lb | 12 Sep 20:15 2012
Picon

Dropbear client & server errors on Android

Hi,

I successfully compiled the Dropbear client for Android, but when I try to
connect to an address it gives me the following error:
"Exited: Error resolving '<the address>'  port '<port>'. Name or service not
known"
When I try to connect using IP address - all works fine.
Is there any way to make Dropbear use some external nameserver, like 8.8.8.8? Or
any other solution you can think of?

As for the server: I fiddled with it a lot, applied different patches, overcame
numerous error messages, but the message I can't overcome now is:
"Exit before auth (user '<user>', 0 fails): Exited normally"
What can be the problem at this stage? (I'm using pubkey auth)

Thanks a lot,
Leonid.

Tobias Dussa (SCC | 30 Aug 12:39 2012

How to read from stdin with dbclient

Hi,

I'm trying to ship something to a script on a remote machine via SSH
and catch its output.

As an example, let's say that user foo on machine bar has "cat"
defined as her shell.  Thus, after connecting to bar as foo, anything
that is sent to bar is sent back.

Theoretically, piping something into the ssh command should result in
that something being thrown back.  This does indeed work as expected
when using openssh's ssh client, like this:
  echo baz | ssh -qi IDENTITY foo <at> bar

Trying the same with dbclient yields "Failed reading termmodes" for
this command:
  echo baz | dbclient -i DB_IDENTITY foo <at> bar

This points to the fact that no pty is available, which is correct, of
course, and can be prevented by using the -T switch, which tells
dbclient not to allocate a pty:
  echo baz | dbclient -T -i DB_IDENTITIY foo <at> bar

However, this is where things go wrong.  The "baz" string does still
indeed arrive at the remote server and is processed by foo's shell,
but is not printed by dbclient.  This is unfortunate as I really need
to capture the output.

So, the obvious question is, how can I get to the output?

(Continue reading)

Leonid Bloch | 27 Aug 17:05 2012
Picon

DropBear on Android

Hello,

Has anyone successfully compiled and tested the latest Dropbear on Android?
If so, can you please share your modifications?

After few changes that seemed reasonable to me, I still get various error messages, and nothing works:
I've tried logging in with a random user, as well as the user that belongs to my terminal emulator app, then the error of the server was:
"Login attempt for nonexistent user from <my IP>"
When I patched further, in the spirit of what is written here: http://roycormier.net/2010/11/02/cross-compiling-dropbear-sshd-for-android
I got something about "shell is missing for the user <any user I try>"

When tried to run dbclient, the error was:
"dbclient: Exited: Unknown own user"

The error in scp was:
"unknown user 10118"

I'd appreciate any ideas or instructions.


Best regards,
Leonid.
Freddie Chopin | 31 Jul 13:07 2012
Picon

Dropbear on bare-metal ARM Cortex-M3?

Hi!

I was wondering whether it's possible (in a reasonable amount of time) to port
Dropbear to bare-metal platform - one without an OS (like Linux), but with RTOS
(FreeRTOS) that provides tasks, queues and synchronization (semaphores +
mutexes) + LwIP TCP/IP stack?

I would require a very minimal implementation of SSH server, without all
possible encryption options (the code/RAM footprint has to be low) and without
all possible features - ideally only simpliest SSH server that can pass received
strings to other parts of code and transfer strings from code via SSH to
connected client. Of course I'm talking only about command-line interface.

If Dropbear is not a good option for such task, do you have any other
recommendations?

Thx in advance for your help!

4\/3!!

FCh

Maris, Rob | 23 Jul 15:10 2012
Picon

Re: forwarding problems

Thanks for instant answering,

I was still aware of SO_REUSEADDR in dbutil.c, but could not quickly  
determine whether this also applies to forwarding channels. In any case,  
reconnect goes OK when the embedded system gets a reboot prior to poweroff  
(as could be expected).

In the problem case, the host netstat shows up
tcp        0      0 localhost.localdo:51225 localhost.localdo:10526  
CLOSE_WAIT

BTW: I'm using 0.52 on a blackfin platform.

Regarding strace: Must be prepared. Is not yet built into the root file  
system. I'll return later to it.

Rob

Note: I also noticed
     http://comments.gmane.org/gmane.network.ssh.dropbear/962
before, and the suggestions in that thread will probably be realised after  
the current problem has been solved.

Am 23.07.2012, 14:32 Uhr, schrieb Matt Johnston <matt <at> ucc.asn.au>:

> Hi,
>
> Dropbear already does SO_REUSEADDR for all listening
> sockets, see
> https://secure.ucc.asn.au/hg/dropbear/file/983a817f8e41/dbutil.c#l254
>
> Can you run strace on dbclient to see what's failing? Does
> the server log anything?
>
> Cheers,
> Matt
>
> On Mon, Jul 23, 2012 at 02:13:05PM +0200, Maris, Rob wrote:
>> Use case:
>> - embedded system running dbclient with server connection that
>> includes a port forwarding.
>> - system is powered off, and powered on again
>> - upon next boot, the following message is given:
>> dbclient: Remote TCP forward request failed (port 10526 -> 127.0.0.1:22)
>>
>> I'd believe that doing a SO_REUSEADDR via setsockopt() would resolve
>> this issue.
>> However, I'm not sure and where to implement this (in cli_tcpfwd.c?)
>>
>> Thanks for any suggestions.
>>
>> Rob

Maris, Rob | 23 Jul 14:13 2012
Picon

forwarding problems

Use case:
- embedded system running dbclient with server connection that includes a  
port forwarding.
- system is powered off, and powered on again
- upon next boot, the following message is given:
dbclient: Remote TCP forward request failed (port 10526 -> 127.0.0.1:22)

I'd believe that doing a SO_REUSEADDR via setsockopt() would resolve this  
issue.
However, I'm not sure and where to implement this (in cli_tcpfwd.c?)

Thanks for any suggestions.

Rob

Kyle Evans | 1 Jul 03:43 2012

Passphrase keys?

Hello, I do not see any mention of creating keys with a passphrase. If 
it is somehow possible, please inform. Otherwise, has there been any 
thought of adding the support? I do not feel comfortable having a free 
and clear login key on an android device, which I would like to use to 
connect to and openSSH server.

Thanks,
Kyle Evans

Egil Hjelmeland | 20 Jun 15:40 2012
Picon

dropbear and ssh subsystem

Hi
I am considering to use SSH as transport for an application protocol we 
are designing. Inspired by the NETCONF SSH binding rfc6242, I would like 
to invoke the protocol as a SSH subsystem.

I see that dropbear server does not support arbitary SSH systems. But I 
think it can be added quite easisly around line 640 in  
svr-chansession.c . A command line option "-S 
/path/to/dropbear/subsystems" could be added. When a subsystem "xxxx" 
request is received, look for executable file 
/path/to/dropbear/subsystems/xxxx, if found, execute it directly (not 
via shell).

Any thoughts on this?

Best regards
Egil Hjelmeland.

Maxim Cournoyer | 31 May 20:44 2012
Picon

OpenSSH ~/.ssh/config file equivalent?

Hello,

I'm a new Dropbear user (part of Terminal IDE for Android) and was 
wondering if Dropb3ear supports an equivalent of ~/.ssh/config to creat 
server aliases? I've searched online and haven't found the answer. 
Dropbear seems to ignore my current ~/.ssh/config file.

Thank you!

Avner Flesch | 31 May 14:23 2012

Dropbear and PAM auth.

Hi,

 

According to the note in options.h file, PAM auth. Support only simple modules.

Is that mean that for example RADIUS authentication can’t be supported?

 

Thanks

 

Avner

 

Avner Flesch | 31 May 13:23 2012

Dropbear and libtommath

Hi,

 

Has someone did porting of math lib to tomsfastmath (instead of libtommath)?

I am using dropbear 0.52 with such a porting, and it is really reducing  the login time (I have platform with PPC 75Mhz)

But I am looking for such a porting for the new dropbear version.

 

Thanks

 

Avner

 


Gmane