(yet) another suggestion

Ian Darwin ian at darwinsys.com
Thu Jul 17 20:57:09 CEST 2008


C R McClenaghan wrote:
> Would it be possible to implement a first boot script that would:
> 
> generate unique SSH keys;

You shouldn't have reinvent this (OpenBSD does this in /etc/rc, so 
something like it should be part of most Linux distributions).
Here:

if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
         echo -n "ssh-keygen: generating new DSA host key... "
         if /usr/bin/ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key 
-N ''; then
                 echo done.
         else
                 echo failed.
         fi
fi

I don't have my freerunner handy but I hope that dropbear includes 
ssh-keygen :-)

> provide for selection of non-conflicting peer networking IP addresses;

That's what DHCP is for.  This is NOT something that an appliance should 
try to do.

That said, most linux and winzzz boxes won't have DHCP on their USB 
ports, so there should be a short timeout and a workable default.

> option to install full keyboard;

Should just be installed.

> other suggestions?

Pick a non-root account to run stuff.





More information about the support mailing list