From 3b5f71a556a60271c11581cc2cade94f2b3c8076 Mon Sep 17 00:00:00 2001
From: Adam Wujek <dev_public@wujek.eu>
Date: Tue, 26 Nov 2024 10:37:59 +0100
Subject: [PATCH] [FEATURE: #190] rootfs/etc/init.d/sshd.sh: preserve ssh keys
 over firmware updates

Signed-off-by: Adam Wujek <dev_public@wujek.eu>
---
 userspace/rootfs_override/etc/init.d/sshd.sh | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/userspace/rootfs_override/etc/init.d/sshd.sh b/userspace/rootfs_override/etc/init.d/sshd.sh
index b425914f9..5374a68bc 100755
--- a/userspace/rootfs_override/etc/init.d/sshd.sh
+++ b/userspace/rootfs_override/etc/init.d/sshd.sh
@@ -4,6 +4,7 @@
 #
 
 dotconfig=/wr/etc/dot-config
+permanent_path_ssh=/update/permanent/ssh
 
 # Make sure the ssh-keygen progam exists
 [ -f /usr/bin/ssh-keygen ] || exit 0
@@ -37,7 +38,14 @@ start() {
 
 	# Make sure ssh directory exists
 	mkdir -p /etc/ssh
-	mkdir -p /usr/etc/ssh
+
+	# Copy keys from permanent location if available
+	if [ -d "$permanent_path_ssh" ] ; then
+		cp "$permanent_path_ssh"/ssh_host_*_key* /etc/ssh/
+	fi
+
+	mkdir -p "$permanent_path_ssh"
+
 	# Check for the ssh keys
 	if     [ ! -f /etc/ssh/ssh_host_rsa_key ] \
         || [ ! -f /etc/ssh/ssh_host_dsa_key ] \
@@ -45,7 +53,7 @@ start() {
         || [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then
 # 		echo -n "generating ssh keys... "
 		/usr/bin/ssh-keygen -A
-		cp /etc/ssh/ssh_host_*_key* /usr/etc/ssh
+		cp /etc/ssh/ssh_host_*_key* "$permanent_path_ssh"
 	fi
 
 	if [ "$CONFIG_ROOT_ACCESS_DISABLE" = "y" ]; then
-- 
GitLab