Allow password-less (& key-less) login via dropbear
Paul Smith
paul at mad-scientist.us
Fri Apr 3 07:02:37 WST 2009
On Thu, 2009-04-02 at 21:54 +0800, Matt Johnston wrote:
> On Thu, Mar 26, 2009 at 02:05:02AM -0400, Paul Smith wrote:
> > In openssh I can do this by setting the SSH daemon parameter to not fail
> > on empty passwords.
> >
> > Is there any interest in something like this?
>
> I guess that would be useful - patches happily accepted :)
OK, attached.
This works for me, although the implementation is slightly different in
"tone" than the existing auth checkers (for example it returns
true/false). That's because it seemed to me that the "none" method
couldn't be handled identically, especially if it continues to be
ifdef'd out with ENABLE_SVR_PASSWORD_AUTH, although if that
"requirement" is removed things could be much simpler.
Probably with enough noodling it could be made better.
> > The second thing is that a have a number of systems already deployed,
> > and they contain host keys generated by OpenSSH's keygen. However, when
> > I try to invoke the dropbear server and point it at those
> > OpenSSH-generated keys, it just fails for me with an error about a line
> > that's too long. Is it possible to get dropbear to use an
> > OpenSSH-generated host key?
>
> The dropbearconvert program can convert to/from OpenSSH
> keys, as long as they are not encrypted.
That worked perfectly. Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dropbear-needpasswd.patch
Type: text/x-patch
Size: 5109 bytes
Desc: not available
Url : http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20090402/43c3bce7/attachment.bin
More information about the Dropbear
mailing list