#!/bin/sh

failsafe_sshd () {

	# if dropbear is executable it can handle failsafe
	[ -x /usr/sbin/dropbear ] && return

	sshd_tmpdir=/tmp/sshd
	mkdir $sshd_tmpdir

	sed -i 's/^root:.*/root::0:17000:::::/g' /etc/shadow

	for type in ed25519; do
		key=$sshd_tmpdir/ssh_host_${type}_key
		ssh-keygen -N '' -t ${type} -f ${key}
	done

	mkdir -m 0700 -p /var/empty

	cat > $sshd_tmpdir/sshd_config <<EOF
HostKey $sshd_tmpdir/ssh_host_ed25519_key
PermitRootLogin	yes
PermitEmptyPasswords yes
EOF

	/usr/sbin/sshd -f $sshd_tmpdir/sshd_config -E $sshd_tmpdir/sshd.log

}

boot_hook_add failsafe failsafe_sshd