1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
#!/bin/sh
set -e
showpubkey() {
local keyfile="$1" pubkey
if ! command -v ssh-keygen >/dev/null; then
cat
else
pubkey="$(mktemp --tmpdir -- "${keyfile##*/}-XXXXXXXXXX.pub")"
grep -m1 -E '^(ssh-(rsa|ed25519)|ecdsa-sha2-nistp(256|384|521)) ' >"$pubkey"
ssh-keygen -v -lf "$pubkey" | sed -r "1s@\\S+(\\s+\\([^)]+\\))\$@$keyfile\\1@"
rm -f -- "$pubkey"
fi
}
move_confdir() {
local src="/etc/dropbear-initramfs/$1"
local dest="/etc/dropbear/initramfs/$1"
if [ -e "$src" ] && [ ! -e "$dest" ]; then
mv -T -- "$src" "$dest"
fi
}
if [ "$1" = "configure" ]; then
havehostkey=no
for keytype in rsa ecdsa ed25519; do
keyfile="/etc/dropbear/initramfs/dropbear_${keytype}_host_key"
if [ -e "$keyfile" ]; then
havehostkey=yes
break
fi
done
if [ "$havehostkey" = "no" ]; then
# generate host keys (excluding DSS)
for keytype in rsa ecdsa ed25519; do
keyfile="/etc/dropbear/initramfs/dropbear_${keytype}_host_key"
echo "Generating Dropbear $(echo "$keytype" | tr '[a-z]' '[A-Z]') host key. Please wait." >&2
dropbearkey -t "$keytype" -f "$keyfile" | showpubkey "$keyfile"
done
fi
# XXX here we could read the configured network-config, and use it
# for default values for prompting the user for the
# initramfs-network- config (subsequently writing it to menu.lst:#
# kopt= or lilo.conf), instead of just printing the reminder below.
update-initramfs -u
if ! grep -Eq '^(.*\s)?ip=' /proc/cmdline; then
cat <<-EOT
Dropbear has been added to the initramfs. Don't forget to check
your "ip=" kernel bootparameter to match your desired initramfs
ip configuration.
EOT
fi
fi
#DEBHELPER#
exit 0
|
