mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-12-25 06:38:57 +02:00
this patch allow to set -g option 1. -g allow to make a more secure ssh server configuration by avoiding brute force attack on root while allowing user to use password (where the username is more difficult to guess).
Matthieu from #6736 git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20219 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
parent
176d390d98
commit
c37b60f3dc
@ -37,15 +37,20 @@ dropbear_start()
|
|||||||
config_get port "${section}" Port
|
config_get port "${section}" Port
|
||||||
# C) banner file
|
# C) banner file
|
||||||
local bannerfile
|
local bannerfile
|
||||||
config_get bannerfile ${section} BannerFile
|
config_get bannerfile "${section}" BannerFile
|
||||||
[ -f $bannerfile ] || bannerfile=''
|
[ -f "$bannerfile" ] || bannerfile=''
|
||||||
# D) gatewayports
|
# D) gatewayports
|
||||||
local gatewayports
|
local gatewayports
|
||||||
config_get_bool gatewayports "${section}" GatewayPorts 0
|
config_get_bool gatewayports "${section}" GatewayPorts 0
|
||||||
[ "${gatewayports}" -eq 1 ] || gatewayports=''
|
[ "${gatewayports}" -eq 1 ] || gatewayports=''
|
||||||
|
# E) root password authentication
|
||||||
|
local norootpasswd
|
||||||
|
local rootpassauth
|
||||||
|
config_get_bool rootpassauth "${section}" RootPasswordAuth 1
|
||||||
|
[ "${rootpassauth}" -eq 0 ] && norootpasswd=1
|
||||||
# concatenate parameters
|
# concatenate parameters
|
||||||
local args
|
local args
|
||||||
args="${nopasswd:+-s }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
|
args="${nopasswd:+-s }${norootpasswd:+-g }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
|
||||||
|
|
||||||
# execute program and return its exit code
|
# execute program and return its exit code
|
||||||
[ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
|
[ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
|
||||||
|
Loading…
Reference in New Issue
Block a user