Preventing shells from being spawned

Korey Calmettes jessnkorey at
Sat May 17 02:21:39 WST 2008


Back in 2005, there was a post from John Daz who would like to tunnel into
an embedded system without providing a shell.  It was responded by Matt who
advised him to comment out line 70 of svr-session.c which read

I also would like to allow one embedded system to tunnel into another
embedded system without providing a shell.  I am running Dropbear 0.50.  I
commented out the same line (still on line 70) and now I am unable to log in
using dbclient.

On the server side I am running:

dropbear -r /etc/dropbearkey -s -a -p 12345

On the client side, I am running:

dbclient -p 12345 -i /etc/clientkey -y -L 80:localhost:80 -g -T

I get the following:

Host '' key accepted unconditionally.
(fingerprint md5 50:69:d1:be:84:f3:6d:1d:c7:86:de:2f:bf:b9:38:25)
Connection to root at closed.
Now if I uncomment line 70 of svr-session.c, it works flawlessly.

I don't know if it matters, however I am running this on BusyBox v1.1.3 on
an ARM9 Processor.

Any assistance would be appreciated,


-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Dropbear mailing list