sshtunnel: StrictHostKeyChecking for Dropbear

The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option:
-y    Always accept remote host key if unknown
-y -y Don't perform any remote host key checking (caution)

So we can add these options to make the StrictHostKeyChecking working.
The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead.

The only problem is that the -y flag is also used by the openssh-client:

-y Send log information using the syslog(3) system module.  By default this information is sent to stderr.

This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

diff --git a/net/sshtunnel/files/sshtunnel.init b/net/sshtunnel/files/sshtunnel.init
index 480933edee105c71168ea8404e659436ae74c36f..144d447e84f9583fdb3bf9e3278a98f43341d4b0 100644 (file)
--- a/net/sshtunnel/files/sshtunnel.init
+++ b/net/sshtunnel/files/sshtunnel.init
@@ -180,6 +180,9 @@ load_server() {
 
        # dropbear doesn't support -o IdentityFile so use -i instead
        [ -n "$IdentityFile" ] && ARGS_options="$ARGS_options -i $IdentityFile"
+       # dbclient doesn't support StrictHostKeyChecking but it has the -y option that works same
+       [ "$StrictHostKeyChecking" = "accept-new" ] && ARGS_options="$ARGS_options -y"
+       [ "$StrictHostKeyChecking" = "no" ] && ARGS_options="$ARGS_options -yy"
        ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN $ARGS_tunnels -p $port $user@$hostname"
 
        procd_open_instance "$server"