dropbear: Don't load default host keys
On an ssh connection, we are getting Warning messages similar to below:
dropbear[3956]: Failed loading /etc/dropbear/dropbear_rsa_host_key
dropbear[3956]: Failed loading /etc/dropbear/dropbear_dss_host_key
dropbear[3956]: Failed loading /etc/dropbear/dropbear_ecdsa_host_key
This is because dropbearkey.service creates the RSA host key in
/var/lib/dropbear and does not create any DSS and ECDSA host keys.
And the dropbear service is started with the -r option which
points to /var/lib/dropbear/dropbear_rsa_host_key as the key to
load. However, dropbear will attempt to load any key specified
by the -r option as well as all 3 keys from the default path
/etc/dropbear. This is a change to dropbear to not load the 3
keys from /etc/dropbear by default if a key and path is specified
by the dropbear -r option. This will get rid of the above Warning
messages which can fill up the log buffer in a Continuous Test
environment where many ssh connections are made.
This change has been upstreamed.
Resolves openbmc/openbmc#1340
Resolves openbmc/openbmc#1998
Change-Id: I58f8290f68a6eba7e3a77986a8ecb0ebdf321352
Signed-off-by: CamVan Nguyen <ctnguyen@us.ibm.com>
2 files changed