diff options
| author | Sergey Ponomarev <stokito@gmail.com> | 2023-06-03 14:23:33 +0300 |
|---|---|---|
| committer | Nuno Goncalves <nunojpg@gmail.com> | 2023-10-08 10:29:37 +0100 |
| commit | 1d9f10a1356df1862bfff4f3031011403ddfe0bd (patch) | |
| tree | 356f9a32b66a3df1191bfc8aac09344affddbd8c /net/sshtunnel/files/sshtunnel.init | |
| parent | f14dae7bc9ef0db6f6b25e605dc6c963d9417e17 (diff) | |
sshtunnel: StrictHostKeyChecking for Dropbear
The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option:
-y Always accept remote host key if unknown
-y -y Don't perform any remote host key checking (caution)
So we can add these options to make the StrictHostKeyChecking working.
The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead.
The only problem is that the -y flag is also used by the openssh-client:
-y Send log information using the syslog(3) system module. By default this information is sent to stderr.
This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Diffstat (limited to 'net/sshtunnel/files/sshtunnel.init')
| -rw-r--r-- | net/sshtunnel/files/sshtunnel.init | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init index 480933ede..144d447e8 100644 --- a/net/sshtunnel/files/sshtunnel.init +++ b/net/sshtunnel/files/sshtunnel.init @@ -180,6 +180,9 @@ load_server() { # dropbear doesn't support -o IdentityFile so use -i instead [ -n "$IdentityFile" ] && ARGS_options="$ARGS_options -i $IdentityFile" + # dbclient doesn't support StrictHostKeyChecking but it has the -y option that works same + [ "$StrictHostKeyChecking" = "accept-new" ] && ARGS_options="$ARGS_options -y" + [ "$StrictHostKeyChecking" = "no" ] && ARGS_options="$ARGS_options -yy" ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels -p $port $user@$hostname" procd_open_instance "$server" |