mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-12-24 18:27:22 +02:00
this patch allow to set -g option 1. -g allow to make a more secure ssh server configuration by avoiding brute force attack on root while allowing user to use password (where the username is more difficult to guess).
Matthieu from #6736 git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20219 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
parent
176d390d98
commit
c37b60f3dc
@ -37,15 +37,20 @@ dropbear_start()
|
||||
config_get port "${section}" Port
|
||||
# C) banner file
|
||||
local bannerfile
|
||||
config_get bannerfile ${section} BannerFile
|
||||
[ -f $bannerfile ] || bannerfile=''
|
||||
config_get bannerfile "${section}" BannerFile
|
||||
[ -f "$bannerfile" ] || bannerfile=''
|
||||
# D) gatewayports
|
||||
local gatewayports
|
||||
config_get_bool gatewayports "${section}" GatewayPorts 0
|
||||
[ "${gatewayports}" -eq 1 ] || gatewayports=''
|
||||
# E) root password authentication
|
||||
local norootpasswd
|
||||
local rootpassauth
|
||||
config_get_bool rootpassauth "${section}" RootPasswordAuth 1
|
||||
[ "${rootpassauth}" -eq 0 ] && norootpasswd=1
|
||||
# concatenate parameters
|
||||
local args
|
||||
args="${nopasswd:+-s }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
|
||||
args="${nopasswd:+-s }${norootpasswd:+-g }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
|
||||
|
||||
# execute program and return its exit code
|
||||
[ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
|
||||
|
Loading…
Reference in New Issue
Block a user