Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 04 Jul 2017 07:30:08 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-ports-bugs@FreeBSD.org
Subject:   [Bug 220463] security/dropbear The generated public key is unusable by dbclient (and ssh)
Message-ID:  <bug-220463-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220463

            Bug ID: 220463
           Summary: security/dropbear The generated public key is unusable
                    by dbclient (and ssh)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs@FreeBSD.org
          Reporter: dewayne@heuristicsystems.com.au
                CC: pkubaj@anongoth.pl
             Flags: maintainer-feedback?(pkubaj@anongoth.pl)
                CC: pkubaj@anongoth.pl

Platform: FreeBSD 11.1Beta3 amd64

Thank-you for maintaining this port and expanding the options.  Which entic=
ed
me to try it.

Using key sizes from 1024 to 3072
# dropbearkey -t rsa -s 1024 -f /root/.ssh/dropbear | grep ^ssh-rsa >
/root/.ssh/id_dropbear

resulted in

# dbclient -i dropbear 10.0.55.116
dbclient: Exited: String too long

# dbclient -i id_dropbear 10.0.55.116
dbclient: Exited: String too long

Nope I meant to test the public key, in case there was any confusion, simil=
arl
for dropbearconvert (below) :/

I used=20
# dropbear -F -E -m -p 10.0.55.116:22 -r
/usr/local/etc/dropbear/dropbear_rsa_host_key
to verify that dbclient wasn't communication to the server. So the "string =
too
long" is a client issue.

I then tried converting
# dropbearconvert dropbear openssh /root/.ssh/id_dropbear /root/.ssh/test
Exited: String too long

# dropbearconvert openssh dropbear  /root/.ssh/id_dropbear /root/.ssh/test
Error: File does not begin with OpenSSH key header
Error reading key from '/root/.ssh/id_dropbear'

Seems that dropbear is only able to use ssh with passwords, which is a long=
 way
from our intended intestial destination:

# dropbear -F -E -m -p 10.0.55.116:666 -m -s -g -j -k -r
/usr/local/etc/dropbear/dropbear_rsa_host_key

Hope that you can shed some light on this one.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-220463-13>