[Bug 220463] security/dropbear The generated public key is unusable by dbclient (and ssh)

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Jul 4 07:30:10 UTC 2017 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220463

            Bug ID: 220463
           Summary: security/dropbear The generated public key is unusable
                    by dbclient (and ssh)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs at FreeBSD.org
          Reporter: dewayne at heuristicsystems.com.au
                CC: pkubaj at anongoth.pl
             Flags: maintainer-feedback?(pkubaj at anongoth.pl)
                CC: pkubaj at anongoth.pl

Platform: FreeBSD 11.1Beta3 amd64

Thank-you for maintaining this port and expanding the options.  Which enticed
me to try it.

Using key sizes from 1024 to 3072
# dropbearkey -t rsa -s 1024 -f /root/.ssh/dropbear | grep ^ssh-rsa >
/root/.ssh/id_dropbear

resulted in

# dbclient -i dropbear 10.0.55.116
dbclient: Exited: String too long

# dbclient -i id_dropbear 10.0.55.116
dbclient: Exited: String too long

Nope I meant to test the public key, in case there was any confusion, similarl
for dropbearconvert (below) :/

I used 
# dropbear -F -E -m -p 10.0.55.116:22 -r
/usr/local/etc/dropbear/dropbear_rsa_host_key
to verify that dbclient wasn't communication to the server. So the "string too
long" is a client issue.

I then tried converting
# dropbearconvert dropbear openssh /root/.ssh/id_dropbear /root/.ssh/test
Exited: String too long

# dropbearconvert openssh dropbear  /root/.ssh/id_dropbear /root/.ssh/test
Error: File does not begin with OpenSSH key header
Error reading key from '/root/.ssh/id_dropbear'

Seems that dropbear is only able to use ssh with passwords, which is a long way
from our intended intestial destination:

# dropbear -F -E -m -p 10.0.55.116:666 -m -s -g -j -k -r
/usr/local/etc/dropbear/dropbear_rsa_host_key

Hope that you can shed some light on this one.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list