diff -u dropbear_initrd_encrypt/dropbear_hook dropbear_initrd_encrypt-new/dropbear_hook
--- dropbear_initrd_encrypt/dropbear_hook 1970-01-01 10:13:08.000000000 +0100
+++ dropbear_initrd_encrypt-new/dropbear_hook 2010-12-20 13:15:10.000000000 +0100
@@ -7,7 +7,7 @@
NETMASK="255.255.255.0"
GATEWAY="192.168.1.1"
- echo "setting static ip"
+ echo "Setting static IP address."
/sbin/ifconfig $DEV $IP netmask $NETMASK up
/sbin/route add default gw $GATEWAY
diff -u dropbear_initrd_encrypt/dropbear_initrd_encrypt.install dropbear_initrd_encrypt-new/dropbear_initrd_encrypt.install
--- dropbear_initrd_encrypt/dropbear_initrd_encrypt.install 1970-01-01 10:13:08.000000000 +0100
+++ dropbear_initrd_encrypt-new/dropbear_initrd_encrypt.install 2010-12-20 13:20:33.000000000 +0100
@@ -3,19 +3,25 @@
mkdir -p /etc/dropbear
touch /etc/dropbear/root_key
chmod 600 /etc/dropbear/root_key
-
- echo "insert ssh public key into '/etc/dropbear/root_key' (cat ~/.ssh/id_rsa.pub >> /etc/dropbear/root_key)"
- echo "set DEV, IP, NETMASK and GATEWAY in '/lib/initcpio/hooks/dropbear' "
- echo "insert 'dropbear encryptssh' before 'filesystems' into 'HOOKS' in '/etc/mkinitcpio.conf' "
- echo "and then run as root 'mkinitcpio -p kernel26'"
+
+ cat <<EOH
+1. Insert your SSH public key into /etc/dropbear/root_key
+2. Set DEV, IP, NETMASK and GATEWAY in /lib/initcpio/hooks/dropbear
+3. Insert 'dropbear encryptssh' before 'filesystems' into HOOKS in /etc/mkinitcpio.conf
+4. Run as root: mkinitcpio -p kernel26
+EOH
}
post_remove() {
- echo "remove 'net dropbear encryptssh' from 'HOOKS' in '/etc/mkinitcpio.conf' "
- echo "run 'mkinitcpio -p kernel26'"
+ cat <<EOH
+1. Remove 'dropbear encryptssh' from HOOKS in /etc/mkinitcpio.conf
+2. Run as root: mkinitcpio -p kernel26
+EOH
}
post_upgrade() {
- echo "set DEV, IP, NETMASK and GATEWAY in '/lib/initcpio/hooks/dropbear' "
- echo "and then run as root 'mkinitcpio -p kernel26'"
-}
\ Kein Zeilenumbruch am Dateiende.
+ cat <<EOH
+1. Set DEV, IP, NETMASK and GATEWAY in /lib/initcpio/hooks/dropbear
+2. Run as root: mkinitcpio -p kernel26
+EOH
+}
diff -u dropbear_initrd_encrypt/dropbear_install dropbear_initrd_encrypt-new/dropbear_install
--- dropbear_initrd_encrypt/dropbear_install 1970-01-01 10:13:08.000000000 +0100
+++ dropbear_initrd_encrypt-new/dropbear_install 2010-12-20 13:20:11.000000000 +0100
@@ -1,28 +1,40 @@
# vim: set ft=sh:
get_fingerprint() {
- local keyfile="$1"
- dropbearkey -y -f "${keyfile}" | sed -n '/^Fingerprint:/ {s/Fingerprint: *//; p}'
+ local keyfile="$1"
+ dropbearkey -y -f "${keyfile}" | sed -n '/^Fingerprint:/ {s/Fingerprint: *//; p}'
}
display_fingerprints() {
- local keyfile
+ local keyfile
- for keyfile in "/etc/dropbear/dropbear_dss_host_key" "/etc/dropbear/dropbear_rsa_host_key" ; do
- if [ ! -r "${keyfile}" ] ; then
- return 1
- fi
- echo "$(basename "${keyfile}") : $(get_fingerprint "${keyfile}")"
- done
+ for keyfile in "/etc/dropbear/dropbear_dss_host_key" "/etc/dropbear/dropbear_rsa_host_key" ; do
+ if [ ! -r "${keyfile}" ] ; then
+ return 1
+ fi
+ echo "$(basename "${keyfile}") : $(get_fingerprint "${keyfile}")"
+ done
+}
+
+copy_openssh_keys() {
+ local osshrsa="/etc/ssh/ssh_host_rsa_key"
+ local osshdsa="/etc/ssh/ssh_host_dsa_key"
+
+ local dbpre="/etc/dropbear/dropbear_"
+
+ [ -f "$osshrsa" ] && [ -f "$osshdsa" ] || return 1
+
+ dropbearconvert openssh dropbear $osshrsa ${dbpre}rsa_host_key
+ dropbearconvert openssh dropbear $osshdsa ${dbpre}dss_host_key
}
generate_keys() {
- local keyfile keytype
- for keytype in dss rsa ; do
- keyfile="/etc/dropbear/dropbear_${keytype}_host_key"
- echo "Generating ${keytype} host key for dropbear ..."
- dropbearkey -t "${keytype}" -f "${keyfile}"
- done
+ local keyfile keytype
+ for keytype in dss rsa ; do
+ keyfile="/etc/dropbear/dropbear_${keytype}_host_key"
+ echo "Generating ${keytype} host key for dropbear ..."
+ dropbearkey -t "${keytype}" -f "${keyfile}"
+ done
}
make_etc_passwd() {
@@ -45,7 +57,7 @@
[ -d /etc/dropbear ] && mkdir -p /etc/dropbear
- display_fingerprints || generate_keys
+ display_fingerprints || copy_openssh_keys || generate_keys
[ -e "${TMPDIR}/passwd" ] && ( grep -q -e '^root:' "${TMPDIR}/passwd" ) || make_etc_passwd
diff -u dropbear_initrd_encrypt/PKGBUILD dropbear_initrd_encrypt-new/PKGBUILD
--- dropbear_initrd_encrypt/PKGBUILD 1970-01-01 10:13:08.000000000 +0100
+++ dropbear_initrd_encrypt-new/PKGBUILD 2010-12-20 13:23:13.000000000 +0100
@@ -1,8 +1,9 @@
-# Maintainer: allspark <allspark at cyb0rg dot org>
+# Maintainer: allspark <allspark at planetcyborg dot org>
+# Contributor: henning mueller <henning@orgizm.net>
pkgname=dropbear_initrd_encrypt
-pkgver=0.7
-pkgrel=4
+pkgver=0.8
+pkgrel=1
pkgdesc="enables ssh in initrd to type root luks passphrase "
arch=('i686' 'x86_64')
url="http://allspark.cyb0rg.org/?p=38"
@@ -20,8 +21,8 @@
source=("dropbear_hook" "dropbear_install" "encryptssh_hook" "encryptssh_install")
noextract=()
-md5sums=('25204806eaabca26f2a1a46d2be5ebc9'
- 'ef8c37bdc722d048eb1e9dd41c6ecf30'
+md5sums=('a0fb6a9043b246b6d70d2897912784a0'
+ '99bd9eeff3a4e340667da77caf53e064'
'ae42b969ca6d2ea3acfb38880070aec5'
'ae4d3533d178833904dd65965f251c85')