Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / b6f7e109a5f18d50e1d0a09c6e5232b6300a314b
commitb6f7e109a5f18d50e1d0a09c6e5232b6300a314b[log] [tgz]
authorCamVan Nguyen <ctnguyen@us.ibm.com>Tue Feb 20 13:28:52 2018 -0600
committerBrad Bishop <bradleyb@fuzziesquirrel.com>Thu Mar 01 14:00:34 2018 +0000
treec8cee1d076d76cd4f0f01694d88bd293f174fef5
parentfda75e54b2d90855e0edba27f1f94be9bf12b27d [diff]
dropbear: Don't load default host keys

On an ssh connection, we are getting Warning messages similar to below:

dropbear[3956]: Failed loading /etc/dropbear/dropbear_rsa_host_key
dropbear[3956]: Failed loading /etc/dropbear/dropbear_dss_host_key
dropbear[3956]: Failed loading /etc/dropbear/dropbear_ecdsa_host_key

This is because dropbearkey.service creates the RSA host key in
/var/lib/dropbear and does not create any DSS and ECDSA host keys.
And the dropbear service is started with the -r option which
points to /var/lib/dropbear/dropbear_rsa_host_key as the key to
load.  However, dropbear will attempt to load any key specified
by the -r option as well as all 3 keys from the default path
/etc/dropbear.  This is a change to dropbear to not load the 3
keys from /etc/dropbear by default if a key and path is specified
by the dropbear -r option. This will get rid of the above Warning
messages which can fill up the log buffer in a Continuous Test
environment where many ssh connections are made.

This change has been upstreamed.

Resolves openbmc/openbmc#1340
Resolves openbmc/openbmc#1998

Change-Id: I58f8290f68a6eba7e3a77986a8ecb0ebdf321352
Signed-off-by: CamVan Nguyen <ctnguyen@us.ibm.com>
2 files changed
tree: c8cee1d076d76cd4f0f01694d88bd293f174fef5
  1. import-layers/
  2. meta-openbmc-bsp/
  3. meta-openbmc-machines/
  4. meta-phosphor/
  5. bitbakeimport-layers/yocto-poky/bitbake
  6. documentationimport-layers/yocto-poky/documentation
  7. LICENSEimport-layers/yocto-poky/LICENSE
  8. metaimport-layers/yocto-poky/meta
  9. meta-pokyimport-layers/yocto-poky/meta-poky
  10. meta-selftestimport-layers/yocto-poky/meta-selftest
  11. meta-skeletonimport-layers/yocto-poky/meta-skeleton
  12. meta-yocto-bspimport-layers/yocto-poky/meta-yocto-bsp
  13. oe-init-build-envimport-layers/yocto-poky/oe-init-build-env
  14. oe-init-build-env-memresimport-layers/yocto-poky/oe-init-build-env-memres
  15. scriptsimport-layers/yocto-poky/scripts
  16. .gitignore
  17. .gitreview
  18. .templateconf
  19. openbmc-env
  20. README.md
  21. setup
README.md

OpenBMC

Build Status

The OpenBMC project can be described as a Linux distribution for embedded devices that have a BMC; typically, but not limited to, things like servers, top of rack switches or RAID appliances. The OpenBMC stack uses technologies such as Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your server platform.

Setting up your OpenBMC project

1) Prerequisite

  • Ubuntu 14.04
sudo apt-get install -y git build-essential libsdl1.2-dev texinfo gawk chrpath diffstat
  • Fedora 23
sudo dnf install -y git patch diffstat texinfo chrpath SDL-devel bitbake
sudo dnf groupinstall "C Development Tools and Libraries"

2) Download the source

git clone git@github.com:openbmc/openbmc.git
cd openbmc

3) Target your hardware

Any build requires an environment variable known as TEMPLATECONF to be set to a hardware target. OpenBMC has placed all known hardware targets in a standard directory structure meta-openbmc-machines/meta-[architecture]/meta-[company]/meta-[target]. You can see all of the known targets with find meta-openbmc-machines -type d -name conf. Choose the hardware target and then move to the next step. Additional examples can be found in the OpenBMC Cheatsheet

MachineTEMPLATECONF
Palmettometa-openbmc-machines/meta-openpower/meta-ibm/meta-palmetto/conf
Barreleyemeta-openbmc-machines/meta-openpower/meta-rackspace/meta-barreleye/conf
Zaiusmeta-openbmc-machines/meta-openpower/meta-ingrasys/meta-zaius/conf
Witherspoonmeta-openbmc-machines/meta-openpower/meta-ibm/meta-witherspoon/conf

As an example target Palmetto

export TEMPLATECONF=meta-openbmc-machines/meta-openpower/meta-ibm/meta-palmetto/conf

4) Build

. openbmc-env
bitbake obmc-phosphor-image

Additional details can be found in the docs repository.

Build Validation and Testing

Commits submitted by members of the OpenBMC GitHub community are compiled and tested via our Jenkins server. Commits are run through two levels of testing. At the repository level the makefile make check directive is run. At the system level, the commit is built into a firmware image and run with an arm-softmmu QEMU model against a barrage of CI tests.

Commits submitted by non-members do not automatically proceed through CI testing. After visual inspection of the commit, a CI run can be manually performed by the reviewer.

Automated testing against the QEMU model along with supported systems are performed. The OpenBMC project uses the Robot Framework for all automation. Our complete test repository can be found here.

Submitting Patches

Support of additional hardware and software packages is always welcome. Please follow the contributing guidelines when making a submission. It is expected that contributions contain test cases.

Bug Reporting

Issues are managed on GitHub. It is recommended you search through the issues before opening a new one.

Features of OpenBMC

Feature List

  • REST Management
  • IPMI
  • SSH based SOL
  • Power and Cooling Management
  • Event Logs
  • Zeroconf discoverable
  • Sensors
  • Inventory
  • LED Management
  • Host Watchdog
  • Simulation
  • Code Update Support for multiple BMC/BIOS images
  • POWER On Chip Controller (OCC) Support

Features In Progress

  • Full IPMI 2.0 Compliance with DCMI
  • Verified Boot
  • HTML5 Java Script Web User Interface
  • BMC RAS

Features Requested but need help

  • OpenCompute Redfish Compliance
  • OpenBMC performance monitoring
  • cgroup user management and policies
  • Remote KVM
  • Remote USB
  • OpenStack Ironic Integration
  • QEMU enhancements

Finding out more

Dive deeper in to OpenBMC by opening the docs repository.

Contact