From 4ffa689706005bb73373a29c8023257a899ead74 Mon Sep 17 00:00:00 2001
From: Piraty <piraty1@inbox.ru>
Date: Wed, 18 Dec 2019 15:27:35 +0100
Subject: [PATCH] mkimage.sh.in: explicitly set 'PermitRootLogin yes' in
 sshd_config

So far, image generation relied on the config shipped in the openssh
package to ensure root login with password, but as this might change in
the future, explicitly apply and document this requirement for embedded
images here instead.

The exception for GCP (disable root login) should still work as
intended.
---
 mkimage.sh.in | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/mkimage.sh.in b/mkimage.sh.in
index 7b0aab4..495757c 100644
--- a/mkimage.sh.in
+++ b/mkimage.sh.in
@@ -247,6 +247,10 @@ if [ -n "$BOOT_UUID" ]; then
     echo "UUID=$BOOT_UUID /boot $BOOT_FSTYPE defaults${fstab_args} 0 2" >> "${ROOTFS}/etc/fstab"
 fi
 
+# Images are shipped with root as the only user by default, so we need to
+# ensure ssh login is possible for headless setups.
+sed -i "${ROOTFS}/etc/ssh/sshd_config" -e 's|^#\(PermitRootLogin\) .*|\1 yes|g'
+
 # This section does final configuration on the images.  In the case of
 # SBCs this writes the bootloader to the image or sets up other
 # required binaries to boot.  In the case of images destined for a