From be7c57aa01b0209bdbab8adb5785ebbec1515a56 Mon Sep 17 00:00:00 2001
From: mhoellein <mhoellein@freenet.de>
Date: Sat, 11 Dec 2021 01:59:04 +0100
Subject: [PATCH] committing changes in /etc after apt run

Package changes:
+dropbear 2017.75-3build1 all
+dropbear-bin 2017.75-3build1 amd64
+dropbear-initramfs 2017.75-3build1 all
+dropbear-run 2017.75-3build1 all
+libtomcrypt1 1.18.1-1ubuntu0.1 amd64
---
 .etckeeper                                 |   9 +++
 default/dropbear                           |  25 +++++++
 dropbear/dropbear_dss_host_key             | Bin 0 -> 456 bytes
 dropbear/dropbear_ecdsa_host_key           | Bin 0 -> 140 bytes
 dropbear/dropbear_rsa_host_key             | Bin 0 -> 806 bytes
 dropbear/log/main                          |   1 +
 dropbear/log/run                           |   2 +
 dropbear/run                               |   3 +
 init.d/dropbear                            |  79 +++++++++++++++++++++
 rc0.d/{K02avahi-daemon => K01avahi-daemon} |   0
 rc0.d/K01dropbear                          |   1 +
 rc1.d/{K02avahi-daemon => K01avahi-daemon} |   0
 rc1.d/K01dropbear                          |   1 +
 rc2.d/S03dropbear                          |   1 +
 rc3.d/S03dropbear                          |   1 +
 rc4.d/S03dropbear                          |   1 +
 rc5.d/S03dropbear                          |   1 +
 rc6.d/{K02avahi-daemon => K01avahi-daemon} |   0
 rc6.d/K01dropbear                          |   1 +
 19 files changed, 126 insertions(+)
 create mode 100644 default/dropbear
 create mode 100644 dropbear/dropbear_dss_host_key
 create mode 100644 dropbear/dropbear_ecdsa_host_key
 create mode 100644 dropbear/dropbear_rsa_host_key
 create mode 120000 dropbear/log/main
 create mode 100755 dropbear/log/run
 create mode 100755 dropbear/run
 create mode 100755 init.d/dropbear
 rename rc0.d/{K02avahi-daemon => K01avahi-daemon} (100%)
 create mode 120000 rc0.d/K01dropbear
 rename rc1.d/{K02avahi-daemon => K01avahi-daemon} (100%)
 create mode 120000 rc1.d/K01dropbear
 create mode 120000 rc2.d/S03dropbear
 create mode 120000 rc3.d/S03dropbear
 create mode 120000 rc4.d/S03dropbear
 create mode 120000 rc5.d/S03dropbear
 rename rc6.d/{K02avahi-daemon => K01avahi-daemon} (100%)
 create mode 120000 rc6.d/K01dropbear

diff --git a/.etckeeper b/.etckeeper
index 2c319f65..8a2fa3d6 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -2211,6 +2211,7 @@ maybe chmod 0644 'default/devolo-updates'
 maybe chmod 0644 'default/devpts'
 maybe chmod 0644 'default/docker'
 maybe chmod 0644 'default/dovecot'
+maybe chmod 0644 'default/dropbear'
 maybe chmod 0644 'default/fail2ban'
 maybe chmod 0644 'default/fetchmail'
 maybe chmod 0644 'default/grub'
@@ -2369,12 +2370,19 @@ maybe chmod 0644 'dpkg/origins/ubuntu'
 maybe chmod 0644 'dpkg/shlibs.default'
 maybe chmod 0644 'dpkg/shlibs.override'
 maybe chmod 0644 'drirc'
+maybe chmod 0755 'dropbear'
 maybe chmod 0755 'dropbear-initramfs'
 maybe chmod 0644 'dropbear-initramfs/authorized_keys'
 maybe chmod 0644 'dropbear-initramfs/config'
 maybe chmod 0600 'dropbear-initramfs/dropbear_dss_host_key'
 maybe chmod 0600 'dropbear-initramfs/dropbear_ecdsa_host_key'
 maybe chmod 0600 'dropbear-initramfs/dropbear_rsa_host_key'
+maybe chmod 0600 'dropbear/dropbear_dss_host_key'
+maybe chmod 0600 'dropbear/dropbear_ecdsa_host_key'
+maybe chmod 0600 'dropbear/dropbear_rsa_host_key'
+maybe chmod 0755 'dropbear/log'
+maybe chmod 0755 'dropbear/log/run'
+maybe chmod 0755 'dropbear/run'
 maybe chmod 0755 'emacs'
 maybe chmod 0755 'emacs/site-start.d'
 maybe chmod 0644 'emacs/site-start.d/00debian-vars.el'
@@ -3307,6 +3315,7 @@ maybe chmod 0755 'init.d/devolonetsvc'
 maybe chmod 0755 'init.d/dns-clean'
 maybe chmod 0755 'init.d/docker'
 maybe chmod 0755 'init.d/dovecot'
+maybe chmod 0755 'init.d/dropbear'
 maybe chmod 0755 'init.d/fail2ban'
 maybe chmod 0755 'init.d/fetchmail'
 maybe chmod 0755 'init.d/grub-common'
diff --git a/default/dropbear b/default/dropbear
new file mode 100644
index 00000000..b1e09ae0
--- /dev/null
+++ b/default/dropbear
@@ -0,0 +1,25 @@
+# disabled because OpenSSH is installed
+# change to NO_START=0 to enable Dropbear
+NO_START=1
+# the TCP port that Dropbear listens on
+DROPBEAR_PORT=22
+
+# any additional arguments for Dropbear
+DROPBEAR_EXTRA_ARGS=
+
+# specify an optional banner file containing a message to be
+# sent to clients before they connect, such as "/etc/issue.net"
+DROPBEAR_BANNER=""
+
+# RSA hostkey file (default: /etc/dropbear/dropbear_rsa_host_key)
+#DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key"
+
+# DSS hostkey file (default: /etc/dropbear/dropbear_dss_host_key)
+#DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key"
+
+# ECDSA hostkey file (default: /etc/dropbear/dropbear_ecdsa_host_key)
+#DROPBEAR_ECDSAKEY="/etc/dropbear/dropbear_ecdsa_host_key"
+
+# Receive window size - this is a tradeoff between memory and
+# network performance
+DROPBEAR_RECEIVE_WINDOW=65536
diff --git a/dropbear/dropbear_dss_host_key b/dropbear/dropbear_dss_host_key
new file mode 100644
index 0000000000000000000000000000000000000000..1b054d0f26d0e1827f42897409103c3ed6fc75b1
GIT binary patch
literal 456
zcmV;(0XO~t000Mbb7(DOb8`Ry0D%Cq{+?J-C2Qku?v~mys>Vs-6S_<Tow0$?R~wyO
zpv9$$u`L~9f(;TB3L%zt_@!Kc7%qO48cP2}tTvxti@7W@w?79q=R;HaGTs(?q&~ZE
zPNHPhrX_2u!fED-t4U!DsUYxL%kWwS5E^NYMYxl}Jrj*Ro9q`^Q3$(AyA`<r000#L
z#hE<8Ur3CPC3IyJWP}WQ#2!3#0001hJ~Mu}gyfiwfR{`_CQfCch%}+nB4awoI6uDV
z=g2C5s`n03_b|4kF{Lfh&7BO46#}wQd1l|fJF_N4H&sKxI3rZ^B*;+;ZNthMX6y2*
zkw8^nKb|A0B@~-)LHsC0DwGR;|3WEKC3TBcCKiU0ZS;O^FNz)^kp50E2HLkI0001g
z1`U3-%OYL<*=V@Ih@L~dA^k9+-k*dCw5GH5youS>OQ(2sl$7w06s}P|Ut^8ZC7Oo@
z9bwZ}@2pYm4I0UNdM>#kH>%!k<UGu3OTgj6k&)Jt`qYo6tCk?5;u=e_2lB-vmMuW`
yc{&2)tJ7>gu9{u58~L=K-9!FaEvYI1000zKlU3A@1mivBq<ZsHs#NA)G_wDx6VHqQ

literal 0
HcmV?d00001

diff --git a/dropbear/dropbear_ecdsa_host_key b/dropbear/dropbear_ecdsa_host_key
new file mode 100644
index 0000000000000000000000000000000000000000..135e91602f49171c652edfa182d7c3fa4f6c5c7a
GIT binary patch
literal 140
zcmZQzU=U7CPAN{*EzU?Z(#^{(E-5fFHDh34;6P$KvRs<>WaI9GAC^jZ-r-x^GylDO
zl1}-f**P5*GJT3$*&imnDdJzB#`*aF_T+c7g+!RN4yyfFbjHWYE$qUjrQK>TOo0X}
mSbRTe`TvL`8`qkm9<jfoOMkN%`Bh9iz2|4T#O8_vOoafZn>t<q

literal 0
HcmV?d00001

diff --git a/dropbear/dropbear_rsa_host_key b/dropbear/dropbear_rsa_host_key
new file mode 100644
index 0000000000000000000000000000000000000000..27c6cdc756ca3756d0a6526e334897463528ce25
GIT binary patch
literal 806
zcmV+>1KIol000Mbb7(Dcb724g00RL40RR920RY$0IAL|DO25wASLpMK+7#=gTlKAC
zw1~Ksih%n@P>@&5&M;z|wrnESBIvUYjr0FLuBLQ_e1fnZpL&*6Es*}8$rEJ}Kj5>X
zCjW0noiCPnq*9SwFRvB3sk}R1CX^5WW|%S$L40lF*y+NxzoRo{4nMLVcfSr+{Ixyv
zPqXjT%8+G1`obG_1R<|Fijt%C+J5p^OI_kfZBk6c`7r9@)X1H4*@fm(V;KzX2aO(!
zs}@#f4>_}i6(EXRmN<R9X#t+MJ@ajK6H07UO&fx)eFE)obo4Z|u!_Kf<V1EMGah(H
z0AzF;8fU=@DXmCBb)T^b>p7717dNpkbvpn60RaGyg?wlmwVGHeIc6d4>^2cukI3`=
zr8$TGu)G!kgojBcign0on?c%f<Wv00F7T=a;cA8%(Koj>W_SuN^<YCEf=`wWO-5X)
zIXRR6Ek~6B4I{!K7TiN5Kz}Din1*mlpXr)s7z`z{a;B>GD5cZmcHQ0Z7t1S*UcTAP
z<OJy4=p2tTdoF2(MUv2D2QKlwz+lB;gp;}~i++{on<Ll-Kk(68$Q<E#dhwYB$mcP=
z)DZ&1|Ncl55>KkQ2hkF0so!<I?>Li49e|Lt!TItX;%%*g(L}YeHJ<h)#9l~Dfc+uS
zl=oKZvs|#oj&Vq$Knpx&D&E^Pf;xCNsH9;4004mi@dT5_Aqq$UJ<mUfzDf=usGi25
z?5!acteM#IVxxEU<4q~8!q2))xtdoupguWVmm3f9`TO3Zqq%IN#vxMXB$x*RT{*B?
zdPkH5bfd7}>pZvBq&ck#`bDolsrVa|1)-%9yE$M+@+fr_yxqv}$1x;%^|kySQJ7ls
z5hBBp0001i0OdQKS$^Rna73mWjkotMwGKVfrM=s2efzS1CT$aozwF3SblHS7m`E)@
zGg-?30sV{T8i=y}7Wo%JlS{*Pxa`0YhY^$E>trUEWnl%1!R>N28~+bh-+4tXCL5l(
kF$eJ}!$U%yDN)tnxJR#~N&w~ZFe=Vm&Q{CbYW~bF3*FU#+yDRo

literal 0
HcmV?d00001

diff --git a/dropbear/log/main b/dropbear/log/main
new file mode 120000
index 00000000..d1077ca0
--- /dev/null
+++ b/dropbear/log/main
@@ -0,0 +1 @@
+/var/log/dropbear
\ No newline at end of file
diff --git a/dropbear/log/run b/dropbear/log/run
new file mode 100755
index 00000000..2ffb13d4
--- /dev/null
+++ b/dropbear/log/run
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec chpst -udropbearlog svlogd -tt ./main
diff --git a/dropbear/run b/dropbear/run
new file mode 100755
index 00000000..f208085b
--- /dev/null
+++ b/dropbear/run
@@ -0,0 +1,3 @@
+#!/bin/sh
+exec 2>&1
+exec dropbear -d ./dropbear_dss_host_key -r ./dropbear_rsa_host_key -F -E -p 22
diff --git a/init.d/dropbear b/init.d/dropbear
new file mode 100755
index 00000000..ccd758db
--- /dev/null
+++ b/init.d/dropbear
@@ -0,0 +1,79 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          dropbear
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Lightweight SSH server
+# Description:       Init script for drobpear SSH server.  Edit
+#                    /etc/default/dropbear to configure the server.
+### END INIT INFO
+#
+# Do not configure this file. Edit /etc/default/dropbear instead!
+#
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/dropbear
+NAME=dropbear
+DESC="Dropbear SSH server"
+DEFAULTCFG=/etc/default/dropbear
+
+DROPBEAR_PORT=22
+DROPBEAR_EXTRA_ARGS=
+NO_START=0
+
+set -e
+
+. /lib/lsb/init-functions
+
+cancel() { echo "$1" >&2; exit 0; };
+test ! -r $DEFAULTCFG || . $DEFAULTCFG
+test -x "$DAEMON" || cancel "$DAEMON does not exist or is not executable."
+test ! -x /usr/sbin/update-service || ! update-service --check dropbear ||
+  cancel 'The dropbear service is controlled through runit, use the sv(8) program'
+
+[ ! "$DROPBEAR_BANNER" ] || DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
+[ ! -f "$DROPBEAR_RSAKEY" ]   || DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -r $DROPBEAR_RSAKEY"
+[ ! -f "$DROPBEAR_DSSKEY" ]   || DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -r $DROPBEAR_DSSKEY"
+[ ! -f "$DROPBEAR_ECDSAKEY" ] || DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -r $DROPBEAR_ECDSAKEY"
+test -n "$DROPBEAR_RECEIVE_WINDOW" || \
+  DROPBEAR_RECEIVE_WINDOW="65536"
+
+case "$1" in
+  start)
+	test "$NO_START" = "0" ||
+	cancel "Starting $DESC: [abort] NO_START is not set to zero in $DEFAULTCFG"
+
+	echo -n "Starting $DESC: "
+	start-stop-daemon --start --quiet --pidfile /var/run/"$NAME".pid \
+	  --exec "$DAEMON" -- -p "$DROPBEAR_PORT" -W "$DROPBEAR_RECEIVE_WINDOW" $DROPBEAR_EXTRA_ARGS
+	echo "$NAME."
+	;;
+  stop)
+	echo -n "Stopping $DESC: "
+	start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/"$NAME".pid
+	echo "$NAME."
+	;;
+  restart|force-reload)
+	test "$NO_START" = "0" ||
+	cancel "Restarting $DESC: [abort] NO_START is not set to zero in $DEFAULTCFG"
+
+	echo -n "Restarting $DESC: "
+	start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/"$NAME".pid
+	sleep 1
+	start-stop-daemon --start --quiet --pidfile /var/run/"$NAME".pid \
+	  --exec "$DAEMON" -- $DROPBEAR_KEYS -p "$DROPBEAR_PORT" -W "$DROPBEAR_RECEIVE_WINDOW" $DROPBEAR_EXTRA_ARGS
+	echo "$NAME."
+	;;
+  status)
+		status_of_proc -p /var/run/"$NAME".pid $DAEMON $NAME && exit 0 || exit $?
+	;;
+  *)
+	N=/etc/init.d/$NAME
+	echo "Usage: $N {start|stop|status|restart|force-reload}" >&2
+	exit 1
+	;;
+esac
+
+exit 0
diff --git a/rc0.d/K02avahi-daemon b/rc0.d/K01avahi-daemon
similarity index 100%
rename from rc0.d/K02avahi-daemon
rename to rc0.d/K01avahi-daemon
diff --git a/rc0.d/K01dropbear b/rc0.d/K01dropbear
new file mode 120000
index 00000000..44af88db
--- /dev/null
+++ b/rc0.d/K01dropbear
@@ -0,0 +1 @@
+../init.d/dropbear
\ No newline at end of file
diff --git a/rc1.d/K02avahi-daemon b/rc1.d/K01avahi-daemon
similarity index 100%
rename from rc1.d/K02avahi-daemon
rename to rc1.d/K01avahi-daemon
diff --git a/rc1.d/K01dropbear b/rc1.d/K01dropbear
new file mode 120000
index 00000000..44af88db
--- /dev/null
+++ b/rc1.d/K01dropbear
@@ -0,0 +1 @@
+../init.d/dropbear
\ No newline at end of file
diff --git a/rc2.d/S03dropbear b/rc2.d/S03dropbear
new file mode 120000
index 00000000..44af88db
--- /dev/null
+++ b/rc2.d/S03dropbear
@@ -0,0 +1 @@
+../init.d/dropbear
\ No newline at end of file
diff --git a/rc3.d/S03dropbear b/rc3.d/S03dropbear
new file mode 120000
index 00000000..44af88db
--- /dev/null
+++ b/rc3.d/S03dropbear
@@ -0,0 +1 @@
+../init.d/dropbear
\ No newline at end of file
diff --git a/rc4.d/S03dropbear b/rc4.d/S03dropbear
new file mode 120000
index 00000000..44af88db
--- /dev/null
+++ b/rc4.d/S03dropbear
@@ -0,0 +1 @@
+../init.d/dropbear
\ No newline at end of file
diff --git a/rc5.d/S03dropbear b/rc5.d/S03dropbear
new file mode 120000
index 00000000..44af88db
--- /dev/null
+++ b/rc5.d/S03dropbear
@@ -0,0 +1 @@
+../init.d/dropbear
\ No newline at end of file
diff --git a/rc6.d/K02avahi-daemon b/rc6.d/K01avahi-daemon
similarity index 100%
rename from rc6.d/K02avahi-daemon
rename to rc6.d/K01avahi-daemon
diff --git a/rc6.d/K01dropbear b/rc6.d/K01dropbear
new file mode 120000
index 00000000..44af88db
--- /dev/null
+++ b/rc6.d/K01dropbear
@@ -0,0 +1 @@
+../init.d/dropbear
\ No newline at end of file
-- 
2.43.0