NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a67f4c3e29
kumquat-buildroot/package/dropbear/Config.in
Arnout Vandecappelle e146d82b96 dropbear: add help text about key creation 
Commit e7d04dd2d replaced /etc/dropbear with a symlink to /var/run and
updated the start scripts to replace it with a real directory, so the
keys would be persistent. However, it turns out that this is pretty
confusing even for expert users, who don't know how to make the keys
really persistent now.

Update the help text explaining what the issue is, and telling the user
to replace the /etc/dropbear symlink with a symlink to a persistent
directory. Also mention the possiblity of unionfs.

Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-01-12 23:35:08 +01:00

59 lines
1.8 KiB
Plaintext
Raw Blame History

config BR2_PACKAGE_DROPBEAR
bool "dropbear"
select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
help
A small SSH 2 server designed for small memory environments.
Note that dropbear requires a per-device unique host key. The
key will be generated when dropbear starts, but it is not
persistent over reboot (if you have a read-only rootfs) or
upgrade (if you have a read-write rootfs). To make the key
persistent, replace /etc/dropbear with a symlink to a
directory on a persistent, writeable filesystem.
Alternatively, mount a persistent unionfs over your root
filesystem.
http://matt.ucc.asn.au/dropbear/dropbear.html
if BR2_PACKAGE_DROPBEAR
config BR2_PACKAGE_DROPBEAR_CLIENT
bool "client programs"
default y
help
Provides the programs: dbclient, ssh
Note that the following programs are also used server-side
and are therefore always build regardless this setting:
dropbear, dropbearkey, dropbearconvert, scp
config BR2_PACKAGE_DROPBEAR_DISABLE_REVERSEDNS
bool "disable reverse DNS lookups"
help
Disable reverse DNS lookups on connection. This can be handy
on systems without working DNS, as connections otherwise
stall until DNS times out.
config BR2_PACKAGE_DROPBEAR_SMALL
bool "optimize for size"
default y
help
Compile dropbear for the smallest possible binary size.
Tradeoffs are slower hashes and ciphers, and disabling of the
blowfish cipher and zlib.
config BR2_PACKAGE_DROPBEAR_WTMP
bool "log dropbear access to wtmp"
help
Enable logging of dropbear access to wtmp. Notice that
Buildroot does not generate wtmp by default.
config BR2_PACKAGE_DROPBEAR_LASTLOG
bool "log dropbear access to lastlog"
help
Enable logging of dropbear access to lastlog. Notice that
Buildroot does not generate lastlog by default.
endif
Reference in New Issue View Git Blame Copy Permalink