diff --git a/build-iso/docker-compose.yml b/build-iso/docker-compose.yml index f79d6f2..6b7b0b8 100644 --- a/build-iso/docker-compose.yml +++ b/build-iso/docker-compose.yml @@ -2,7 +2,7 @@ version: '3.7' services: # usage: - # sudo docker-compose run archiso + # sudo docker-compose run --rm archiso archiso: build: . diff --git a/build-iso/run.sh b/build-iso/run.sh index 04205a0..d33be75 100755 --- a/build-iso/run.sh +++ b/build-iso/run.sh @@ -132,6 +132,17 @@ Subsystem sftp /usr/lib/ssh/sftp-server' > "${BUILD_DIR}"/profile/airootfs/etc/s ssh-keygen -N "" -t rsa -b 4096 -f "${BUILD_DIR}"/profile/airootfs/etc/ssh/ssh_host_rsa_key || exit $? ssh-keygen -N "" -t ecdsa -f "${BUILD_DIR}"/profile/airootfs/etc/ssh/ssh_host_ecdsa_key || exit $? ssh-keygen -N "" -t ed25519 -f "${BUILD_DIR}"/profile/airootfs/etc/ssh/ssh_host_ed25519_key || exit $? + # Set correct file permissions. + echo 'file_permissions+=( + ["/etc/ssh/ssh_host_dsa_key"]="0:0:0600" + ["/etc/ssh/ssh_host_dsa_key.pub"]="0:0:0644" + ["/etc/ssh/ssh_host_rsa_key"]="0:0:0600" + ["/etc/ssh/ssh_host_rsa_key.pub"]="0:0:0644" + ["/etc/ssh/ssh_host_ecdsa_key"]="0:0:0600" + ["/etc/ssh/ssh_host_ecdsa_key.pub"]="0:0:0644" + ["/etc/ssh/ssh_host_ed25519_key"]="0:0:0600" + ["/etc/ssh/ssh_host_ed25519_key.pub"]="0:0:0644" +)' >> "${BUILD_DIR}"/profile/profiledef.sh || exit $? # Save ssh host fingerprints next to the ISO file for f in "${BUILD_DIR}"/profile/airootfs/etc/ssh/ssh_host_*_key; do