Login attempt for nonexistent user on Alpine Linux

Matt Johnston matt at ucc.asn.au
Sat Dec 2 00:53:33 AWST 2017 

Hi Hugo,

Statically linking glibc isn't sufficient to make it standalone, you need to copy the libnss libraries - glibc looks for those at runtime. Another option is to build against musl libc instead.

Cheers,
Matt

On 1 December 2017 12:51:08 pm AWST, Hugo Genesse <hugo.genesse at polymtl.ca> wrote:
>
>Hi!
>
>I've been trying to use dropbear (compiled myself statically with  
>./configure; make STATIC=1) on a Alpine Linux Docker container (Linux  
>4.13.12-1-ARCH) with the latest Alpine Docker image (3.6 if I'm not  
>mistaken). I run dropbear like this: "./dropbear -R" and can't login  
>with proper credentials. With the "-E" switch I get the following:
>
>  /root/dropbear -R -E
>[59] Dec 01 04:31:32 Running in background
>[60] Dec 01 04:31:36 Child connection from <IP>
>[60] Dec 01 04:31:36 Login attempt for nonexistent user from <IP>
>
>My credentials are right and the command to connect is: "ssh  
>root at 127.0.0.1" (the port is properly forwarded to the container).  
>With the ssh client verbose option I get:
>
>debug1: Next authentication method: password
>root at 127.0.0.1's password:
>debug1: Authentications that can continue: publickey,password
>Permission denied, please try again.
>root at 127.0.0.1's password:
>debug1: Authentications that can continue: publickey,password
>Permission denied, please try again.
>root at 127.0.0.1's password:
>debug1: Authentications that can continue: publickey,password
>debug1: No more authentication methods to try.
>root at 127.0.0.1: Permission denied (publickey,password).
>
>and the root account exists as you can see here:
>
>cat /etc/passwd
>root:x:0:0:root:/root:/bin/ash
>[...]
>
>I've seen issues that seem similar on the web:  
>https://lists.debian.org/debian-arm/2012/06/msg00056.html
>The ones I found were fixed by copying libnss to another location but  
>shouldn't a statically dropbear already solve this problem?
>
>I also have telnet activated and I can login with root (don't worry  
>this won't be put into production, it is for demonstration purposes  
>only).
>
>Is there any other things I should check or modify to be able to login 
>
>with dropbear?
>
>Thanks!

More information about the Dropbear mailing list