HOW TO setup ssh in an initrd

Matt Johnston matt at ucc.asn.au
Thu Sep 2 01:10:28 WST 2004 

On Tue, Aug 31, 2004 at 08:54:19AM -0700, voodoo voodoo wrote:
> Hi list,
> 
> What I am trying to do is have my ipaq as a server and
> my PC as a client. Also I am expecting to have all the
> ssh bins plus a small rootfs in my initrd, Basically I
> need to have control of my ipaq.
> 
> 1)	Do I have to have dropbear on both ends?

Nope, you should be able to use any SSH2 compliant client or server.

> 2)	Is there any documentation on how to put ssh in
> place on both ends and what other scripts or files do
> I need to have. I already read VPN HOW-TO and some
> other documents but there are kind of old. Could you
> please let me know a good doc. or could you explain
> all the steps that I need to follow in order to setup
> both ends (client-host). 

For the PC client, you should install whatever client you want (OpenSSH is
good for Linux, PuTTY for Windows). You could use the Dropbear client,
though at the moment it's somewhat experimental - feel free to try it if
you want.

For the ipaq, do you already have a basic environment installed? If not,
the best bet might be to look at familiar.org - their latest release has
Dropbear included (or available as an ipkg).

If you're installing to an existing environment, you need to:

- compile dropbear and install to /usr/sbin
- create a server hostkey using the "dropbearkey" program and put that at
  /etc/dropbear_rsa_host_key
- make /etc/passwd entries for any users who want to log in, and create
  their homedirs 
- Make dropbear start automatically - this will depend how your
  environment is set up - probably via a script in /etc/init.d

In terms of actually using SSH, it's functionally very similar to telnet,
except it's encrypted. SSH also has features such as allowing port
forwarding over connections, public-key authentication etc.

I'm not sure exactly where the best place to find good docs would be - the
FAQs do seem a bit out of date, though in general the basics of SSH
haven't changed much in the past few years (just products increase their
version numbers and patch security holes, with a few new features). There
is a book on SSH which could be worth looking at if you can find a copy at
a library or something, see http://www.snailbook.com/. Note that I haven't
actually looked at it - it may or may not be good.

Cheers,
Matt

More information about the Dropbear mailing list