1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-12-25 06:38:57 +02:00

this patch allow to set -g option 1. -g allow to make a more secure ssh server configuration by avoiding brute force attack on root while allowing user to use password (where the username is more difficult to guess).

Matthieu
from #6736

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20219 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
thepeople 2010-03-14 21:26:45 +00:00
parent 176d390d98
commit c37b60f3dc

View File

@ -37,15 +37,20 @@ dropbear_start()
config_get port "${section}" Port
# C) banner file
local bannerfile
config_get bannerfile ${section} BannerFile
[ -f $bannerfile ] || bannerfile=''
config_get bannerfile "${section}" BannerFile
[ -f "$bannerfile" ] || bannerfile=''
# D) gatewayports
local gatewayports
config_get_bool gatewayports "${section}" GatewayPorts 0
[ "${gatewayports}" -eq 1 ] || gatewayports=''
# E) root password authentication
local norootpasswd
local rootpassauth
config_get_bool rootpassauth "${section}" RootPasswordAuth 1
[ "${rootpassauth}" -eq 0 ] && norootpasswd=1
# concatenate parameters
local args
args="${nopasswd:+-s }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
args="${nopasswd:+-s }${norootpasswd:+-g }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
# execute program and return its exit code
[ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"