From f14ea9817cd2edb28d80b6b0b56f1cec4c8ac8f6 Mon Sep 17 00:00:00 2001 From: Cyril Brulebois Date: Sat, 20 Jul 2024 13:36:46 +0200 Subject: [PATCH] Adjust SSH management. Let's *disable* ssh.service to make sure it doesn't start too soon, and modify the rpi-generate-ssh-host-keys.service unit (that triggers the generation during the first boot) to enable+start ssh.service when everything is ready. See: https://salsa.debian.org/raspi-team/image-specs/-/issues/72 --- raspberrypi/recipes/pi3-pi4.sh | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/raspberrypi/recipes/pi3-pi4.sh b/raspberrypi/recipes/pi3-pi4.sh index ca505b5..e00ee43 100644 --- a/raspberrypi/recipes/pi3-pi4.sh +++ b/raspberrypi/recipes/pi3-pi4.sh @@ -12,13 +12,15 @@ toast_me() { chroot $MNT adduser pi sudo chroot $MNT adduser pi plugdev echo "pi:raspberry" | chroot $MNT chpasswd - # Force generate SSH host keys if they exist + # Let's make sure we don't ship any SSH host keys. Also work around upstream + # bug leading ssh.service to try and start before SSH host keys have been + # generated (https://salsa.debian.org/raspi-team/image-specs/-/issues/72): + # disable ssh.service here, and let the rpi-generate-ssh-host-keys.service + # enable+start it when everything is ready. rm -f $MNT/etc/ssh/ssh_host_* - # Work around longstanding bug (ssh fails to start until host keys - # have been generated on the target), until it's fixed upstream: - if ! grep -qs ^Before= $MNT/etc/systemd/system/rpi-generate-ssh-host-keys.service; then - sed '/^Description=/a Before=sshd.service' -i $MNT/etc/systemd/system/rpi-generate-ssh-host-keys.service - fi + chroot $MNT systemctl disable ssh.service + sed '/^ExecStart=/a ExecStart=/usr/bin/systemctl enable --now ssh.service' \ + -i $MNT/etc/systemd/system/rpi-generate-ssh-host-keys.service # Change the hostname echo "127.0.1.1 pirogue.local pirogue" >> $MNT/etc/hosts echo "::1 pirogue.local pirogue" >> $MNT/etc/hosts