[uClibc] dropbear config

Rich Ireland rich.ireland at idahotech.com
Thu Feb 17 16:06:07 UTC 2005


Rob Landley wrote:
> Sigh.  Somebody set up the mailing list so if I hit "reply" it goes to uclibc, 
> and if I hit "reply all" uclibc is in the to field and the real author is in 
> the cc field.  I guess that means they really really really don't want me 
> replying to individuals without cc'ing the list no matter how far the topic 
> wanders off tangent, so I'll happily humor them.

Even tangents are useful sometimes.

> Most of that's about your ssh client, not about the server you're trying to 
> talk to.  Has this client successfully been able to log in via password 
> before?

Yes, it's OpenSSH on Cygwin and I use it to connect to my two 
RedHat/Fedora boxes every day.  I also see the same problem with PuTTY.

> My standard debugging technique at this point if I couldn't guess what's going 
> wrong would be to stick printfs in the ssh client and in dropbear.

After looking over the dropbear code, almost it looks like it's not 
connecting the session to a login/tty process.  The client side is quite 
happy to sit forever connected to dropbear without a login - no timeouts 
or errors until I kill the dropbear process on the target.

> If you tried both ssh and dropbear on your system and both failed the same 
> way, it's pretty obvious something is wrong with your system.  Finding out 
> can take some work.

Yes, OpenSSH exhibited similar (although I didn't collect any data to be 
sure) symptoms until I added tinylogin to the uclibc build.  But the 
tinylogin didn't work completely either.

>>The dropbear docs don't give any configuration options, so all I have is
>>the default /etc/init.d/S50dropbear script that the ucLibc creates.
> 
> In my experience, you just run it and it works.  I presume that you're running 
> dropbear as root,

Yes.

> that whatever login shell /etc/passwd says your user 
> account is using is in fact there and usable,

Yes.  I can login via serial console as root.

> that if you've got shadow 
> passwords the permissions of /etc/shadow are correct...

I think so:
# ls -l /etc/passwd /etc/shadow
-rw-r--r--    1 root     root          489 Oct  8  2004 /etc/passwd
-rw-r--r--    1 root     root          321 Oct  8  2004 /etc/shadow

Do I need an /etc/gshadow too?

> You can log in from the console on this machine, right?

Yes.

>>Does dropbear require tinylogin like OpenSSH?
> 
> 
> Don't think so.  The login is built-in, and then it spawns whatever shell you 
> have in /etc/passwd.

root shell is set to /bin/sh, it should just work.

>>It seems like just busybox isn't enough.
> 
> Possibly.  What _does_ work on this system?

The networking is running enough to ping, telnet out, and serve up 
static web pages.

-- 
Rich Ireland
Firmware Engineer - Perforce Advocate
Idaho Technology, Inc.
http://www.idahotech.com/
mailto:rich.ireland at idahotech.com




More information about the uClibc mailing list