Running dropbear as unprivileged user to a single user SSH Server

[Antoine Catton]

Hello everybody,

I am currently trying to run dropbear as unprivileged user. And the user
running it can't write or read in his home directory and have /bin/false
shell.
And I want to use RSA keys authentication (instead of password
authentication) of course.

Indeed, I would like to run dropbear as a simple SSH server, which would
ignore username. This is the idea of the patch I'm currently writing :

 * Adding the option -u (which stand for “user space”) for example. This
option would be use this way : dropbear -u userdef_file
 * The “userdef_file” would look like this :
        SHELL=/bin/bash
        HOME=/home/sample
        OTHER_ENV=foobar

Of course, it would also override the home directory where to look
for .ssh/authorized_keys.

I think it could be useful for embedded devices to have dropbear running
in user space and not supporting multiple user, and maybe for paranoid
single user as well.

I send this email to ask you if there is already a way to do that, and
or if anyone is already writing this functionality? I don't want to
duplicate the code.

If not, is the way I want to do it wrong?
If so, how should I do it?
Do you have any suggestion, question ?

Thank you.

Regards,
-- 
Antoine Catton
Nexedi Intern