execution problems and executable size questions

Alfonso Acosta alfonso.acosta at gmail.com
Mon Sep 27 11:47:49 WST 2004 

Hi:

I'm currently working to modify  USRobotics 9106/9105 routers retail
firmware so that they support sshd appart from telnetd. (see
http://babel.ls.fi.upm.es/~aacosta/twiki/bin/view/Projects/WebHome if
interested)

I managed to compile dropbear 0.43 successfuly without problems, but
now I have some questions and some problems to regarding software:

Executable Size
==========

I followed what is written in the SMALL documentation file, but I'm
unable to get executables of less than 200KB.

I know that the 110KB size was obtained for the i386 target but ...
did anyone manage to get something smaller than 200KB when compiling
to a MIPS32 target?

The routers I'm talking about only have a 2MB flash chip and, as I
stated above, I want to modify the firmware only to add sshd  (that
prevents me from removing any other file from the filesystem image).
That leaves me about 150KB of space.

Execution problems
============

Dropbear starts and even authenticates correctly, but once the user
has been authenticated correctly,  typing a single character makes the
connection drop unexpectedly.

Here is the verbose output I get from OpenSSH client

============== verbose ssh session ==================
fons at escher:~$ ssh -vvv -p 2222 admin at 192.168.200.254
OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.200.254 [192.168.200.254] port 2222.
debug1: Connection established.
debug1: identity file /home/fons/.ssh/identity type -1
debug1: identity file /home/fons/.ssh/id_rsa type -1
debug1: identity file /home/fons/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.43
debug1: no match: dropbear_0.43
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,blowfish-cbc,twofish-cbc,3des-cbc
debug2: kex_parse_kexinit: aes128-cbc,blowfish-cbc,twofish-cbc,3des-cbc
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 519/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: check_host_in_hostfile: filename /home/fons/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '192.168.200.254' is known and matches the RSA host key.
debug1: Found key in /home/fons/.ssh/known_hosts:1
debug2: bits set: 538/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/fons/.ssh/identity ((nil))
debug2: key: /home/fons/.ssh/id_rsa ((nil))
debug2: key: /home/fons/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: password
debug3: start over, passed a different list password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup password
debug3: remaining preferred: ,keyboard-interactive,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
admin at 192.168.200.254's password:
debug3: packet_send2: adding 48 (len 64 padlen 16 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: password
Permission denied, please try again.
admin at 192.168.200.254's password:
debug3: packet_send2: adding 64 (len 59 padlen 5 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: ssh_session2_setup: id 0
debug2: channel 0: request pty-req
debug3: tty_make_modes: ospeed 38400
debug3: tty_make_modes: ispeed 38400
debug3: tty_make_modes: 1 3
debug3: tty_make_modes: 2 28
debug3: tty_make_modes: 3 127
debug3: tty_make_modes: 4 21
debug3: tty_make_modes: 5 4
debug3: tty_make_modes: 6 255
debug3: tty_make_modes: 7 255
debug3: tty_make_modes: 8 17
debug3: tty_make_modes: 9 19
debug3: tty_make_modes: 10 26
debug3: tty_make_modes: 12 18
debug3: tty_make_modes: 13 23
debug3: tty_make_modes: 14 22
debug3: tty_make_modes: 18 15
debug3: tty_make_modes: 30 1
debug3: tty_make_modes: 31 0
debug3: tty_make_modes: 32 0
debug3: tty_make_modes: 33 0
debug3: tty_make_modes: 34 0
debug3: tty_make_modes: 35 0
debug3: tty_make_modes: 36 1
debug3: tty_make_modes: 37 0
debug3: tty_make_modes: 38 1
debug3: tty_make_modes: 39 0
debug3: tty_make_modes: 40 0
debug3: tty_make_modes: 41 1
debug3: tty_make_modes: 50 1
debug3: tty_make_modes: 51 1
debug3: tty_make_modes: 52 0
debug3: tty_make_modes: 53 1
debug3: tty_make_modes: 54 1
debug3: tty_make_modes: 55 1
debug3: tty_make_modes: 56 0
debug3: tty_make_modes: 57 0
debug3: tty_make_modes: 58 0
debug3: tty_make_modes: 59 1
debug3: tty_make_modes: 60 1
debug3: tty_make_modes: 61 1
debug3: tty_make_modes: 62 0
debug3: tty_make_modes: 70 1
debug3: tty_make_modes: 71 0
debug3: tty_make_modes: 72 1
debug3: tty_make_modes: 73 0
debug3: tty_make_modes: 74 0
debug3: tty_make_modes: 75 0
debug3: tty_make_modes: 90 1
debug3: tty_make_modes: 91 1
debug3: tty_make_modes: 92 0
debug3: tty_make_modes: 93 0
debug2: channel 0: request shell
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 6000 rmax 1400
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i0/0 o0/0 fd 4/5)

debug3: channel 0: close_fds r 4 w 5 e 6
Read from remote host 192.168.200.254: Connection reset by peer
Connection to 192.168.200.254 closed.
debug1: Transferred: stdin 0, stdout 0, stderr 104 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 4729.7
debug1: Exit status -1
fons at escher:~$
============== verbose ssh session ==================

I compiled dropbear using uclibc version 0.9.12. Maybe that is what
causes the problem, but that is the library version used by every
binary program supplied by USRobotics in its firmware. Can anyone
confirm me if uclibc is backwards compatible
with its previous versions?

Configure flags used:

./configure --build=mips --host=i386 --disable-zlib --disable-shadow  
--disable-syslog --disable-openpty --disable-syslog --disable-lastlog
--disable-utmp --disable-utmpx --disable-wtmp --disable-wtmpx
--disable-loginfunc --disable-pututline --disable-pututxline

I attached the modified options.h file (just in case its usefull to
find what is causing the problem)

Thanks in advance,

-- 
Alfonso Acosta
http://babel.ls.fi.upm.es/~aacosta/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: options.h
Type: text/x-chdr
Size: 11073 bytes
Desc: not available
Url : http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20040927/6800ce82/options.h

More information about the Dropbear mailing list