From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 12 Jul 2018 08:59:31 +0000 (+0100)
Subject: aws: Don't start ssh right away
X-Git-Tag: v2.21-core123~65
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=693208bf63671ec9d6f345e858b0bd6d0ebec064;p=ipfire-2.x.git

aws: Don't start ssh right away

sshctrl calls sshd directly which won't work at time of the first boot
because no keys will be generated.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/initscripts/helper/aws-setup b/src/initscripts/helper/aws-setup
index 0ae727c3ff..a273aff7d4 100644
--- a/src/initscripts/helper/aws-setup
+++ b/src/initscripts/helper/aws-setup
@@ -226,15 +226,16 @@ import_aws_configuration() {
 		# Enable SSH
 		sed -e "s/ENABLE_SSH=.*/ENABLE_SSH=on/g" -i /var/ipfire/remote/settings
 
-		touch /var/ipfire/remote/enablessh
-		chown nobody:nobody /var/ipfire/remote/enablessh
-
 		# Enable SSH key authentication
 		sed -e "s/^ENABLE_SSH_KEYS=.*/ENABLE_SSH_KEYS=on/" -i /var/ipfire/remote/settings
 
 		# Apply SSH settings
 		/usr/local/bin/sshctrl
 
+		# Mark SSH to start immediately (but not right now)
+		touch /var/ipfire/remote/enablessh
+		chown nobody:nobody /var/ipfire/remote/enablessh
+
 		# Firewall rules for SSH and WEBIF
 		(
 			echo "1,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,cust_srv,SSH,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"