Generate SSH host key on first boot

2024-10-13 10:35:19 +02:00 · 2024-10-13 10:35:19 +02:00 · 2d315fdf26
parent 82e6fdf194
commit 2d315fdf26
3 changed files with 10 additions and 17 deletions
--- a/sw/22_prepare_sdcard.sh
+++ b/sw/22_prepare_sdcard.sh
@ -29,11 +29,6 @@ cp -a "$BUILDROOT_DIR/output/images/rootfs.cpio.uboot" "$SDCARD_DIR"
 # Wrap U-Boot script in image file
 $MKIMAGE -A arm -T script -d config/uboot_script.txt "$SDCARD_DIR/boot.scr"

-# Create SSH host key for embedded system
-if [ ! -f "$SDCARD_DIR/dropbear_ed25519_host_key" ]; then
-    dropbearkey -t ed25519 -f "$SDCARD_DIR/dropbear_ed25519_host_key"
-fi
-
 # Copy FPGA firmware
 cp -a $FIRMWARE_FILES "$SDCARD_DIR"

--- a/sw/buildroot_overlay/etc/init.d/S10prepare_dropbear.sh
+++ b/sw/buildroot_overlay/etc/init.d/S10prepare_dropbear.sh
@ -3,6 +3,8 @@
 # Load SSH host key from SD card.
 #

+. /opt/puzzlefw/lib/functions.sh
+
 start() {

    # If host key exists, do nothing.
@ -14,20 +16,15 @@ start() {
    # Create directory /etc/dropbear if it does not exist.
    mkdir -p /etc/dropbear

-    # Try to copy SSH host key from SD card.
-    mkdir -p /mnt/tmp_sdcard
-    mount -t vfat -o fmask=0177 -r /dev/mmcblk0p1 /mnt/tmp_sdcard
-
-    if ! cp -p /mnt/tmp_sdcard/dropbear_ed25519_host_key /etc/dropbear ; then
+    # Try to copy SSH host key from configuration files.
+    if ! cp -p ${CONFIG_DIR}/dropbear_ed25519_host_key /etc/dropbear ; then
        echo "WARNING: Failed to load SSH host key from SD card" >&2
-        umount /mnt/tmp_sdcard
-        rmdir /mnt/tmp_sdcard
-        exit 1
+        echo "Generating new SSH host key." >&2
+        dropbearkey -t ed25519 -f ${CONFIG_DIR}/dropbear_ed25519_host_key.new
+        sync_config dropbear_ed25519_host_key
+        cp -p ${CONFIG_DIR}/dropbear_ed25519_host_key /etc/dropbear
    fi

-    umount /mnt/tmp_sdcard
-    rmdir /mnt/tmp_sdcard
-
    chmod 0600 /etc/dropbear/dropbear_ed25519_host_key
 }

--- a/sw/buildroot_overlay/opt/puzzlefw/lib/functions.sh
+++ b/sw/buildroot_overlay/opt/puzzlefw/lib/functions.sh
@ -32,7 +32,8 @@ read_config() {
    mount -t ext4 -r -o noatime,data=journal /dev/${CONFIG_PARTITION} $CONFIG_MOUNTPOINT || return 1

    # Copy config files to RAM filesystem.
-    cp -a ${CONFIG_MOUNTPOINT}/*.conf $CONFIG_DIR
+    cp -a ${CONFIG_MOUNTPOINT}/*.conf $CONFIG_DIR || true
+    cp -a ${CONFIG_MOUNTPOINT}/dropbear_* $CONFIG_DIR || true

    umount $CONFIG_MOUNTPOINT
 }