[OpenWrt-Devel] [PATCH RESEND packages 1/2] openssh: add openwrt failsafe support

Fri, 22 Nov 2019 04:14:53 -0800 

The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
--- Begin Message --- 
Adds failsafe support to the openssh package.
Roughly based on an earlier patch.

Ref: https://github.com/openwrt/openwrt/pull/865
Signed-off-by: Jeff Kletsky <git-comm...@allycomm.com>
Signed-off-by: Kyle Copperfield <kmcop...@danwin1210.me>
---
 net/openssh/Makefile            |  1 +
 net/openssh/files/sshd.failsafe | 31 +++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100755 net/openssh/files/sshd.failsafe

diff --git a/net/openssh/Makefile b/net/openssh/Makefile
index 97b7fc304..3273180af 100644
--- a/net/openssh/Makefile
+++ b/net/openssh/Makefile
@@ -231,6 +231,7 @@ define Package/openssh-server/install
        sed -r -i 's,^#(HostKey 
/etc/ssh/ssh_host_(rsa|ecdsa|ed25519)_key)$$$$,\1,' $(1)/etc/ssh/sshd_config
        $(INSTALL_DIR) $(1)/etc/init.d
        $(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
+       $(INSTALL_BIN) ./files/sshd.failsafe 
$(1)/lib/preinit/99_10_failsafe_sshd
        $(INSTALL_DIR) $(1)/usr/sbin
        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
 endef
diff --git a/net/openssh/files/sshd.failsafe b/net/openssh/files/sshd.failsafe
new file mode 100755
index 000000000..aee7e7743
--- /dev/null
+++ b/net/openssh/files/sshd.failsafe
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+failsafe_sshd () {
+
+       sshd_tmpdir=/tmp/sshd
+       mkdir ${sshd_tmpdir}
+
+       sed -i 's/^root.*/root::0:17000:::::/g' /etc/shadow
+
+       for type in ecdsa ed25519; do
+               key=${sshd_tmpdir}/ssh_host_${type}_key
+               ssh-keygen -N '' -t ${type} -f ${key}
+       done
+
+       mkdir -m 0700 -p /var/empty
+
+       cat > ${sshd_tmpdir}/sshd_config <<EOF
+
+HostKey ${sshd_tmpdir}/ssh_host_ecdsa_key
+HostKey ${sshd_tmpdir}/ssh_host_ed25519_key
+
+PermitRootLogin        yes
+PermitEmptyPasswords yes
+
+EOF
+
+       /usr/sbin/sshd -f ${sshd_tmpdir}/sshd_config -E ${sshd_tmpdir}/sshd.log
+
+}
+
+boot_hook_add failsafe failsafe_sshd
-- 
2.24.0

--- End Message ---
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Reply via email to