sometimes the first time a machine boots power gets pull out and the content of the key files doesn't get sync leading to zero-size keys which permanently prevents ssh access. it's safer to assume that zero-sized files are equivalent to non-existant keys and generate them again.
Signed-off-by: Alejandro Mery <[email protected]> --- meta/recipes-connectivity/openssh/openssh/sshd_check_keys | 8 ++++---- meta/recipes-connectivity/openssh/openssh_7.5p1.bb | 2 ++ 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys index 5463b1a4cb..8cc31c339a 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys @@ -71,19 +71,19 @@ HOST_KEY_ED25519=$(grep ^HostKey "${sshd_config}" | grep _ed25519_ | tail -1 | a [ -z "${HOST_KEY_ED25519}" ] && HOST_KEY_ED25519=$SYSCONFDIR/ssh_host_ed25519_key # create keys if necessary -if [ ! -f $HOST_KEY_RSA ]; then +if [ ! -s $HOST_KEY_RSA ]; then echo " generating ssh RSA key..." generate_key $HOST_KEY_RSA rsa fi -if [ ! -f $HOST_KEY_ECDSA ]; then +if [ ! -s $HOST_KEY_ECDSA ]; then echo " generating ssh ECDSA key..." generate_key $HOST_KEY_ECDSA ecdsa fi -if [ ! -f $HOST_KEY_DSA ]; then +if [ ! -s $HOST_KEY_DSA ]; then echo " generating ssh DSA key..." generate_key $HOST_KEY_DSA dsa fi -if [ ! -f $HOST_KEY_ED25519 ]; then +if [ ! -s $HOST_KEY_ED25519 ]; then echo " generating ssh ED25519 key..." generate_key $HOST_KEY_ED25519 ed25519 fi diff --git a/meta/recipes-connectivity/openssh/openssh_7.5p1.bb b/meta/recipes-connectivity/openssh/openssh_7.5p1.bb index 86ca6ff372..2f178b26d8 100644 --- a/meta/recipes-connectivity/openssh/openssh_7.5p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_7.5p1.bb @@ -8,6 +8,8 @@ SECTION = "console/network" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://LICENCE;md5=e326045657e842541d3f35aada442507" +PR = "r1" + # openssl 1.1 patches are proposed at https://github.com/openssh/openssh-portable/pull/48 DEPENDS = "zlib openssl10" DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" -- 2.15.0 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
