Opened 12 years ago

Last modified 9 years ago

#20 new enhancement

make debirf ssh module

Reported by: jrollins Owned by: Daniel Kahn Gillmor
Priority: minor Component: debirf
Keywords: Cc:
Sensitive: no

Description (last modified by jrollins)

make a module that causes the network interface to be automatically brought up on boot (presumably via dhcp), and starts an ssh server.

Change History (4)

comment:1 Changed 11 years ago by jrollins

Summary: debirf ssh pluginmake ssh plugin

comment:2 Changed 11 years ago by jrollins

Description: modified (diff)
Summary: make ssh pluginmake debirf ssh module

comment:3 Changed 11 years ago by Daniel Kahn Gillmor

I think the creator of the initramfs should be able to supply a pointer to a set of public keys, which would be used to authenticate the superuser account when the the debirf instance is live.

comment:4 Changed 9 years ago by Daniel Kahn Gillmor

Pavel Piatruk wrote in with this helpful comment:

For openssh-server install we need /dev/urandom configured .. And postinst script tries to start sshd after install. It fails for some reasons (keys are not generated, sshd cant bind to 22 port, etc). I wrote this commands to install openssh properly. I think it could be helpful for other guys. sshd_not_to_be_run is debian-specific file to disable sshd's start. I touched it and then removed.

mkdir -p ${DEBIRF_ROOT}/etc/ssh
touch ${DEBIRF_ROOT}/etc/ssh/sshd_not_to_be_run
rm -f ${DEBIRF_ROOT}/etc/ssh/ssh_host*
ssh-keygen -q -N '' -f ${DEBIRF_ROOT}/etc/ssh/ssh_host_dsa_key -t dsa
ssh-keygen -q -N '' -f ${DEBIRF_ROOT}/etc/ssh/ssh_host_rsa_key -t rsa
debirf_exec aptitude --without-recommends --assume-yes install openssh-server
rm -f ${DEBIRF_ROOT}/etc/ssh/sshd_not_to_be_run
debirf_exec usermod -p `mkpasswd -H md5 p455vv0rd` root

After some testing, we should include pavel's script as a separate module in the next revision of debirf.

Note: See TracTickets for help on using tickets.