jeans/LibreELEC.tv
jeans/LibreELEC.tv
1
0
Fork 0
mirror of https://github.com/LibreELEC/LibreELEC.tv.git synced 2025-07-30 06:06:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

openssh: dont run ssh per default, there is a security related discussion in http://openelec.tv/forum/20-development-discussion/20259-security-the-dilema-of-the-out-of-the-box-experience . Add 'ssh' to the appendline in our bootloader, or put a file called 'ssh_enable' in /storage/.config or the 'Configfile' Samba share. Both will enable SSH on boot. Add 'progress' to the appendline in bootloader to show the bootprogress without enabled debugging.

Browse Source 
Signed-off-by: Stephan Raue <stephan@openelec.tv>
This commit is contained in:
Stephan Raue 2011-12-22 20:38:15 +01:00
parent 1ca0f8f8fe
commit 93f3737a94
3 changed files with 57 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
packages/initramfs/sysutils/busybox-initramfs/scripts/init
View File

@ -52,6 +52,12 @@ NFS_OVERLAY="192.168.1.1:/var/lib/overlay"
bootchart)
BOOTCHART=yes
;;
ssh)
SSH=yes
;;
progress)
PROGRESS=yes
;;
fastboot)
FASTBOOT=yes
;;
@ -80,7 +86,7 @@ NFS_OVERLAY="192.168.1.1:/var/lib/overlay"
fi
progress() {
if test "$DEBUG" = "yes"; then
if test "$PROGRESS" = "yes"; then
echo "### $1 ###"
fi
}

84
packages/network/openssh/init.d/51_sshd
View File

@ -22,7 +22,6 @@
#
# runlevels: openelec, textmode
(
RSA1_KEY="/storage/.cache/ssh/ssh_host_key"
RSA2_KEY="/storage/.cache/ssh/ssh_host_rsa_key"
DSA2_KEY="/storage/.cache/ssh/ssh_host_dsa_key"
@ -30,45 +29,48 @@
KEYGEN="/usr/bin/ssh-keygen"
SSHD="/usr/sbin/sshd"
# Check for the SSH1 RSA key
if [ ! -s $RSA1_KEY ] ; then
progress "SSH: generating SSH1 RSA key"
(
if [ "$SSH" = yes -o -f /storage/.config/ssh_enable ]; then
mkdir -p /storage/.cache/ssh
$KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null
chmod 600 $RSA1_KEY
# Check for the SSH1 RSA key
if [ ! -s $RSA1_KEY ] ; then
progress "SSH: generating SSH1 RSA key"
mkdir -p /storage/.cache/ssh
$KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null
chmod 600 $RSA1_KEY
fi
# Check for the SSH2 RSA key
if [ ! -s $RSA2_KEY ] ; then
progress "SSH: generating SSH2 RSA key"
mkdir -p /storage/.cache/ssh
$KEYGEN -q -t rsa -f $RSA2_KEY -C '' -N '' >&/dev/null
chmod 600 $RSA2_KEY
fi
# Check for the SSH2 DSA key
if [ ! -s $DSA2_KEY ] ; then
progress "SSH: generating SSH2 DSA key"
mkdir -p /storage/.cache/ssh
$KEYGEN -q -t dsa -f $DSA2_KEY -C '' -N '' >&/dev/null
chmod 600 $DSA2_KEY
fi
# Check for predifined known hosts file
if [ -f /etc/ssh/known_hosts -a ! -f $HOME/.ssh/known_hosts ] ; then
progress "SSH: setup predifined known hosts"
mkdir -p /$HOME/.ssh
cp /etc/ssh/known_hosts $HOME/.ssh
fi
progress "Starting SSH Server"
mkdir -p /var/empty
chmod -R 600 /var/empty
$SSHD
fi
# Check for the SSH2 RSA key
if [ ! -s $RSA2_KEY ] ; then
progress "SSH: generating SSH2 RSA key"
mkdir -p /storage/.cache/ssh
$KEYGEN -q -t rsa -f $RSA2_KEY -C '' -N '' >&/dev/null
chmod 600 $RSA2_KEY
fi
# Check for the SSH2 DSA key
if [ ! -s $DSA2_KEY ] ; then
progress "SSH: generating SSH2 DSA key"
mkdir -p /storage/.cache/ssh
$KEYGEN -q -t dsa -f $DSA2_KEY -C '' -N '' >&/dev/null
chmod 600 $DSA2_KEY
fi
# Check for predifined known hosts file
if [ -f /etc/ssh/known_hosts -a ! -f $HOME/.ssh/known_hosts ] ; then
progress "SSH: setup predifined known hosts"
mkdir -p /$HOME/.ssh
cp /etc/ssh/known_hosts $HOME/.ssh
fi
progress "Starting SSH Server"
mkdir -p /var/empty
chmod -R 600 /var/empty
$SSHD
)&
)&

8
packages/sysutils/busybox/config/profile
View File

@ -30,6 +30,12 @@
debugging)
DEBUG=yes
;;
ssh)
SSH=yes
;;
progress)
PROGRESS=yes
;;
fastboot)
FASTBOOT=yes
;;
@ -43,7 +49,7 @@
# functions
progress() {
if test "$DEBUG" = yes; then
if test "$PROGRESS" = yes; then
logger -s -t Boot "### $1 ###"
else
logger -t Boot "### $1 ###"