diff options
author | Juergen Daubert <jue@jue.li> | 2019-03-13 16:11:11 +0100 |
---|---|---|
committer | Juergen Daubert <jue@jue.li> | 2019-03-13 16:11:11 +0100 |
commit | 7a26eec621b616d4170ddaf46ae6f6e9fec7c2d7 (patch) | |
tree | cf111d300c47bc308395cacf27d601187ee1c26c /dropbear | |
parent | 6612f55c16516e0aee915758b6d6622e834fb05b (diff) | |
download | opt-7a26eec621b616d4170ddaf46ae6f6e9fec7c2d7.tar.gz opt-7a26eec621b616d4170ddaf46ae6f6e9fec7c2d7.tar.xz |
dropbear: enable PAM
Diffstat (limited to 'dropbear')
-rw-r--r-- | dropbear/.footprint | 2 | ||||
-rw-r--r-- | dropbear/.signature | 9 | ||||
-rw-r--r-- | dropbear/Pkgfile | 16 | ||||
-rw-r--r-- | dropbear/dropbear.pam | 14 | ||||
-rw-r--r-- | dropbear/dropbear.rc (renamed from dropbear/dropbear) | 0 |
5 files changed, 31 insertions, 10 deletions
diff --git a/dropbear/.footprint b/dropbear/.footprint index 09ceeab9b..7ac4ff205 100644 --- a/dropbear/.footprint +++ b/dropbear/.footprint @@ -1,5 +1,7 @@ drwxr-xr-x root/root etc/ drwxr-xr-x root/root etc/dropbear/ +drwxr-xr-x root/root etc/pam.d/ +-rw-r--r-- root/root etc/pam.d/dropbear drwxr-xr-x root/root etc/rc.d/ -rwxr-xr-x root/root etc/rc.d/dropbear drwxr-xr-x root/root usr/ diff --git a/dropbear/.signature b/dropbear/.signature index 704c6c267..6a75a82b7 100644 --- a/dropbear/.signature +++ b/dropbear/.signature @@ -1,7 +1,8 @@ untrusted comment: verify with /etc/ports/opt.pub -RWSE3ohX2g5d/fYoSjOlXrVgdVZjSJWCm9ISaxGKVH365kFEj0OWUVRz5fTnuy3CfkroLhr8DzWaVMFqavELeCW0PE2EXJhHpwc= -SHA256 (Pkgfile) = 6e5947b4c0a75449ab2677121757588e436f4420278b90f2427ddf43f2a338f2 -SHA256 (.footprint) = 62bfe7191a20fcd5f6ec3511c951dee47aefdae734f7d616302e6bfc3a0c1923 +RWSE3ohX2g5d/ZwHjbSnatGBORtIE4uG5o+PIXXWF5S+DlHlDX+7Fz3UDD6c3rOvcXIQeoc5loAsc52uNfW5wb3CEwcWtekLdAw= +SHA256 (Pkgfile) = 0c088019d09c895614d2fe8e449a4ac61b3657ef3b53d5faacf85d6c76aa90e1 +SHA256 (.footprint) = 5d47799d69d21b860be70eb9e767298617679bcee2140d245cbc74f4a2a4502e SHA256 (dropbear-2018.76.tar.bz2) = f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65 -SHA256 (dropbear) = def8d4ebda5759a3bc55055957235fa47f7e40216badf07830f487f05e7fbd42 +SHA256 (dropbear.rc) = def8d4ebda5759a3bc55055957235fa47f7e40216badf07830f487f05e7fbd42 +SHA256 (dropbear.pam) = 0c0aff342e586e64f2d2a814ef127a2748b223e746c3efccfccc91a5aadbce4a SHA256 (CVE-2018-15599.diff) = 42b5720cf6c888638cfb84fdd862fc0d323b2e023cbe5f9ccdaa2e0c35b6873e diff --git a/dropbear/Pkgfile b/dropbear/Pkgfile index 2315df8f0..a8349d886 100644 --- a/dropbear/Pkgfile +++ b/dropbear/Pkgfile @@ -1,25 +1,29 @@ # Description: Small and secure SSH2 server and client # URL: http://matt.ucc.asn.au/dropbear/dropbear.html # Maintainer: Juergen Daubert, jue at crux dot nu -# Depends on: zlib +# Depends on: zlib linux-pam name=dropbear version=2018.76 -release=2 +release=3 source=(http://matt.ucc.asn.au/$name/releases/$name-$version.tar.bz2 \ - $name CVE-2018-15599.diff) + dropbear.rc dropbear.pam CVE-2018-15599.diff) build () { cd $name-$version patch -p1 -i $SRC/CVE-2018-15599.diff + sed '/pam_start/s/sshd/dropbear/' -i svr-authpam.c echo '#define SFTPSERVER_PATH "/usr/lib/ssh/sftp-server"' > localoptions.h + echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> localoptions.h + echo '#define DROPBEAR_SVR_PAM_AUTH 1' >> localoptions.h - ./configure --prefix=/usr + ./configure --prefix=/usr --enable-pam make make DESTDIR=$PKG install - install -d $PKG/etc/{rc.d,dropbear}/ - install -D -m 755 $SRC/dropbear $PKG/etc/rc.d/ + install -d $PKG/etc/{rc.d,pam.d,dropbear} + install -m 755 $SRC/dropbear.rc $PKG/etc/rc.d/dropbear + install -m 644 $SRC/dropbear.pam $PKG/etc/pam.d/dropbear } diff --git a/dropbear/dropbear.pam b/dropbear/dropbear.pam new file mode 100644 index 000000000..a739be471 --- /dev/null +++ b/dropbear/dropbear.pam @@ -0,0 +1,14 @@ +# +# /etc/pam.d/dropbear - dropbear service module configuration +# + +auth include common-auth + +account required pam_nologin.so +account include common-account + +password include common-password + +session include common-session +session required pam_limits.so + diff --git a/dropbear/dropbear b/dropbear/dropbear.rc index 20f6b2246..20f6b2246 100644 --- a/dropbear/dropbear +++ b/dropbear/dropbear.rc |