Michael Chus
65d92d59c2
Builder setup: - iso/builder/VERSIONS: pinned Alpine 3.21, Go 1.23.6, NVIDIA 550.54.15 - iso/builder/setup-builder.sh: installs build deps + Go on Alpine VM, verifies packages - iso/builder/build-debug.sh: compiles audit binary, injects SSH keys, builds ISO - iso/builder/mkimg.bee_debug.sh: Alpine mkimage profile (all audit packages + dropbear) SSH access (same Ed25519 key as release signing): - auto-collects ~/.keys/*.key.pub into authorized_keys at build time - fallback: user bee / password eeb when no keys available - bee-sshsetup init.d service: creates bee user, sets password, logs status Debug overlay: - bee-network: DHCP on all physical interfaces before SSH/audit - bee-audit-debug: runs audit on boot, leaves SSH up after - bee-sshsetup: key/password SSH setup - motd: shows log paths, re-run command, SSH access info Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
29 lines
802 B
Plaintext
29 lines
802 B
Plaintext
#!/sbin/openrc-run
|
|
|
|
description="Bee: configure SSH access (keys or password fallback)"
|
|
|
|
depend() {
|
|
need localmount
|
|
before dropbear
|
|
}
|
|
|
|
start() {
|
|
# Always create dedicated 'bee' user for password fallback.
|
|
# If no SSH keys embedded: login with bee / eeb
|
|
if ! id bee > /dev/null 2>&1; then
|
|
adduser -D -s /bin/sh bee > /dev/null 2>&1
|
|
fi
|
|
printf 'eeb\neeb\n' | passwd bee > /dev/null 2>&1
|
|
|
|
if [ -f /etc/bee-ssh-password-fallback ]; then
|
|
ebegin "SSH key auth unavailable — password fallback active"
|
|
ewarn "Login: bee / eeb"
|
|
ewarn "Generate a key: sh keys/scripts/keygen.sh <name>"
|
|
eend 0
|
|
else
|
|
ebegin "SSH key auth configured"
|
|
# bee user exists but password login less useful when keys work
|
|
eend 0
|
|
fi
|
|
}
|