[PATCH] unconditionally accept host key
Luciano Miguel Ferreira Rocha
strange at nsk.no-ip.org
Fri Feb 9 04:16:28 WST 2007
Hello,
The attached patch adds a new option, -y, to the dropbear client,
version 0.48.1.
I need it when running dropbear in scripts (as rsync transport
mechanism, for example).
Note, the patch adds to usage() the line:
"-y accept remote host keys, if unknown\n", but, as far as I can tell,
dropbear considers unknown and unmatched host keys simply as unknown.
--
lfr
0/0
-------------- next part --------------
diff -ur dropbear-0.48.1.orig/cli-kex.c dropbear-0.48.1/cli-kex.c
--- dropbear-0.48.1.orig/cli-kex.c 2006-03-12 04:52:52.000000000 +0000
+++ dropbear-0.48.1/cli-kex.c 2006-12-20 19:29:17.000000000 +0000
@@ -119,6 +119,13 @@
char response = 'z';
fp = sign_key_fingerprint(keyblob, keybloblen);
+ if (cli_opts.acceptkey) {
+ fprintf(stderr, "\nHost '%s' unconditionally added to the trusted hosts file.\n(fingerprint %s)\n",
+ cli_opts.remotehost,
+ fp);
+ m_free(fp);
+ return;
+ }
fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(fingerprint %s)\nDo you want to continue connecting? (y/n)\n",
cli_opts.remotehost,
fp);
diff -ur dropbear-0.48.1.orig/cli-runopts.c dropbear-0.48.1/cli-runopts.c
--- dropbear-0.48.1.orig/cli-runopts.c 2006-03-12 04:52:52.000000000 +0000
+++ dropbear-0.48.1/cli-runopts.c 2006-12-20 20:29:06.000000000 +0000
@@ -46,6 +46,7 @@
fprintf(stderr, "Dropbear client v%s\n"
"Usage: %s [options] [user@]host\n"
"Options are:\n"
+ "-y accept remote host keys, if unknown\n"
"-p <remoteport>\n"
"-l <username>\n"
"-t Allocate a pty\n"
@@ -89,6 +90,7 @@
cli_opts.username = NULL;
cli_opts.cmd = NULL;
cli_opts.wantpty = 9; /* 9 means "it hasn't been touched", gets set later */
+ cli_opts.acceptkey = 0;
#ifdef ENABLE_CLI_PUBKEY_AUTH
cli_opts.privkeys = NULL;
#endif
@@ -144,6 +146,9 @@
/* A flag *waves* */
switch (argv[i][1]) {
+ case 'y': /* we want a pty */
+ cli_opts.acceptkey = 1;
+ break;
case 'p': /* remoteport */
next = &cli_opts.remoteport;
break;
diff -ur dropbear-0.48.1.orig/runopts.h dropbear-0.48.1/runopts.h
--- dropbear-0.48.1.orig/runopts.h 2006-03-12 04:52:51.000000000 +0000
+++ dropbear-0.48.1/runopts.h 2006-12-20 19:22:21.000000000 +0000
@@ -101,6 +101,7 @@
char *cmd;
int wantpty;
+ int acceptkey;
#ifdef ENABLE_CLI_PUBKEY_AUTH
struct SignKeyList *privkeys; /* Keys to use for public-key auth */
#endif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20070208/ea8302b8/attachment.pgp
More information about the Dropbear
mailing list