RDKB-64870: [Spike/POC] Evaluate OpenSSH usage in place of dropbear#325
Open
MonekaLakshmi wants to merge 1 commit into
Open
RDKB-64870: [Spike/POC] Evaluate OpenSSH usage in place of dropbear#325MonekaLakshmi wants to merge 1 commit into
MonekaLakshmi wants to merge 1 commit into
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the sshd service wrapper to run OpenSSH sshd (POC/spike) instead of the prior implementation, integrating it into the existing Utopia sysevent/PMON service model.
Changes:
- Replaces the start/stop logic with OpenSSH
sshdinvocation, PID handling, and basic startup validation. - Adds OpenSSH host key generation and directory setup.
- Expands event handling (e.g.,
sshd-restart, combinedlan-status|wan-status,current_wan_ifname) and updates PMON integration.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| [ -z "${SSHD_PID}" ] && ${SSHD} -f /etc/sshd.conf | ||
| sysevent set ssh_daemon_state up | ||
| SSHD="/usr/sbin/sshd" | ||
| SSHD_CONFIG="/etc/ssh/sshd_config_readonly" |
Comment on lines
+52
to
+66
| PID_FILE="/var/run/sshd.pid" | ||
| KEY_DIR="/var/run/ssh" | ||
| PMON="/etc/utopia/service.d/pmon.sh" | ||
|
|
||
| generate_openssh_keys() | ||
| { | ||
| mkdir -p "${KEY_DIR}" | ||
| chmod 0755 "${KEY_DIR}" | ||
|
|
||
| [ -f "${KEY_DIR}/ssh_host_rsa_key" ] || ssh-keygen -q -t rsa -N '' -C '' -f "${KEY_DIR}/ssh_host_rsa_key" | ||
| [ -f "${KEY_DIR}/ssh_host_ecdsa_key" ] || ssh-keygen -q -t ecdsa -N '' -C '' -f "${KEY_DIR}/ssh_host_ecdsa_key" | ||
| [ -f "${KEY_DIR}/ssh_host_ed25519_key" ] || ssh-keygen -q -t ed25519 -N '' -C '' -f "${KEY_DIR}/ssh_host_ed25519_key" | ||
|
|
||
| chmod 600 "${KEY_DIR}"/ssh_host_*_key 2>/dev/null || true | ||
| chmod 644 "${KEY_DIR}"/ssh_host_*_key.pub 2>/dev/null || true |
Comment on lines
+107
to
+113
| do_stop() | ||
| { | ||
| sysevent set ssh_daemon_state down | ||
|
|
||
| if [ -f "${PID_FILE}" ] && [ -s "${PID_FILE}" ]; then | ||
| kill "`cat ${PID_FILE}`" 2>/dev/null | ||
| sleep 1 |
Comment on lines
+107
to
+117
| do_stop() | ||
| { | ||
| sysevent set ssh_daemon_state down | ||
|
|
||
| if [ -f "${PID_FILE}" ] && [ -s "${PID_FILE}" ]; then | ||
| kill "`cat ${PID_FILE}`" 2>/dev/null | ||
| sleep 1 | ||
| fi | ||
|
|
||
| if pidof sshd >/dev/null 2>&1; then | ||
| killall sshd 2>/dev/null |
Comment on lines
71
to
+77
| SSHD_PID=`pidof sshd` | ||
| [ ! "${SSHD_PID}" ] && return 0 | ||
| kill "${SSHD_PID}" | ||
| sysevent set ssh_daemon_state down | ||
|
|
||
| if [ "${SSHD_PID}" ]; then | ||
| echo "${SSHD_PID}" | awk '{print $1}' > "${PID_FILE}" | ||
| sysevent set ssh_daemon_state up | ||
| echo_t "[utopia] OpenSSH already running. PID: `cat ${PID_FILE}`" | ||
| return 0 |
Reason for change: TESTING PURPOSE Signed-off-by: plaksh175_comcast <PiramanayagamMoneka_Lakshmi@comcast.com>
MonekaLakshmi
force-pushed
the
topic/RDKB-64796
branch
from
a1a1317 to
91a20c5
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Reason for change: TESTING PURPOSE