diff --git a/sw/buildroot_overlay/etc/default/dropbear b/sw/buildroot_overlay/etc/default/dropbear new file mode 100644 index 0000000..bfd61e0 --- /dev/null +++ b/sw/buildroot_overlay/etc/default/dropbear @@ -0,0 +1,13 @@ +# Read config file to see if SSH server must be started. + +start_ssh=0 + +if [ -f /var/lib/puzzlefw/cfg/start_ssh.conf ]; then + . /var/lib/puzzlefw/cfg/start_ssh.conf +fi + +if [ "${start_ssh}" -ne 1 ]; then + echo "SSH server disabled in configuration, not starting dropbear." + exit 1 +fi + diff --git a/sw/buildroot_overlay/etc/init.d/S03read_config.sh b/sw/buildroot_overlay/etc/init.d/S03read_config.sh index 55aba3d..04ae8f1 100755 --- a/sw/buildroot_overlay/etc/init.d/S03read_config.sh +++ b/sw/buildroot_overlay/etc/init.d/S03read_config.sh @@ -5,11 +5,32 @@ . /opt/puzzlefw/lib/functions.sh +# Copy SSH host key from configuration partition. +copy_ssh_host_key() { + + # If host key exists, do nothing. + [ -f /etc/dropbear/dropbear_ed25519_host_key ] && return + + # If /etc/dropbear is a symlink, delete it. + [ -L /etc/dropbear ] && rm /etc/dropbear + + # Create directory /etc/dropbear if it does not exist. + mkdir -p /etc/dropbear + + # Try to copy SSH host key from configuration files. + if ! cp -p ${CONFIG_DIR}/dropbear_ed25519_host_key /etc/dropbear ; then + echo "WARNING: Failed to load SSH host key from SD card" >&2 + fi + + chmod 0600 /etc/dropbear/dropbear_ed25519_host_key || true +} + case "$1" in start) echo "Reading configuration files from SD card ..." lock_config || exit 1 read_config || exit 1 + copy_ssh_host_key ;; stop|restart|reload) true diff --git a/sw/buildroot_overlay/etc/init.d/S10prepare_dropbear.sh b/sw/buildroot_overlay/etc/init.d/S10prepare_dropbear.sh deleted file mode 100755 index 2fd8614..0000000 --- a/sw/buildroot_overlay/etc/init.d/S10prepare_dropbear.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/sh -# -# Load SSH host key from SD card. -# - -. /opt/puzzlefw/lib/functions.sh - -start() { - - # If host key exists, do nothing. - [ -f /etc/dropbear/dropbear_ed25519_host_key ] && return - - # If /etc/dropbear is a symlink, delete it. - [ -L /etc/dropbear ] && rm /etc/dropbear - - # Create directory /etc/dropbear if it does not exist. - mkdir -p /etc/dropbear - - # Try to copy SSH host key from configuration files. - if ! cp -p ${CONFIG_DIR}/dropbear_ed25519_host_key /etc/dropbear ; then - echo "WARNING: Failed to load SSH host key from SD card" >&2 - echo "Generating new SSH host key." >&2 - dropbearkey -t ed25519 -f ${CONFIG_DIR}/dropbear_ed25519_host_key.new - sync_config dropbear_ed25519_host_key - cp -p ${CONFIG_DIR}/dropbear_ed25519_host_key /etc/dropbear - fi - - chmod 0600 /etc/dropbear/dropbear_ed25519_host_key -} - -case "$1" in - start) - start - ;; - stop|restart|reload) - ;; - *) - echo "Usage: $0 start" - exit 1 -esac - diff --git a/sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-sshcfg b/sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-sshcfg new file mode 100755 index 0000000..9e1cc3d --- /dev/null +++ b/sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-sshcfg @@ -0,0 +1,105 @@ +#!/bin/sh +# +# Enable or disable SSH server. +# + +. /opt/puzzlefw/lib/functions.sh + +# Show current configuration. +show() { + + start_ssh=0 + if [ -f ${CONFIG_DIR}/start_ssh.conf ]; then + . ${CONFIG_DIR}/start_ssh.conf + fi + + if [ "${start_ssh}" -eq 1 ]; then + echo "Current setting: start SSH on boot" + else + echo "Current setting: do not start SSH on boot" + fi + + if [ -f ${CONFIG_DIR}/dropbear_ed25519_host_key ]; then + dropbearkey -y -f ${CONFIG_DIR}/dropbear_ed25519_host_key + fi +} + +# Generate persistent SSH host key, if necessary. +gen_key() { + + # Do nothing if host key already exists in config partition. + [ -f ${CONFIG_DIR}/dropbear_ed25519_host_key ] && return + + # If no host key exists, generate it. + if [ ! -f /etc/dropbear/dropbear_ed25519_host_key ]; then + + echo "Generating SSH host key ..." + + # If /etc/dropbear is a symlink, delete it. + [ -L /etc/dropbear ] && rm /etc/dropbear + + # Create directory /etc/dropbear if it does not exist. + mkdir -p /etc/dropbear + + # Generate host key. + dropbearkey -t ed25519 -f /etc/dropbear/dropbear_ed25519_host_key + fi + + echo "Writing SSH host key to config partition ..." + + cp -a /etc/dropbear/dropbear_ed25519_host_key ${CONFIG_DIR}/dropbear_ed25519_host_key.new + sync_config dropbear_ed25519_host_key || exit 1 +} + +# Enable starting SSH server during boot. +enable() { + + lock_config || exit 1 + + gen_key + + echo "Enabling SSH server start on boot ..." + + echo "start_ssh=1" > ${CONFIG_DIR}/start_ssh.conf.new + sync_config start_ssh.conf || exit 1 +} + +# Disable starting SSH server during boot. +disable() { + + lock_config || exit 1 + + echo "Disabling SSH server start on boot ..." + + echo "start_ssh=0" > ${CONFIG_DIR}/start_ssh.conf.new + sync_config start_ssh.conf || exit 1 +} + +case "$1" in + show) + show + ;; + enable) + enable + ;; + disable) + disable + ;; + *) + script="${0##*/}" + cat <