dropbear: use OpenSSH's sftp-server
OpenSSH recently switched their scp client to default to using the sftp
protocol instead of the legacy scp protocol [0]. There's still an
opt-in flag (-O) available to switch it back, but it'd be nicer to not
require it, and avoid the (sometimes problematic, security-wise)
escaping/interpretation quirks of the scp protocol. (This also allows
using other file-transfer clients like sftp and sshfs.) We're already
compiling dropbear with sftp support anyway, it's just missing the
sftp-server binary.
Tested: in an e3c246d4i build, this increased the squashfs image size by
48KiB, or about 0.25%. With it installed, an OpenSSH scp binary
compiled from current upstream HEAD (commit b0ec59a708b4) could
successfully transfer files to and from the BMC both with and without
the '-O' flag.
[0] https://lists.mindrot.org/pipermail/openssh-unix-dev/2021-September/039616.html
Signed-off-by: Zev Weiss <zev@bewilderbeest.net>
Change-Id: I533046cfc85f90307c188ad42ca5c2cedeadfab4
diff --git a/meta-phosphor/recipes-core/dropbear/dropbear_%.bbappend b/meta-phosphor/recipes-core/dropbear/dropbear_%.bbappend
index 731f201..5113c66 100644
--- a/meta-phosphor/recipes-core/dropbear/dropbear_%.bbappend
+++ b/meta-phosphor/recipes-core/dropbear/dropbear_%.bbappend
@@ -6,3 +6,7 @@
file://localoptions.h \
file://dropbear.default \
"
+
+# pull in OpenSSH's /usr/libexec/sftp-server so we don't have to rely
+# on the crufty old scp protocol for file transfer
+RDEPENDS:${PN} += "openssh-sftp-server"