install:append () { | |||
| 181 | ${D}${sysconfdir}/init.d/sshd | 184 | ${D}${sysconfdir}/init.d/sshd |
| 182 | 185 | ||
| 183 | install -D -m 0755 ${UNPACKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys | 186 | install -D -m 0755 ${UNPACKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys |
| 187 | sshd_hostkey_setup | ||
| 184 | } | 188 | } |
| 185 | 189 | ||
| 186 | do_install_ptest () { | 190 | do_install_ptest () { |