| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Want to organize your cloud files? Sign up for a free webinar to see how Dokkio (a new product from PBworks) can help you find, organize, and collaborate on your Drive, Gmail, Dropbox, and Slack files: Weds, May 27 at 2PM Eastern / 11AM Pacific
View
 

dropbear

Page history last edited by Vasile 11 years, 1 month ago

 

Dropbear

 

Version: 0.49-0

Status: 80% complete

 



 

Description

A small SSH server, with no external dependencies (ie. it does not depend on OpenSSL, using a built-in copy of LibTomCrypt instead). Includes SCP (Secure CoPy) which can be used as a FTP replacement. The MG-35 version requires a local/network /usr mount (for host private key, client public key authentication).

 

Official page

Official site

 

Usage

Usage should be similar to the NSLU port.

 

 

dropbear [options]

 

 

Options:

 

-b bannerfile   Display the contents of bannerfile before user login (default: none)

-r rsakeyfile   Use rsakeyfile for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key)

-F              Don't vfork into background

-E              Log to stderr rather than syslog

-w              Disallow root logins

-j              Disable local port forwarding

-k              Disable remote port forwarding

-a              Allow connections to forwarded ports from any host

-p [address:]port

Listen on specified tcp port (and optionally address), up to 1 can be specified

(default port is 22 if none specified)

-P PidFile      Create pid file PidFile (default /var/run/dropbear.pid)

-i              Start for inetd

-v              verbose

 

Installation

 

Note: /etc is a union (unionfs.o) of the original /etc and my own /usr/etc

 

1. Configure /etc/inetd.conf, adding:

ssh     stream  tcp     nowait  root    /usr/bin/dropbear       dropbear -i -E

2. Configure /etc/services, adding:

ssh             22/tcp             # SSH Remote Login Protocol

ssh             22/udp

 

3. Create a host key:

mkdir -p /etc/dropbear

dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key

 

4. Start /usr/bin/inetd

/usr/bin/inetd &

 

 

5. Configure your SSH client and connect to your MG35. You should get the login prompt.

 

Todo

  • to test

  • SCP support

  • password authentication

  • Create .ipk module

 

 

Download

Application

Format

Location

dropbear

.bin

SourceForge - utility binaries

dropbearkey

.bin

SourceForge - utility binaries

Put the .bin format dropbear and dropbearkey (above) into your /usr/bin directory .

 

History

Version 0.49-0 - [John, 2008-04]

  • Built

  • Public-Key authentication working

  • Correctly sets environment variables, terminal size

 

Comments

  • VasileB: I couldn't login. Trying to use "ftp" user results in [188] Jan 01 09:20:18 exit before auth: Disconnect received, probably because it has a void password. I may need to add a new user in /etc/passwd. Can you port adduser?

  • John: after playing around with dropbear some more, the best I got was:

Mem: 5208K used, 8072K free, 0K shrd, 32K buff, 8K cached
CPU:   0% usr   1% sys   0% nice  98% idle   0% io   0% irq   0% softirq
Load average: 0.66 0.52 0.23
PID  PPID USER     STAT   VSZ %MEM %CPU COMMAND
108   103 root     R     1256   9%   1% top 
102    83 root     S      300   2%   1% /usr/bin/dropbear -i -j -b /etc/issue -F -E 
4     0 root     RW       0   0%   1% [kswapd]
68     1 root     S     1608  12%   0% /bin/menu & 
72     1 root     S      424   3%   0% pure-ftpd (IDLE)        
1     0 root     S      216   2%   0% init 
103   102 root     S      196   1%   0% -sh 
83     1 root     S       80   1%   0% /usr/bin/inetd & 
25     1 root     S       60   0%   0% /bin/telnetd -l /bin/sh & 
2     1 root     SW       0   0%   0% [keventd]
3     0 root     SWN      0   0%   0% [ksoftirqd_CPU0]
6     0 root     SW       0   0%   0% [kupdated]
    5     0 root     SW       0   0%   0% [bdflush]

 

  • John: scp doesn't work (malloc errors). Password authentication support will require a drop-in of the user functions from busybox 1.10.

 

Comments (0)

You don't have permission to comment on this page.