dropbear: Add RootLogin parameter to control whether ssh logins as root are allowed.

[openwrt/openwrt.git] / package / dropbear / files / dropbear.init

diff --git a/package/dropbear/files/dropbear.init b/package/dropbear/files/dropbear.init
index fabf54e74a0d94a4260ac224b70a02508a88e0e9..d5aa403104c608eb9b86c0fe1fd282d6068b6b1a 100755 (executable)
--- a/package/dropbear/files/dropbear.init
+++ b/package/dropbear/files/dropbear.init
@@ -53,9 +53,13 @@ dropbear_start()
        local rootpassauth
        config_get_bool rootpassauth "${section}" RootPasswordAuth 1
        [ "${rootpassauth}" -eq 0 ] && norootpasswd=1
+       local rootloginallowed
+       local norootlogin
+       config_get_bool rootloginallowed "${section}" RootLogin 1
+       [ "${rootloginallowed}" -eq 0 ] && norootlogin=1
        # concatenate parameters
        local args
-       args="${nopasswd:+-s }${norootpasswd:+-g }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
+       args="${nopasswd:+-s }${norootpasswd:+-g }${norootlogin:+-w }${port:+-p ${port} }${bannerfile:+-b $bannerfile }${gatewayports:+-a }-P /var/run/${NAME}.${PIDCOUNT}.pid"
 
        # execute program and return its exit code
        [ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"