forked from Sysdeploy/openwrt
Replace opessh-server with dropbear
- apparently dropbear now supports ed25519 keys so openssh isn't necessary anymore
This commit is contained in:
parent
1e60f1fd33
commit
5c79f3da22
|
@ -50,10 +50,10 @@ echo "CONFIG_TARGET_ROOTFS_PARTSIZE=208" >> .config
|
|||
echo "CONFIG_TARGET_ROOTFS_EXT4FS=n" >> .config
|
||||
|
||||
# Setup files
|
||||
mkdir -p files/root/.ssh
|
||||
chmod 0700 files/root files/root/.ssh
|
||||
cp ${pwd}/authorized_keys files/root/.ssh/
|
||||
chmod 0400 files/root/.ssh/authorized_keys
|
||||
mkdir -p files/etc/dropbear
|
||||
chmod 0750 files/etc/dropbear
|
||||
cp ${pwd}/authorized_keys files/etc/dropbear
|
||||
chmod 0400 files/etc/dropbear/authorized_keys
|
||||
mkdir -p files/etc/uci-defaults
|
||||
cp ${pwd}/defaults/* files/etc/uci-defaults
|
||||
|
||||
|
@ -90,11 +90,10 @@ PACKAGES="kmod-nf-nathelper-extra kmod-rtc-ds1307 \
|
|||
luci-ssl-nginx luci-app-acme \
|
||||
python3-packages python3-yaml \
|
||||
wireguard-tools wget-ssl \
|
||||
openssh-server \
|
||||
"
|
||||
|
||||
make image PROFILE=rpi-4 \
|
||||
PACKAGES="${PACKAGES}" DISABLED_SERVICES="dropbear" FILES="files"
|
||||
PACKAGES="${PACKAGES}" FILES="files"
|
||||
|
||||
make manifest PROFILE=rpi-4 PACKAGES="${PACKAGES}"
|
||||
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
VERSION=1
|
||||
|
||||
[ "$(uci -q get defaults.dropbear)" -ge "$VERSION" ] && exit 0
|
||||
|
||||
# save version
|
||||
/sbin/uci set defaults.dropbear="$VERSION"
|
||||
|
||||
uci -q batch << EOF
|
||||
dropbear.@dropbear[0].PasswordAuth='off'
|
||||
dropbear.@dropbear[0].RootPasswordAuth='off'
|
||||
commit dropbear
|
||||
EOF
|
|
@ -1,2 +0,0 @@
|
|||
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
|
||||
/sbin/service sshd restart
|
Loading…
Reference in New Issue