diff options
| author | Andreas Baumann <mail@andreasbaumann.cc> | 2023-06-16 11:50:25 +0200 |
|---|---|---|
| committer | Andreas Baumann <mail@andreasbaumann.cc> | 2023-06-16 11:50:25 +0200 |
| commit | cf0aaad1f7dbeb98f7089d399c58b77f49b403f0 (patch) | |
| tree | 91ae4206ef18056ab1dd8fa5991492c2a4817c3c | |
| parent | 3b4e1a28ca48625800b7ad408fd88a0f7f342308 (diff) | |
| download | i486tcc-linux-cf0aaad1f7dbeb98f7089d399c58b77f49b403f0.tar.gz i486tcc-linux-cf0aaad1f7dbeb98f7089d399c58b77f49b403f0.tar.bz2 | |
creating keys for dropbear on the host in build dirs
| -rwxr-xr-x | scripts/build.sh | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/scripts/build.sh b/scripts/build.sh index d946127..acd1081 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -406,6 +406,17 @@ if [ ! -f "${BASE}/build/stage1/bin/dropbearmulti" ]; then for i in dbclient dropbearkey dropbear scp ssh; do ln -sf dropbearmulti "${BASE}/build/stage1/bin/${i}" done + # generate keys on the host (as this one has more power than + # the 486, this works on this set of ISAs if the host is AMD64/x86 + # (otherwise we have to build either a host version of dropbear and + # hope the key formats are platform independent or we use qemu-img + # to generate the keys). Generating them here is also a security issue + # as host keys are supposed to be built on each unique host! + mkdir "${BASE}/build/stage1/etc/dropbear" + "${BASE}/build/stage1/bin/dropbearkey" -t rsa -f "${BASE}/build/stage1/etc/dropbear/dropbear_rsa_host_key" + "${BASE}/build/stage1/bin/dropbearkey" -t dss -f "${BASE}/build/stage1//etc/dropbear/dropbear_dss_host_key" + "${BASE}/build/stage1/bin/dropbearkey" -t ecdsa -f "${BASE}/build/stage1//etc/dropbear/dropbear_ecdsa_host_key" + "${BASE}/build/stage1/bin/dropbearkey" -t ed25519 -f "${BASE}/build/stage1//etc/dropbear/dropbear_ed25519_host_key" cd .. else echo "stage1 dropbear exists" |