From e59da2923cbbb21258cc9769b6a152d6af78abe6 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Thu, 18 Jun 2020 23:04:46 +0200
Subject: console-server: T2490: add SSH support

A user can define a port under the SSH node per device. WHen connecting to that
port and authenticating using regular credentials we will immediately drop to
the serial console. This is the same as executing "connect serial-proxy <name>".
---
 src/systemd/dropbear@.service   | 14 ++++++++++++++
 src/systemd/dropbearkey.service | 11 +++++++++++
 2 files changed, 25 insertions(+)
 create mode 100644 src/systemd/dropbear@.service
 create mode 100644 src/systemd/dropbearkey.service

(limited to 'src/systemd')

diff --git a/src/systemd/dropbear@.service b/src/systemd/dropbear@.service
new file mode 100644
index 000000000..a4df6ad41
--- /dev/null
+++ b/src/systemd/dropbear@.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Dropbear SSH per-connection server
+Requires=dropbearkey.service
+Wants=conserver-server.service
+After=mongodb.service
+After=dropbearkey.service vyos-router.service conserver-server.service
+
+[Service]
+Type=forking
+ExecStartPre=/usr/bin/bash -c '/usr/bin/systemctl set-environment PORT=$(cli-shell-api returnValue service serial-proxy device "%I" ssh port)'
+ExecStart=-/usr/sbin/dropbear -w -j -k -r /etc/dropbear/dropbear_rsa_host_key -c "/usr/bin/console %I" -P /run/conserver/dropbear.%I.pid -p ${PORT}
+PIDFile=/run/conserver/dropbear.%I.pid
+KillMode=process
+
diff --git a/src/systemd/dropbearkey.service b/src/systemd/dropbearkey.service
new file mode 100644
index 000000000..770641c8b
--- /dev/null
+++ b/src/systemd/dropbearkey.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Dropbear SSH Key Generation
+ConditionPathExists=|!/etc/dropbear/dropbear_rsa_host_key
+
+[Service]
+ExecStart=/usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
+
-- 
cgit v1.2.3