Salatiel Filho | 8 Nov 11:17 2012
Picon

Support to port number in known hosts

Would it be possible to add support to port numbers in known_hosts
lines created by dbclient just like openssh ?
I ask this because if i have multiples ssh servers behind the same
fqdn in different ports ( port forwarding to different servers)
dbclient will complain about bad key every time i try to connect at a
different port in the same fqdn.

Thanks!

[]'s
Salatiel

chinna obireddy | 25 Sep 10:39 2012
Picon

Dropbear calling my own command-line parser than /bin/sh

Dear All,


As per the thread http://thread.gmane.org/gmane.network.ssh.dropbear/68/focus=75 I was successfully made changes to launch CLI application with dropbear ssh.

But Putty(SSH client) is still asking for Login name, though this is not going to be used It looks weird for user asking user name twice. Since the CLI application has it's own authentication method.

Suggest me how can I completely ignore Authentication packets in the server side.

--Reddy.
lb | 12 Sep 20:15 2012
Picon

Dropbear client & server errors on Android

Hi,

I successfully compiled the Dropbear client for Android, but when I try to
connect to an address it gives me the following error:
"Exited: Error resolving '<the address>'  port '<port>'. Name or service not
known"
When I try to connect using IP address - all works fine.
Is there any way to make Dropbear use some external nameserver, like 8.8.8.8? Or
any other solution you can think of?

As for the server: I fiddled with it a lot, applied different patches, overcame
numerous error messages, but the message I can't overcome now is:
"Exit before auth (user '<user>', 0 fails): Exited normally"
What can be the problem at this stage? (I'm using pubkey auth)

Thanks a lot,
Leonid.

Tobias Dussa (SCC | 30 Aug 12:39 2012

How to read from stdin with dbclient

Hi,

I'm trying to ship something to a script on a remote machine via SSH
and catch its output.

As an example, let's say that user foo on machine bar has "cat"
defined as her shell.  Thus, after connecting to bar as foo, anything
that is sent to bar is sent back.

Theoretically, piping something into the ssh command should result in
that something being thrown back.  This does indeed work as expected
when using openssh's ssh client, like this:
  echo baz | ssh -qi IDENTITY foo <at> bar

Trying the same with dbclient yields "Failed reading termmodes" for
this command:
  echo baz | dbclient -i DB_IDENTITY foo <at> bar

This points to the fact that no pty is available, which is correct, of
course, and can be prevented by using the -T switch, which tells
dbclient not to allocate a pty:
  echo baz | dbclient -T -i DB_IDENTITIY foo <at> bar

However, this is where things go wrong.  The "baz" string does still
indeed arrive at the remote server and is processed by foo's shell,
but is not printed by dbclient.  This is unfortunate as I really need
to capture the output.

So, the obvious question is, how can I get to the output?

THX & Cheers,
Toby.
-- 
E Pluribus Unix

----

Karlsruhe Institute of Technology (KIT)
Steinbuch Centre for Computing (SCC)
KIT-CERT

Tobias Dussa
CERT Manager, CA Manager

Zirkel 2
Building 20.21
76131 Karlsruhe, Germany

Phone: +49 721 608-42479
Fax: +49 721 608-9-42479
Email: tobias.dussa <at> kit.edu
Web: http://www.kit.edu/

KIT – University of the State of Baden-Wuerttemberg and
National Laboratory of the Helmholtz Association
Attachment (smime.p7s): application/x-pkcs7-signature, 7438 bytes
Leonid Bloch | 27 Aug 17:05 2012
Picon

DropBear on Android

Hello,

Has anyone successfully compiled and tested the latest Dropbear on Android?
If so, can you please share your modifications?

After few changes that seemed reasonable to me, I still get various error messages, and nothing works:
I've tried logging in with a random user, as well as the user that belongs to my terminal emulator app, then the error of the server was:
"Login attempt for nonexistent user from <my IP>"
When I patched further, in the spirit of what is written here: http://roycormier.net/2010/11/02/cross-compiling-dropbear-sshd-for-android
I got something about "shell is missing for the user <any user I try>"

When tried to run dbclient, the error was:
"dbclient: Exited: Unknown own user"

The error in scp was:
"unknown user 10118"

I'd appreciate any ideas or instructions.


Best regards,
Leonid.
Freddie Chopin | 31 Jul 13:07 2012
Picon

Dropbear on bare-metal ARM Cortex-M3?

Hi!

I was wondering whether it's possible (in a reasonable amount of time) to port
Dropbear to bare-metal platform - one without an OS (like Linux), but with RTOS
(FreeRTOS) that provides tasks, queues and synchronization (semaphores +
mutexes) + LwIP TCP/IP stack?

I would require a very minimal implementation of SSH server, without all
possible encryption options (the code/RAM footprint has to be low) and without
all possible features - ideally only simpliest SSH server that can pass received
strings to other parts of code and transfer strings from code via SSH to
connected client. Of course I'm talking only about command-line interface.

If Dropbear is not a good option for such task, do you have any other
recommendations?

Thx in advance for your help!

4\/3!!

FCh

Maris, Rob | 23 Jul 15:10 2012
Picon

Re: forwarding problems

Thanks for instant answering,

I was still aware of SO_REUSEADDR in dbutil.c, but could not quickly  
determine whether this also applies to forwarding channels. In any case,  
reconnect goes OK when the embedded system gets a reboot prior to poweroff  
(as could be expected).

In the problem case, the host netstat shows up
tcp        0      0 localhost.localdo:51225 localhost.localdo:10526  
CLOSE_WAIT

BTW: I'm using 0.52 on a blackfin platform.

Regarding strace: Must be prepared. Is not yet built into the root file  
system. I'll return later to it.

Rob

Note: I also noticed
     http://comments.gmane.org/gmane.network.ssh.dropbear/962
before, and the suggestions in that thread will probably be realised after  
the current problem has been solved.

Am 23.07.2012, 14:32 Uhr, schrieb Matt Johnston <matt <at> ucc.asn.au>:

> Hi,
>
> Dropbear already does SO_REUSEADDR for all listening
> sockets, see
> https://secure.ucc.asn.au/hg/dropbear/file/983a817f8e41/dbutil.c#l254
>
> Can you run strace on dbclient to see what's failing? Does
> the server log anything?
>
> Cheers,
> Matt
>
> On Mon, Jul 23, 2012 at 02:13:05PM +0200, Maris, Rob wrote:
>> Use case:
>> - embedded system running dbclient with server connection that
>> includes a port forwarding.
>> - system is powered off, and powered on again
>> - upon next boot, the following message is given:
>> dbclient: Remote TCP forward request failed (port 10526 -> 127.0.0.1:22)
>>
>> I'd believe that doing a SO_REUSEADDR via setsockopt() would resolve
>> this issue.
>> However, I'm not sure and where to implement this (in cli_tcpfwd.c?)
>>
>> Thanks for any suggestions.
>>
>> Rob

Maris, Rob | 23 Jul 14:13 2012
Picon

forwarding problems

Use case:
- embedded system running dbclient with server connection that includes a  
port forwarding.
- system is powered off, and powered on again
- upon next boot, the following message is given:
dbclient: Remote TCP forward request failed (port 10526 -> 127.0.0.1:22)

I'd believe that doing a SO_REUSEADDR via setsockopt() would resolve this  
issue.
However, I'm not sure and where to implement this (in cli_tcpfwd.c?)

Thanks for any suggestions.

Rob

Kyle Evans | 1 Jul 03:43 2012

Passphrase keys?

Hello, I do not see any mention of creating keys with a passphrase. If 
it is somehow possible, please inform. Otherwise, has there been any 
thought of adding the support? I do not feel comfortable having a free 
and clear login key on an android device, which I would like to use to 
connect to and openSSH server.

Thanks,
Kyle Evans

Egil Hjelmeland | 20 Jun 15:40 2012
Picon

dropbear and ssh subsystem

Hi
I am considering to use SSH as transport for an application protocol we 
are designing. Inspired by the NETCONF SSH binding rfc6242, I would like 
to invoke the protocol as a SSH subsystem.

I see that dropbear server does not support arbitary SSH systems. But I 
think it can be added quite easisly around line 640 in  
svr-chansession.c . A command line option "-S 
/path/to/dropbear/subsystems" could be added. When a subsystem "xxxx" 
request is received, look for executable file 
/path/to/dropbear/subsystems/xxxx, if found, execute it directly (not 
via shell).

Any thoughts on this?

Best regards
Egil Hjelmeland.

Maxim Cournoyer | 31 May 20:44 2012
Picon

OpenSSH ~/.ssh/config file equivalent?

Hello,

I'm a new Dropbear user (part of Terminal IDE for Android) and was 
wondering if Dropb3ear supports an equivalent of ~/.ssh/config to creat 
server aliases? I've searched online and haven't found the answer. 
Dropbear seems to ignore my current ~/.ssh/config file.

Thank you!


Gmane