http://bering-uclibc.zetam.org/index.php?title=Bering-uClibc_6.x_-_User_Guide_-_Basic_Configuration_-_Using_Dropbear_-_a_small_SSH_replacement&feed=atom&action=historyBering-uClibc 6.x - User Guide - Basic Configuration - Using Dropbear - a small SSH replacement - Revision history2024-03-28T11:24:11ZRevision history for this page on the wikiMediaWiki 1.26.0http://bering-uclibc.zetam.org/index.php?title=Bering-uClibc_6.x_-_User_Guide_-_Basic_Configuration_-_Using_Dropbear_-_a_small_SSH_replacement&diff=2614&oldid=prevKapeka at 16:52, 1 May 20162016-05-01T16:52:30Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 16:52, 1 May 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| summary="Navigation header" width="100%"</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| summary="Navigation header" width="100%"</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>! colspan="3" align="center" | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Using <del class="diffchange diffchange-inline">Dropbear </del>- a small SSH replacement|Basic Configuration - Using Dropbear - a small SSH replacement]]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>! colspan="3" align="center" | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Using <ins class="diffchange diffchange-inline">dropbear </ins>- a small SSH replacement|Basic Configuration - Using Dropbear - a small SSH replacement]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| width="20%" align="left"  | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Setup a small timeserver|Prev]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| width="20%" align="left"  | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Setup a small timeserver|Prev]]</div></td></tr>
</table>Kapekahttp://bering-uclibc.zetam.org/index.php?title=Bering-uClibc_6.x_-_User_Guide_-_Basic_Configuration_-_Using_Dropbear_-_a_small_SSH_replacement&diff=2612&oldid=prevKapeka: Created page with "{| summary="Navigation header" width="100%" ! colspan="3" align="center" | Bering-uClibc 6.x - User Guide - Basic Configuration - Using Dropbear - a small SSH replacement|Ba..."2016-05-01T16:50:16Z<p>Created page with "{| summary="Navigation header" width="100%" ! colspan="3" align="center" | Bering-uClibc 6.x - User Guide - Basic Configuration - Using Dropbear - a small SSH replacement|Ba..."</p>
<p><b>New page</b></p><div>{| summary="Navigation header" width="100%"<br />
! colspan="3" align="center" | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Using Dropbear - a small SSH replacement|Basic Configuration - Using Dropbear - a small SSH replacement]]<br />
|-<br />
| width="20%" align="left" | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Setup a small timeserver|Prev]]<br />
! width="60%" align="center" | [[Bering-uClibc 6.x - User Guide]]<br />
| width="20%" align="right" | [[Bering-uClibc 6.x - User Guide - IPv4 Networking|Next]]<br />
|}<br />
----<br />
<br />
<br />
==Objectives==<br />
<br />
This article describes the initial installation and configuration of the<br />
light weight ssh server <code class="filename">dropbear</code> which is part of the base Bering-uClibc<br />
distribution.<br />
<code class="filename">dropbear</code> was developed by Matt Johnston and for more information on<br />
<code class="filename">dropbear</code> itself you should visit his webpages<br />
(http://matt.ucc.asn.au/dropbear/dropbear.html).<br />
<br />
==Load the dropbear package==<br />
<br />
'''Note:'''<br />
For Bering-uClibc, <code class="filename">dropbear</code> and <code class="filename">dropbearkey</code> have been compiled into one<br />
binary, just like <code class="filename">busybox</code> that also provides different applications in one<br />
binary. Therefore only one package (<code class="filename">dropbear.lrp</code>) is needed. This is a<br />
difference from other ssh applications (<code class="filename">sshd</code>, <code class="filename">lshd</code>) used with LEAF<br />
packages, where key generation utility and daemon are provided in two<br />
separate packages.<br />
<br />
If you start with a fresh Bering-uClibc installation you can skip this step<br />
because the default <tt>leaf.cfg</tt> file provided with Bering-uClibc looks like<br />
this:<br />
LRP="root license dhcpcd keyboard shorwall dnsmasq dropbear mhttpd webconf"<br />
The package <code class="filename">dropbear.lrp</code> is loaded on startup.<br />
<br />
If you have edited leaf.cfg in the past, and <code class="filename">dropbear.lrp</code> is currently not<br />
installed on your system, you can do two things:<br><br />
- add the package again to <tt>leaf.cfg</tt> and reboot.<br><br />
- add <code class="filename">dropbear.lrp</code> to <tt>leaf.cfg</tt> and load package manually.<br />
<br />
==Key generation==<br />
If you boot Bering-uClibc and no the keys are found, they'll generated<br />
at boot time. Don't forget to save your configuration, otherwise<br />
they'll be generated again during next boot.<br />
<br />
To create new keys manually, run the command <tt>gendropbearkeys</tt>.<br />
After giving this command, sit back and enjoy a cup of coffee while your<br />
machine generates the RSA and DSS keys.<br><br />
<br />
==Set root password==<br />
Dropbear will not let you log in as "root" without a password. Set the root<br />
password with the command <code class="filename">passwd</code> while logged in as "root".<br />
<br />
==Check Shorewall rules==<br />
The default configuration of the Shorewall package provided with<br />
Bering-uClibc should allow you to login to your LEAF box with ssh from the<br />
local network. Nevertheless it is wise to make sure that this is really so.<br />
Assuming that you have not renamed the zone for the local network, this<br />
zone is called "loc". The file <code class="filename">/etc/shorewall/rules</code> should then have lines<br />
like this:<br />
<br />
###########################################################################<br />
###<br />
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL<br />
# PORT PORT(S) DEST<br />
(...)<br />
# Accept SSH connections from the local network for administration<br />
#<br />
SSH(ACCEPT) loc fw <br />
(...)<br />
<br />
If this is not the case, add these lines and backup the <code class="filename">shorwall.lrp</code><br />
package.<br />
<br />
==Finishing up==<br />
Save your configuration with '<tt>lrcfg -> s</tt>', reboot your machine and watch<br />
<code class="filename">dropbear</code> start. You can now remotely log in to your Bering-uClibc box with<br />
an ssh client or scp files from/to your Bering-uClibc box.<br />
<br />
==Miscellaneous==<br />
Note that you can't run <code class="filename">dropbear</code> and <code class="filename">sshd</code> at the same time, unless you<br />
change <code class="filename">dropbear</code> or <code class="filename">sshd</code>'s port. <br />
<code class="filename">/etc/default/dropbear</code> is the configuration file<br />
for <code class="filename">dropbear</code>.<br />
<br />
==Legal Notice==<br />
Export of cryptographic software from Australia is subject to export<br />
controls - you should ensure that you are not breaching these controls. See<br />
Crypto Law Survey for some good research.<br />
<br />
----<br />
{| summary="Navigation footer" width="100%"<br />
| width="40%" align="left" | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Setup a small timeserver|Prev]]<br />
| width="20%" align="center" | [[Bering-uClibc 6.x - User Guide - Basic Configuration|Up]]<br />
| width="40%" align="right" | [[Bering-uClibc 6.x - User Guide - IPv4 Networking|Next]]<br />
|}<br />
<br />
[[Category:Bering-uClibc 6.x]]<br />
[[Category:User Guide]]</div>Kapeka