ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-04-16 13:31:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

merge of '9879f7138f243bb2077a06e4c9ea925fa34abe2b'

Browse Source 
and 'e28650f207028a45182fc2de545b7bd218d13077'

--HG--
extra : convert_revision : f6be8d819a89338780799d813f64be24d4b8ad84
This commit is contained in:
Matt Johnston 2008-03-27 10:19:36 +00:00
commit 3e29368cbc
7 changed files with 103 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
debian/README.runit vendored
View File

@ -31,16 +31,16 @@ run script
# vi /etc/dropbear/run # vi /etc/dropbear/run
Finally enable the service by linking dropbear's service directory to Finally enable the service through runit's update-service(8) program, the
/var/service/. The service will be started within five seconds, and service will be started within five seconds, and automatically at boot
automatically at boot time. The sysv init script is disabled; see the time, and the sysv init script will automatically be disabled; see the
runsvctrl(8) program for information on how to control services handled by sv(8) program for information on how to control services handled by runit.
runit. See the svlogd(8) program on how to configure the log service. See the svlogd(8) program on how to configure the log service.
# ln -s /etc/dropbear /var/service/ # update-service --add /etc/dropbear
Optionally check the status of the service a few seconds later Optionally check the status of the service a few seconds later
# runsvstat -l /var/service/dropbear # sv status dropbear
-- Gerrit Pape <pape@smarden.org>, Sun, 16 May 2004 15:52:34 +0000 -- Gerrit Pape <pape@smarden.org>, Fri, 02 Mar 2007 20:41:08 +0000

67
debian/changelog vendored
View File

@ -1,14 +1,69 @@
dropbear (0.50-0.1) unstable; urgency=low dropbear (0.50-4) unstable; urgency=low
* New upstream release. * debian/dropbear.init: apply patch from Petter Reinholdtsen: add LSB
formatted dependency info in init.d script (closes: #466257).
* debian/rules: no longer include symlinks for ./supervise/ subdirectories.
* debian/dropbear.postinst: upgrade from << 0.50-4: if dropbear is managed
by runit, remove service, and re-add using update-service(8).
* debian/control: Standards-Version: 3.7.3.0.
* debian/rules: target clean: don't ignore errors but check for readable
./Makefile.
-- Matt Johnston <matt@ucc.asn.au> Wed, 8 Aug 2007 11:22:33 +0800 -- Gerrit Pape <pape@smarden.org> Thu, 06 Mar 2008 19:06:58 +0000
dropbear (0.49-0.1) unstable; urgency=low dropbear (0.50-3) unstable; urgency=low
* New upstream release. * debian/dropbear.init: use the update-service(8) program from the runit
package instead of directly checking for the symlink in /var/service/.
* debian/README.runit: talk about update-service(8) instead of symlinks
in /var/service/.
-- Matt Johnston <matt@ucc.asn.au> Fri, 23 Feb 2007 00:44:00 +0900 -- Gerrit Pape <pape@smarden.org> Fri, 15 Feb 2008 00:32:37 +0000
dropbear (0.50-2) unstable; urgency=low
* debian/dropbear.README.Debian: no longer talk about entropy from
/dev/random, /dev/urandom is now used by default (thx Joey Hess,
closes: #441515).
-- Gerrit Pape <pape@smarden.org> Mon, 24 Sep 2007 16:49:17 +0000
dropbear (0.50-1) unstable; urgency=low
* debian/README.runit: minor.
* new upstream version.
* debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff:
remove; fixed upstream.
-- Gerrit Pape <pape@smarden.org> Thu, 09 Aug 2007 23:01:01 +0000
dropbear (0.49-2) unstable; urgency=low
* debian/rules: apply diffs from debian/diff/ with patch -p1 instead of
-p0.
* debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff:
new; options.h: use /dev/urandom instead of /dev/random as
DROPBEAR_RANDOM_DEV (closes: #386976).
* debian/rules: target clean: remove libtomcrypt/Makefile,
libtommath/Makefile.
-- Gerrit Pape <pape@smarden.org> Sat, 09 Jun 2007 08:59:59 +0000
dropbear (0.49-1) unstable; urgency=high
* new upstream release, fixes
* CVE-2007-1099: dropbear dbclient insufficient warning on hostkey
mismatch (closes: #412899).
* dbclient uses static "Password:" prompt instead of using the server's
prompt (closes: #394996).
* debian/control: Suggests: openssh-client, not ssh (closes: #405686);
Standards-Version: 3.7.2.2.
* debian/README.Debian: ssh -> openssh-server, openssh-client; remove
'Replacing OpenSSH "sshd" with Dropbear' part, this is simply done by not
installing the openssh-server package.
* debian/README.runit: runsvstat -> sv status.
-- Gerrit Pape <pape@smarden.org> Fri, 2 Mar 2007 20:48:18 +0000
dropbear (0.48.1-1) unstable; urgency=medium dropbear (0.48.1-1) unstable; urgency=medium

4
debian/control vendored
View File

@ -3,12 +3,12 @@ Section: net
Priority: optional Priority: optional
Maintainer: Gerrit Pape <pape@smarden.org> Maintainer: Gerrit Pape <pape@smarden.org>
Build-Depends: libz-dev Build-Depends: libz-dev
Standards-Version: 3.6.2.1 Standards-Version: 3.7.3.0
Package: dropbear Package: dropbear
Architecture: any Architecture: any
Depends: ${shlibs:Depends} Depends: ${shlibs:Depends}
Suggests: ssh, runit Suggests: openssh-client, runit
Description: lightweight SSH2 server and client Description: lightweight SSH2 server and client
dropbear is a SSH 2 server and client designed to be small enough to dropbear is a SSH 2 server and client designed to be small enough to
be used in small memory environments, while still being functional and be used in small memory environments, while still being functional and

55
debian/dropbear.README.Debian vendored
View File

@ -1,52 +1,19 @@
Dropbear for Debian Dropbear for Debian
------------------- -------------------
This package will attempt to listen on port 22. If the OpenSSH This package will attempt to setup the Dropbear ssh server to listen on
package ("ssh") is installed, the file /etc/default/dropbear port 22. If the OpenSSH server package ("openssh-server") is installed,
will be set up so that the server does not start by default. the file /etc/default/dropbear will be set up so that the server does not
start by default.
You can run Dropbear concurrently with OpenSSH 'sshd' by You can run Dropbear concurrently with OpenSSH 'sshd' by modifying
modifying /etc/default/dropbear so that "NO_START" is set to /etc/default/dropbear so that "NO_START" is set to "0", and changing the
"0" and changing the port number that Dropbear runs on. Follow port number that Dropbear runs on. Follow the instructions in the file.
the instructions in the file.
This package suggests you install the "ssh" package. This package This package suggests you install the "openssh-client" package, which
provides the "ssh" client program, as well as the "/usr/bin/scp" provides the "ssh" client program, as well as the "/usr/bin/scp" binary
binary you will need to be able to retrieve files from a server you will need to be able to retrieve files via SCP from a server running
running Dropbear via SCP. Dropbear.
Replacing OpenSSH "sshd" with Dropbear
--------------------------------------
You will still want to have the "ssh" package installed, as it
provides the "ssh" and "scp" binaries. When you install this
package, it checks for existing OpenSSH host keys and if found,
converts them to the Dropbear format.
If this appears to have worked, you should be able to change over
by following these steps:
1. Stop the OpenSSH server
% /etc/init.d/ssh stop
2. Prevent the OpenSSH server from starting in the future
% touch /etc/ssh/sshd_not_to_be_run
3. Modify the Dropbear defaults file, set NO_START to 0 and
ensure DROPBEAR_PORT is set to 22.
% editor /etc/default/dropbear
4. Restart the Dropbear server.
% /etc/init.d/dropbear restart
See the Dropbear homepage for more information: See the Dropbear homepage for more information:
http://matt.ucc.asn.au/dropbear/dropbear.html http://matt.ucc.asn.au/dropbear/dropbear.html
Entropy from /dev/random
------------------------
The dropbear binary package is configured at compile time to read
entropy from /dev/random. If /dev/random on a system blocks when
reading data from it, client logins may be delayed until the client
times out. The dropbear server writes a notice to the logs when it
sees /dev/random blocking. A workaround for such systems is to
re-compile the package with DROPBEAR_RANDOM_DEV set to /dev/urandom
in options.h.

11
debian/dropbear.init vendored
View File

@ -1,4 +1,11 @@
#!/bin/sh #!/bin/sh
### BEGIN INIT INFO
# Provides: dropbear
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
### END INIT INFO
# #
# Do not configure this file. Edit /etc/default/dropbear instead! # Do not configure this file. Edit /etc/default/dropbear instead!
# #
@ -17,8 +24,8 @@ set -e
cancel() { echo "$1" >&2; exit 0; }; cancel() { echo "$1" >&2; exit 0; };
test ! -r /etc/default/dropbear || . /etc/default/dropbear test ! -r /etc/default/dropbear || . /etc/default/dropbear
test -x "$DAEMON" || cancel "$DAEMON does not exist or is not executable." test -x "$DAEMON" || cancel "$DAEMON does not exist or is not executable."
test ! -h /var/service/dropbear || \ test ! -x /usr/sbin/update-service || ! update-service --check dropbear ||
cancel '/var/service/dropbear exists, service is controlled through runit.' cancel 'The dropbear service is controlled through runit, use the sv(8) program'
test -z "$DROPBEAR_BANNER" || \ test -z "$DROPBEAR_BANNER" || \
DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER" DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"

8
debian/dropbear.postinst vendored
View File

@ -69,3 +69,11 @@ if test -x /etc/init.d/dropbear; then
/etc/init.d/dropbear restart /etc/init.d/dropbear restart
fi fi
fi fi
if test -n "$2" && dpkg --compare-versions "$2" lt '0.50-4' &&
update-service --check dropbear; then
update-service --remove /etc/dropbear 2>/dev/null || :
sleep 6
rm -rf /var/run/dropbear /var/run/dropbear.log
update-service --add /etc/dropbear || :
fi

9
debian/rules vendored
View File

@ -28,7 +28,7 @@ DIR =$(shell pwd)/debian/dropbear
patch: deb-checkdir patch-stamp patch: deb-checkdir patch-stamp
patch-stamp: patch-stamp:
for i in `ls -1 debian/diff/*.diff || :`; do \ for i in `ls -1 debian/diff/*.diff || :`; do \
patch -p0 <$$i || exit 1; \ patch -p1 <$$i || exit 1; \
done done
touch patch-stamp touch patch-stamp
@ -46,10 +46,11 @@ build-stamp: config.status
touch build-stamp touch build-stamp
clean: deb-checkdir deb-checkuid clean: deb-checkdir deb-checkuid
-$(MAKE) distclean test ! -r Makefile || $(MAKE) distclean
rm -f libtomcrypt/Makefile libtommath/Makefile
test ! -e patch-stamp || \ test ! -e patch-stamp || \
for i in `ls -1r debian/diff/*.diff || :`; do \ for i in `ls -1r debian/diff/*.diff || :`; do \
patch -p0 -R <$$i; \ patch -p1 -R <$$i; \
done done
rm -f patch-stamp build-stamp config.log config.status rm -f patch-stamp build-stamp config.log config.status
rm -rf '$(DIR)' rm -rf '$(DIR)'
@ -76,8 +77,6 @@ install: deb-checkdir deb-checkuid build-stamp
install -d -m0755 '$(DIR)'/etc/dropbear/log install -d -m0755 '$(DIR)'/etc/dropbear/log
install -m0755 debian/service/log '$(DIR)'/etc/dropbear/log/run install -m0755 debian/service/log '$(DIR)'/etc/dropbear/log/run
ln -s /var/log/dropbear '$(DIR)'/etc/dropbear/log/main ln -s /var/log/dropbear '$(DIR)'/etc/dropbear/log/main
ln -s /var/run/dropbear '$(DIR)'/etc/dropbear/supervise
ln -s /var/run/dropbear.log '$(DIR)'/etc/dropbear/log/supervise
# man pages # man pages
install -d -m0755 '$(DIR)'/usr/share/man/man8 install -d -m0755 '$(DIR)'/usr/share/man/man8
for i in dropbear.8 dropbearkey.8; do \ for i in dropbear.8 dropbearkey.8; do \