Ignore:
Timestamp:
2010-03-14T22:26:45+01:00 (6 years ago)
Author:
thepeople
Message:

this patch allow to set -g option 1. -g allow to make a more secure ssh server configuration by avoiding brute force attack on root while allowing user to use password (where the username is more difficult to guess).

Matthieu
from #6736

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/package/dropbear/files/dropbear.init

    r19569 r20219  
    3838        # C) banner file 
    3939        local bannerfile 
    40         config_get bannerfile ${section} BannerFile 
    41         [ -f $bannerfile ] || bannerfile='' 
     40        config_get bannerfile "${section}" BannerFile 
     41        [ -f "$bannerfile" ] || bannerfile='' 
    4242        # D) gatewayports 
    4343        local gatewayports 
    4444        config_get_bool gatewayports "${section}" GatewayPorts 0 
    4545        [ "${gatewayports}" -eq 1 ] || gatewayports='' 
     46        # E) root password authentication 
     47        local norootpasswd 
     48        local rootpassauth 
     49        config_get_bool rootpassauth "${section}" RootPasswordAuth 1 
     50        [ "${rootpassauth}" -eq 0 ] && norootpasswd=1 
    4651        # concatenate parameters 
    4752        local args 
    48         args="${nopasswd:+-s }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid" 
     53        args="${nopasswd:+-s }${norootpasswd:+-g }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid" 
    4954 
    5055        # execute program and return its exit code 
Note: See TracChangeset for help on using the changeset viewer.