dropbear: add ed25519 for failsafe key

At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use failsafe, we get 'Bad server host key: Invalid key length' To workaround the issue, we can use: ssh -o RSAMinSize=1024 ... Generating 2048 bits RSA is extremely slow, so add ed25519. We keep RSA 1024 to be as compatible as possible. Signed-off-by: N Etienne Champetier <champetier.etienne@gmail.com>

dropbear: add ed25519 for failsafe key
At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use failsafe, we get 'Bad server host key: Invalid key length' To workaround the issue, we can use: ssh -o RSAMinSize=1024 ... Generating 2048 bits RSA is extremely slow, so add ed25519. We keep RSA 1024 to be as compatible as possible. Signed-off-by: N Etienne Champetier <champetier.etienne@gmail.com>
6ac61dea · Etienne Champetier · Hauke Mehrtens · 6b11f0ec · 6ac61dea
隐藏空白更改
内联并排

Showing with 3 addition and 2 deletion

package/network/services/dropbear/files/dropbear.failsafe package/network/services/dropbear/files/dropbear.failsafe +3 -2

未找到文件。
--- a/package/network/services/dropbear/files/dropbear.failsafe
+++ b/package/network/services/dropbear/files/dropbear.failsafe
 #!/bin/sh

 failsafe_dropbear () {
-	dropbearkey -t rsa -s 1024 -f /tmp/dropbear_failsafe_host_key
-	dropbear -r /tmp/dropbear_failsafe_host_key <> /dev/null 2>&1
+	dropbearkey -t rsa -s 1024 -f /tmp/dropbear_rsa_failsafe_host_key
+	dropbearkey -t ed25519 -f /tmp/dropbear_ed25519_failsafe_host_key
+	dropbear -r /tmp/dropbear_rsa_failsafe_host_key -r /tmp/dropbear_ed25519_failsafe_host_key <> /dev/null 2>&1
 }

 boot_hook_add failsafe failsafe_dropbear