Bruno Thomsen | 28 Jan 15:18 2014

Elliptic Curve host key and -R argument bug


I have observed some strange dropbear behavior with the -R argument (Create hostkeys as required) and
Elliptic Curve host keys.
The result is an extremely large temporary host key file (multiple megabytes).

SSH client: Google Chrome extension: Secure Shell 0.8.25

1) Connect to dropbear running without arguments and a single host key (ecdsa-sha2-nistp521) in /etc/dropbear/dropbear_ecdsa_host_key
2) Stop dropbear
3) Remove old host key and generate a single new host key (ecdsa-sha2-nistp256) in /etc/dropbear/dropbear_ecdsa_host_key
4) Start dropbear with -R argument
5) Reconnect to dropbear and it generate an extremely large host key (process never ends).

root <at> target:~ ll /etc/dropbear/
total 54508
dr--------    2 root     root          1024 Jan 28 13:38 .
drwxrwxr-x   19 root     root          1024 Jan 28 12:09 ..
-r--------    1 root     root           140 Jan 28 13:35 dropbear_ecdsa_host_key
-rw-------    1 root     root      55593054 Jan 28 13:39 dropbear_ecdsa_host_key.tmp377
root <at> target:~ ll /etc/dropbear/
total 66001
dr--------    2 root     root          1024 Jan 28 13:38 .
drwxrwxr-x   19 root     root          1024 Jan 28 12:09 ..
-r--------    1 root     root           140 Jan 28 13:35 dropbear_ecdsa_host_key
-rw-------    1 root     root      67316589 Jan 28 13:40 dropbear_ecdsa_host_key.tmp377
root <at> target:~ ll /etc/dropbear/
total 70657
dr--------    2 root     root          1024 Jan 28 13:38 .
(Continue reading)

Gui Iribarren | 28 Jan 14:13 2014

[REGRESSION] ssh link-local addresses fails with "Servname not supported for ai_socktype"

I bumped into an... interesting... regression introduced by

which breaks the possibility to connect to ipv6 link-local addresses, 
since '%' is actually the separator for the interface identifier.

symptom is:
# ssh fe80::f8d1:11ff:fea0:fc%wlan0
ssh: Exited: Error resolving 'fe80::f8d1:11ff:fea0:fc' port 'wlan0'.
Servname not supported for ai_socktype

and jow
kindly pointed me to this mailing list.

given it was introduced by a one-liner, maybe another one-liner could 
fix it?

Signed-off-by: Gui Iribarren <gui <at>>


diff --git a/cli-runopts.c b/cli-runopts.c
index 8ffd997..acf738e 100644
--- a/cli-runopts.c
+++ b/cli-runopts.c
 <at>  <at>  -620,7 +620,7  <at>  <at>  static void parse_hostname(const char* orighostarg) {
                 cli_opts.username = m_strdup(cli_opts.own_user);
(Continue reading)

Erik Ahlén | 23 Jan 15:18 2014

[PATCH] Save errno in signal handler

# HG changeset patch
# User Erik Ahlén <erik.ahlen <at>>
# Date 1390486572 -3600
# Node ID ea7299f800ce161f93ee8ad684a340c643620f26
# Parent  dd0bd9231fc2444d1bd0113ebeab1129a48045a8
Save errno in child signal handler as it can interfere with select.

diff -r dd0bd9231fc2 -r ea7299f800ce svr-main.c
--- a/svr-main.c        Fri Jan 17 21:42:32 2014 +0800
+++ b/svr-main.c        Thu Jan 23 15:16:12 2014 +0100
 <at>  <at>  -336,6 +336,7  <at>  <at> 
 /* catch + reap zombie children */
 static void sigchld_handler(int UNUSED(unused)) {
        struct sigaction sa_chld;
+       int old_errno = errno;

        while(waitpid(-1, NULL, WNOHANG) > 0);

 <at>  <at>  -344,6 +345,8  <at>  <at> 
        if (sigaction(SIGCHLD, &sa_chld, NULL) < 0) {
                dropbear_exit("signal() error");
+       errno = old_errno;

 /* catch any segvs */

Oliver Metz | 20 Jan 21:53 2014

Bug in rekeying


we see a bug when the rekey limit is reached. Dropbear is run on a embedded mips device. For testing purposes
we changed the define in sysoptions.h to:
#define KEX_REKEY_DATA (1<<21)

This gives the following log:
TRACE (5619) 1389521630.365826: send_msg_channel_data: len 16375 fd 0
TRACE (5619) 1389521630.372597: leave send_msg_channel_data
TRACE (5619) 1389521630.373003: send normal readfd
TRACE (5619) 1389521630.373316: enter send_msg_channel_data
TRACE (5619) 1389521630.373707: enter send_msg_channel_data isextended 0 fd 0
TRACE (5619) 1389521630.374120: maxlen 16375
TRACE (5619) 1389521630.374595: send_msg_channel_data: len 16375 fd 0
TRACE (5619) 1389521630.381393: leave send_msg_channel_data
TRACE (5619) 1389521630.381798: rekeying after timeout or max data reached
TRACE (5619) 1389521630.382441: send_msg_kexdh_init()
TRACE (5619) 1389521630.391507: DATAALLOWED=0
TRACE (5619) 1389521630.391861: -> KEXINIT
TRACE (5619) 1389521630.392163: maybe_empty_reply_queue - no data allowed
TRACE (5619) 1389521630.769376: empty queue dequeing
TRACE (5619) 1389521630.769747: maybe_empty_reply_queue - no data allowed
TRACE (5619) 1389521631.234696: process_packet: packet type = 93, len 9
TRACE (5619) 1389521631.235255: enter session_cleanup
TRACE (5619) 1389521631.235565: enter cli_tty_cleanup
TRACE (5619) 1389521631.235865: leave cli_tty_cleanup: not in raw mode
TRACE (5619) 1389521631.236376: enter chancleanup
TRACE (5619) 1389521631.236683: channel 0 closing
TRACE (5619) 1389521631.237056: enter remove_channel
(Continue reading) | 13 Jan 17:05 2014

Dropbear Portforwarding question

I have a ssh connection from my mobile phone to my homeserver like ssh -i  
my_key 4444:localhost:2222 name <at>
Dopbear is listening at mobile phone at 2222 with command #dropear -a -p  
2222 and works.
So I would like to initiate a Socks 5 Proxy connection from my firefox at  
homeserver to the mobile phone like
"ssh -i mykey -p 4444 root <at> localhost -D 55555 N" and setting in firefox  
the network connection to socks5 port 55555.

But it doesnt works. Could you help me please to find out how fix this?


Roy Tam | 15 Dec 08:49 2013

ChaCha20-Poly1305 in dropbear?

Hello list,

I read this slashdot entry:

and I wonder if dropbear will have follow up regarding this?


Mike Frysinger | 9 Dec 02:26 2013

[patch] simplify install links

there's no need to do `rm; ln` when `ln -f` will do the same thing

also, for softlinks in the bindir, just use relative ones rather than absolute

--- a/	Tue Dec 03 22:00:38 2013 +0800
+++ b/	Sun Dec 08 20:25:54 2013 -0500
 <at>  <at>  -126,15 +126,13  <at>  <at>  install: $(addprefix inst_, $(TARGETS))

 insmultidropbear: dropbearmulti
 	$(INSTALL) -d $(DESTDIR)$(sbindir)
-	-rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT)
-	-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) 
+	-ln -sf $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT)
 	$(INSTALL) -d $(DESTDIR)$(mandir)/man8
 	$(INSTALL) -m 644 dropbear.8  $(DESTDIR)$(mandir)/man8/dropbear.8

 insmulti%: dropbearmulti
 	$(INSTALL) -d $(DESTDIR)$(bindir)
-	-rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT) 
-	-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT) 
+	-ln -sf dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT)
 	$(INSTALL) -d $(DESTDIR)$(mandir)/man1
 	$(INSTALL) -m 644 $*.1  $(DESTDIR)$(mandir)/man1/$*.1

Mike Frysinger | 9 Dec 02:21 2013

[patch] fix multi install (wrt scp.1)

a change was made to the so install wouldn't fail when trying to
install scp.1.  but that fix wasn't also made to the multiscp install target.

--- a/
+++ b/
 <at>  <at>  -136,7 +136,7  <at>  <at>  insmulti%: dropbearmulti
 	-rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT) 
 	-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT) 
 	$(INSTALL) -d $(DESTDIR)$(mandir)/man1
-	$(INSTALL) -m 644 $*.1  $(DESTDIR)$(mandir)/man1/$*.1
+	if test -e $*.1; then $(INSTALL) -m 644 $*.1 $(DESTDIR)$(mandir)/man1/$*.1; fi

 # dropbear should go in sbin, so it needs a seperate rule
 inst_dropbear: dropbear
Mike Frysinger | 9 Dec 02:11 2013

[patch] fix constant relinking when using multi builds

turn dropbearmulti into a real target so we don't constantly re-link it

otherwise make has no idea what "multibinary" is and so always re-links it

--- a/
+++ b/
 <at>  <at>  -175,10 +175,10  <at>  <at>  ifeq ($(MULTI),1)

-dropbearmulti: multilink 
+dropbearmulti$(EXEEXT): $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile
+	$(CC) $(LDFLAGS) -o $ <at>  $(MULTIOBJS) $(LIBS)

-multibinary: $(HEADERS) $(MULTIOBJS) $(LIBTOM_DEPS) Makefile
-	$(CC) $(LDFLAGS) -o dropbearmulti$(EXEEXT) $(MULTIOBJS) $(LIBS)
+multibinary: dropbearmulti$(EXEEXT)

 multilink: multibinary $(addprefix link, $(PROGRAMS))

Steffen Daode Nurpmeso | 5 Dec 19:15 2013

-Y that proxies over a socket, á la -J 'nc HOST PORT'

first of all -- thanks for Dropbear.
It made me get rid of all remaining rlogin(1) use cases, because
it's so small and inexpensive!

One problem i had with plain, user mode network stack qemu(1)
hostfwd= VMs, however, which yet ended up as, e.g.,

  $ dbclient -J 'nc HOST PORT' steffen <at> crux3

The patch dbear-Y.diff implements a simple replacements of the
arguments of connect_remote(), so that the above ends up without
intermediate nc(1) proxy:

  $ dbclient -Y [HOST:]PORT steffen <at> crux3

Well, i really don't want to miss it again..
dbear-a2i-trail.diff checks that there is no trailing garbage in
the argument to m_str_to_uint(), which silently hit me when
i (stupid) tested -Y with hexadecimal port numbers.
Greetings to Beautiful Australia and ciao,

Attachment (dbear-Y.diff): text/x-diff, 4916 bytes
Attachment (dbear-a2i-trail.diff): text/x-diff, 893 bytes
Matt Johnston | 3 Dec 15:04 2013

Dropbear 2013.62 released


I've put up Dropbear 2013.62. It has only a few changes
since the 2013.61test release. The major features of 2013.61test 
are ECC support (significantly faster connections) and
generating hostkeys automatically.

Downloads as usual at or


2013.62 - Tuesday 3 December 2013

- Disable "interactive" QoS connection options when a connection doesn't
  have a PTY (eg scp, rsync). Thanks to Catalin Patulea for the patch.

- Log when a hostkey is generated with -R, fix some bugs in handling server
  hostkey commandline options

- Fix crash in Dropbearconvert and 521 bit key, reported by NiLuJe

- Update config.guess and config.sub again

2013.61test - Thursday 14 November 2013

- ECC (elliptic curve) support. Supports ECDSA hostkeys (requires new keys to
  be generated) and ECDH for setting up encryption keys (no intervention
(Continue reading)