dropbear: add option to set max auth tries

Add a uci option to set the new max auth tries paramater in dropbear.
Set the default to 3, as 10 seems excessive.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 6371159b4ae8b4dd94d6319ac805b0c26962bb14)
This commit is contained in:
Stijn Tintel 2017-06-27 22:30:01 +02:00 committed by Jo-Philipp Wich
parent 8693ab5152
commit d413c75d24
2 changed files with 4 additions and 2 deletions

View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=dropbear PKG_NAME:=dropbear
PKG_VERSION:=2017.75 PKG_VERSION:=2017.75
PKG_RELEASE:=2 PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:= \ PKG_SOURCE_URL:= \

View File

@ -41,6 +41,7 @@ validate_section_dropbear()
'Port:list(port):22' \ 'Port:list(port):22' \
'SSHKeepAlive:uinteger:300' \ 'SSHKeepAlive:uinteger:300' \
'IdleTimeout:uinteger:0' \ 'IdleTimeout:uinteger:0' \
'MaxAuthTries:uinteger:3' \
'mdns:bool:1' 'mdns:bool:1'
} }
@ -49,7 +50,7 @@ dropbear_instance()
local PasswordAuth enable Interface GatewayPorts \ local PasswordAuth enable Interface GatewayPorts \
RootPasswordAuth RootLogin rsakeyfile \ RootPasswordAuth RootLogin rsakeyfile \
BannerFile Port SSHKeepAlive IdleTimeout \ BannerFile Port SSHKeepAlive IdleTimeout \
mdns ipaddrs MaxAuthTries mdns ipaddrs
validate_section_dropbear "${1}" || { validate_section_dropbear "${1}" || {
echo "validation failed" echo "validation failed"
@ -78,6 +79,7 @@ dropbear_instance()
append_ports "${ipaddrs}" "${Port}" append_ports "${ipaddrs}" "${Port}"
[ "${IdleTimeout}" -ne 0 ] && procd_append_param command -I "${IdleTimeout}" [ "${IdleTimeout}" -ne 0 ] && procd_append_param command -I "${IdleTimeout}"
[ "${SSHKeepAlive}" -ne 0 ] && procd_append_param command -K "${SSHKeepAlive}" [ "${SSHKeepAlive}" -ne 0 ] && procd_append_param command -K "${SSHKeepAlive}"
[ "${MaxAuthTries}" -ne 0 ] && procd_append_param command -T "${MaxAuthTries}"
[ "${mdns}" -ne 0 ] && procd_add_mdns "ssh" "tcp" "$Port" "daemon=dropbear" [ "${mdns}" -ne 0 ] && procd_add_mdns "ssh" "tcp" "$Port" "daemon=dropbear"
procd_set_param respawn procd_set_param respawn
procd_close_instance procd_close_instance