ssh: Fix public key only configuration

learmj · learmj · commit e67cf577f827 · 2025-06-26T11:37:34.000+01:00
Use the correct igconf option to inspect the variable governing whether
public key only auth should be used.

Ensure igconf reports an error and exits non-zero if an unsupported
option is provided. Unfortunately, this won't trigger a build failure
because scripts in the YAML are executed in a new process, and
enforcing strict shell behaviour for the whole build is not viable.
diff --git a/bin/igconf b/bin/igconf
@@ -103,6 +103,7 @@ if [[ "${BASH_SOURCE[0]}" == "${0}" ]] ; then
          exit $?
          ;;
       *)
+         >&2 echo "Error: invalid igconf op ($op) args: $@" ; exit 1
          ;;
    esac
    exit 1
diff --git a/meta/net-misc/openssh-server.yaml b/meta/net-misc/openssh-server.yaml
@@ -14,7 +14,7 @@ mmdebstrap:
          echo "$IGconf_meta_ssh_pubkey_user1" > $1/home/${IGconf_device_user1}/.ssh/authorized_keys
       fi
     - |-
-      if igconf is_y meta_sshd_pubkey_only ; then
+      if igconf isy meta_sshd_pubkey_only ; then
          mkdir -p $1/etc/ssh/sshd_config.d
          cat <<- 'EOCHROOT' > $1/etc/ssh/sshd_config.d/01pubkey-only.conf
       PermitRootLogin no

-Original file line number
+Diff line change
          exit $?
          ;;
       *)
 +         >&2 echo "Error: invalid igconf op ($op) args: $@" ; exit 1
          ;;
    esac
    exit 1