Dropbear 2018.76

Peter Krefting peter at softwolves.pp.se
Thu Mar 1 17:37:19 AWST 2018 

Hi!

After upgrading to 2018.76, I can no longer log in. On the dropbear 
end, it complains about not being able to read the host key (/mnt/nv 
is the non-volatile storage in my target HW):

Mar  1 11:19:03 gbprobe authpriv.info dropbear[11579]: Child connection from 10.0.30.15:50746
Mar  1 11:19:03 gbprobe authpriv.info dropbear[11579]: Exit before auth: Couldn't read or generate hostkey /mnt/nv/dropbear_ecdsa_host_key

The file is there, and if I put the 2017.75 binary back, it works fine.

On the client end, I see this subtle difference when running ssh -v:

   * 2017.75 (working):
   debug1: Remote protocol version 2.0, remote software version 
dropbear_2017.75
   debug1: no match: dropbear_2017.75
   debug1: Authenticating to 10.0.30.175:22 as 'root'
   debug1: SSH2_MSG_KEXINIT sent
   debug1: SSH2_MSG_KEXINIT received
> debug1: kex: algorithm: curve25519-sha256 at libssh.org
> debug1: kex: host key algorithm: ecdsa-sha2-nistp521
   debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 
compression: none
   debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 
compression: none
   debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
   debug1: Server host key: ecdsa-sha2-nistp521 
SHA256:9bs+RuIrv2YCscwXc9W/3FsK/emloGYZGR+fw0bzj3c

* 2018.76 (failing):
   debug1: Remote protocol version 2.0, remote software version 
dropbear_2018.76
   debug1: no match: dropbear_2018.76
   debug1: Authenticating to 10.0.30.175:22 as 'root'
   debug1: SSH2_MSG_KEXINIT sent
   debug1: SSH2_MSG_KEXINIT received
> debug1: kex: algorithm: curve25519-sha256
> debug1: kex: host key algorithm: ecdsa-sha2-nistp256
   debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 
compression: none
   debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 
compression: none
   debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Connection closed by 10.0.30.175 port 22

The actual host key seems to be in the "521" format:
# strings /mnt/nv/dropbear_ecdsa_host_key 
ecdsa-sha2-nistp521
nistp521

This seems to indicate that the issue is due to this change

> - Default generated ECDSA key size is now 256 (rather than 521)
>  for better interoperability

But shouldn't it keep working with already existing host keys in the 
other format?


> Rather than modifying options.h, local options are now
> placed in localoptions.h where they will override defaults.
> The header file default_options.h lists the available
> options similar to the old options.h - it should be left
> unmodified.

Confusingly, the changelog calls it "local_options.h". Additionally, I 
found that the "localoptions.h" file must be placed in the build tree, 
not the source tree, when doing out-of-tree builds. This makes a lot 
of sense, but took me some time to figure out :-)

-- 
\\// Peter - http://www.softwolves.pp.se/

More information about the Dropbear mailing list