From 1df4dd6bf568a5eb75f07a60bda4e5ca406cc7b4 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Tue, 23 Aug 2016 16:05:28 +0300 Subject: initrd-ssh service: ensure that keys got copied into initrd Fixes #17927. --- nixos/modules/system/boot/initrd-ssh.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'nixos/modules/system') diff --git a/nixos/modules/system/boot/initrd-ssh.nix b/nixos/modules/system/boot/initrd-ssh.nix index d0a4ce51148f..bc899984c57d 100644 --- a/nixos/modules/system/boot/initrd-ssh.nix +++ b/nixos/modules/system/boot/initrd-ssh.nix @@ -93,6 +93,10 @@ in boot.initrd.extraUtilsCommands = '' copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib + + ${optionalString (cfg.hostRSAKey != null) "install -D ${cfg.hostRSAKey} $out/etc/dropbear/dropbear_rsa_host_key"} + ${optionalString (cfg.hostDSSKey != null) "install -D ${cfg.hostDSSKey} $out/etc/dropbear/dropbear_dss_host_key"} + ${optionalString (cfg.hostECDSAKey != null) "install -D ${cfg.hostECDSAKey} $out/etc/dropbear/dropbear_ecdsa_host_key"} ''; boot.initrd.extraUtilsCommandsTest = '' @@ -108,9 +112,9 @@ in touch /var/log/lastlog mkdir -p /etc/dropbear - ${optionalString (cfg.hostRSAKey != null) "ln -s ${cfg.hostRSAKey} /etc/dropbear/dropbear_rsa_host_key"} - ${optionalString (cfg.hostDSSKey != null) "ln -s ${cfg.hostDSSKey} /etc/dropbear/dropbear_dss_host_key"} - ${optionalString (cfg.hostECDSAKey != null) "ln -s ${cfg.hostECDSAKey} /etc/dropbear/dropbear_ecdsa_host_key"} + ${optionalString (cfg.hostRSAKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key"} + ${optionalString (cfg.hostDSSKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_dss_host_key /etc/dropbear/dropbear_dss_host_key"} + ${optionalString (cfg.hostECDSAKey != null) "ln -s $extraUtils/etc/dropbear/dropbear_ecdsa_host_key /etc/dropbear/dropbear_ecdsa_host_key"} mkdir -p /root/.ssh ${concatStrings (map (key: '' -- cgit 1.4.1