mirror
/
openwrt-packages
mirror of https://git.openwrt.org/feed/packages.git
1
0
Fork 0
Code Releases Activity

sshtunnel: StrictHostKeyChecking for Dropbear 

The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option:
-y    Always accept remote host key if unknown
-y -y Don't perform any remote host key checking (caution)

So we can add these options to make the StrictHostKeyChecking working.
The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead.

The only problem is that the -y flag is also used by the openssh-client:

-y Send log information using the syslog(3) system module.  By default this information is sent to stderr.

This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
This commit is contained in:
Sergey Ponomarev 2023-06-03 14:23:33 +03:00 committed by Nuno Goncalves
parent f14dae7bc9
commit 1d9f10a135
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
net/sshtunnel/files/sshtunnel.init
View File

@ -180,6 +180,9 @@ load_server() {
# dropbear doesn't support -o IdentityFile so use -i instead
[ -n "$IdentityFile" ] && ARGS_options="$ARGS_options -i $IdentityFile"
# dbclient doesn't support StrictHostKeyChecking but it has the -y option that works same
[ "$StrictHostKeyChecking" = "accept-new" ] && ARGS_options="$ARGS_options -y"
[ "$StrictHostKeyChecking" = "no" ] && ARGS_options="$ARGS_options -yy"
ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels -p $port $user@$hostname"
procd_open_instance "$server"