Ticket #697 (closed enhancement: invalid)

Opened 6 years ago

Last modified 6 years ago

Don't generate security key pairs on every device boot

Reported by: sagacis@… Owned by: laforge@…
Priority: high Milestone:
Component: sysinit Version: current svn head
Severity: minor Keywords:
Cc: buglog@… Blocked By:
Blocking: Estimated Completion (week):
HasPatchForReview: PatchReviewResult:
Reproducible:

Description

We could save serious time by not regenerating the addresses and keypairs on
every device boot. It doesn't really need to, just when it's a new image.

Change History

comment:1 Changed 6 years ago by alphaone@…

  • Status changed from new to closed
  • Component changed from kernel to sysinit
  • Resolution set to invalid

I'm not sure what exactly you mean by that. What security key pairs?
If you mean the dropbear ssh keys they are only generated if they don't exist.
(See /etc/init.d/dropbear):

test -f $DROPBEAR_RSAKEY test -f $DROPBEAR_DSSKEY
dropbearkey -t rsa -f $DROPBEAR_RSAKEY
dropbearkey -t dss -f $DROPBEAR_DSSKEY

I'm going to close this as invalid for now. If this is not your issue please
feel free to clarify and reopen. I also changed the component to sysinit.

Note: See TracTickets for help on using tickets.