openssh: UsePrivilegeSeparation/StrictModes not needed

packages/network/openssh/package.mk

@@ -63,15 +63,16 @@ post_makeinstall_target() {
   rm -rf $INSTALL/usr/bin/ssh-agent
   rm -rf $INSTALL/usr/bin/ssh-keyscan
 
-  sed -i $INSTALL/etc/ssh/sshd_config -e "s|^#PermitRootLogin.*|PermitRootLogin yes|g"
+  sed -e "s|^#PermitRootLogin.*|PermitRootLogin yes|g" \
+      -e "s|^#StrictModes.*|StrictModes no|g" \
+      -e "s|^#UsePrivilegeSeparation.*|UsePrivilegeSeparation no|g" \
+      -i $INSTALL/etc/ssh/sshd_config
+
   echo "PubkeyAcceptedKeyTypes +ssh-dss" >> $INSTALL/etc/ssh/sshd_config
 
   debug_strip $INSTALL/usr
 }
 
 post_install() {
-  add_user sshd x 74 74 "Privilege-separated SSH" "/var/empty/sshd" "/bin/sh"
-  add_group sshd 74
-
   enable_service sshd.service
 }

packages/network/openssh/tmpfiles.d/z_04_openssh.conf

@@ -16,6 +16,5 @@
 #  along with OpenELEC.  If not, see <http://www.gnu.org/licenses/>.
 ################################################################################
 
-d    /var/empty              0600 root root - -
 d    /storage/.cache/ssh     0755 root root - -
 d    /storage/.ssh           0700 root root - -

packages/sysutils/busybox/config/busybox-init.conf

@@ -217,8 +217,8 @@ CONFIG_FEATURE_TR_EQUIV=y
 # CONFIG_CAL is not set
 # CONFIG_CATV is not set
 # CONFIG_CHGRP is not set
-CONFIG_CHMOD=y
-CONFIG_CHOWN=y
+# CONFIG_CHMOD is not set
+# CONFIG_CHOWN is not set
 # CONFIG_FEATURE_CHOWN_LONG_OPTIONS is not set
 CONFIG_CHROOT=y
 # CONFIG_CKSUM is not set

packages/sysutils/busybox/scripts/init

@@ -988,10 +988,6 @@
       mount_part "/dev/$IMAGE_SYSTEM" "/sysroot" "ro,loop"
     fi
 
-    # Just in case... problems with ssh if not correctly owned
-    chown 0:0 /storage 2>/dev/null
-    chmod 755 /storage 2>/dev/null
-
     mount --move /flash /sysroot/flash
     mount --move /storage /sysroot/storage