From 0422754bce96ada3b228333f1eb3db8cf11cd862 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Sun, 11 Apr 2010 23:37:33 +0200
Subject: dropbear: reenable DSS algo support

Tragically, disabling DSS support in order to prevent an error message
from showing up at startup (because of missing dss host key) also
disables support for pubkey auth using DSS keys. And guess which type
mine is. ;)
To provide a usable compromise, make dropbear.init generate the formerly
missing dss host key. So there won't be any error message, either.
Probably this fixes for hosts not being able to authenticate using an
RSS host key, too.
---
 package/dropbear/files/dropbear.init | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'package/dropbear/files')

diff --git a/package/dropbear/files/dropbear.init b/package/dropbear/files/dropbear.init
index 4a7d7a875..9983e943c 100644
--- a/package/dropbear/files/dropbear.init
+++ b/package/dropbear/files/dropbear.init
@@ -27,6 +27,14 @@ start)
 		test $rv = 0 || exit 1
 		test -f /etc/dropbear/dropbear_rsa_host_key || exit 1
 	fi
+	if test ! -f /etc/dropbear/dropbear_dss_host_key; then
+		# take it easy here, since above already catched the worst cases
+		if test -x /usr/bin/dropbearkey; then
+			bothlog "dropbear: generating SSH private key (DSS)"
+			/usr/bin/dropbearkey -f /etc/dropbear/dropbear_dss_host_key -t dss
+			bothlog dropbear: key generation exited with code $?
+		fi
+	fi
 	/usr/sbin/dropbear $dropbear_flags
 	;;
 stop)
-- 
cgit v1.2.3