replace dropbear with openssh-server #5

New Issue

Closed

opened 2023-01-24 04:55:50 +00:00 by PeterSurda · 3 comments

PeterSurda commented 2023-01-24 04:55:50 +00:00

Owner

Copy Link

dropbear doesn't support ed25519 keys for example

dropbear doesn't support ed25519 keys for example

lee.miller was assigned by PeterSurda 2023-01-24 06:24:41 +00:00

lee.miller commented 2023-01-24 22:40:46 +00:00

Collaborator

Copy Link

make menuconfig disagrees:

  │ ┌─────────────────────────────────────────────────────────────────────┐ │  
  │ │    [*] Curve25519 support                                           │ │  
  │ │    [ ] Elliptic curve cryptography (ECC)                            │ │  
  │ │    [*] Ed25519 support                                              │ │  
  │ │    [*] Chacha20-Poly1305 support                                    │ │  
  │ │    [ ] Enable compression                                           │ │  
  │ │    [*] Build dropbear with dbclient                                 │ │  
  │ │    [*]   Enable agent forwarding in dbclient                        │ │  
  │ │    [*] Build dropbear with scp                                      │ │  
  │ │    [ ] Enable askpass helper support                                │ │  
  │ │    [*] Enable agent forwarding                                      │ │  

$ grep DROPBE .config
CONFIG_DROPBEAR_CURVE25519=y
# CONFIG_DROPBEAR_ECC is not set
CONFIG_DROPBEAR_ED25519=y
...

`make menuconfig` disagrees: ``` │ ┌─────────────────────────────────────────────────────────────────────┐ │ │ │ [*] Curve25519 support │ │ │ │ [ ] Elliptic curve cryptography (ECC) │ │ │ │ [*] Ed25519 support │ │ │ │ [*] Chacha20-Poly1305 support │ │ │ │ [ ] Enable compression │ │ │ │ [*] Build dropbear with dbclient │ │ │ │ [*] Enable agent forwarding in dbclient │ │ │ │ [*] Build dropbear with scp │ │ │ │ [ ] Enable askpass helper support │ │ │ │ [*] Enable agent forwarding │ │ ``` ``` $ grep DROPBE .config CONFIG_DROPBEAR_CURVE25519=y # CONFIG_DROPBEAR_ECC is not set CONFIG_DROPBEAR_ED25519=y ... ```

lee.miller referenced this issue 2023-01-25 09:09:13 +00:00

Try to replace dropbear by openssh-server using imagebuilder #9

PeterSurda commented 2023-02-14 11:01:05 +00:00

Author

Owner

Copy Link

regarding ed25519, maybe it's been upgraded since I last used it, I remember it didn't work on older versions of openwrt. maybe I should retest it and revert to dropbear then.

regarding ed25519, maybe it's been upgraded since I last used it, I remember it didn't work on older versions of openwrt. maybe I should retest it and revert to dropbear then.

PeterSurda self-assigned this 2023-02-14 11:01:13 +00:00

lee.miller closed this issue 2023-02-23 15:50:49 +00:00

lee.miller commented 2023-02-23 20:56:19 +00:00

Collaborator

Copy Link

In 85c081d you might remove DISABLED_SERVICES="dropbear" instead of /sbin/service dropbear enable.

In 85c081d you might remove [DISABLED_SERVICES="dropbear"](https://git.bitmessage.org/Sysdeploy/openwrt/src/branch/main/.buildbot/openwrt/build.sh#L96) instead of `/sbin/service dropbear enable`.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

23.05.3

kernel-test

collectd-build-debug

kmod-nvme

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

lee.miller

PeterSurda

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Sysdeploy/openwrt#5

No description provided.