Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / obmc-console / refs/heads/master^! / .
commit302f617c0cec01dc6efd30df17f55d50155912f0[log] [tgz]
authorMatt Johnston <matt@codeconstruct.com.au>Wed Dec 10 14:42:33 2025 +0900
committerMatt Johnston <matt@codeconstruct.com.au>Wed Dec 10 14:42:33 2025 +0900
tree03c9b067eb72a88787dd99b343e78ed1e664c378
parentd972ab558efb5d23790c4638a3012de6c06a7fad [diff]
service files: Disable tcp and unix forwarding

TCP and unix stream SSH forwarding are not used for obmc-console, so
disable it in dropbear arguments.

Signed-off-by: Matt Johnston <matt@codeconstruct.com.au>
Change-Id: I498f7ee8ee7f91474e02c077f2df1871dcee39ba

diff --git a/conf/obmc-console-ssh@.service.d/use-socket.conf.in b/conf/obmc-console-ssh@.service.d/use-socket.conf.in
index 3f827dd..2b7a791 100644
--- a/conf/obmc-console-ssh@.service.d/use-socket.conf.in
+++ b/conf/obmc-console-ssh@.service.d/use-socket.conf.in

@@ -5,5 +5,6 @@
                               -r ${DROPBEAR_RSAKEY_DIR}/dropbear_ecdsa_host_key \
                               -r ${DROPBEAR_RSAKEY_DIR}/dropbear_ed25519_host_key \
                               -c "/usr/bin/obmc-console-client" \
+                              -j -k \
                               -i $DROPBEAR_EXTRA_ARGS
 StandardInput=socket

diff --git a/conf/obmc-console-ssh@.service.in b/conf/obmc-console-ssh@.service.in
index 7ea7d35..fadcfe0 100644
--- a/conf/obmc-console-ssh@.service.in
+++ b/conf/obmc-console-ssh@.service.in

@@ -14,6 +14,7 @@
                              -r ${DROPBEAR_RSAKEY_DIR}/dropbear_ecdsa_host_key \
                              -r ${DROPBEAR_RSAKEY_DIR}/dropbear_ed25519_host_key \
                              -c "/usr/bin/obmc-console-client -c /etc/obmc-console/client.%i.conf" \
+                             -j -k \
                              -p %i \
                              -F $DROPBEAR_EXTRA_ARGS
 SyslogIdentifier=console-client-%i