Dropbear 2018.76

Matt Johnston matt at ucc.asn.au
Thu Mar 1 22:08:49 AWST 2018


Hi Peter,
On Thu, Mar 01, 2018 at 10:37:19AM +0100, Peter Krefting wrote:
> After upgrading to 2018.76, I can no longer log in. On the dropbear end, it
> complains about not being able to read the host key (/mnt/nv is the
> non-volatile storage in my target HW):
> 
> Mar  1 11:19:03 gbprobe authpriv.info dropbear[11579]: Child connection from 10.0.30.15:50746
> Mar  1 11:19:03 gbprobe authpriv.info dropbear[11579]: Exit before auth: Couldn't read or generate hostkey /mnt/nv/dropbear_ecdsa_host_key
...
> > - Default generated ECDSA key size is now 256 (rather than 521)
> >  for better interoperability
> 
> But shouldn't it keep working with already existing host keys in the other
> format?

Yes it should. I can't immediately reproduce it here, what
flags are you giving to Dropbear? Is
/mnt/nv/dropbear_ecdsa_host_key specified with -r or as a
default config path, and are there other keyfiles? 
ssh -vvv will print the full set of negotiated algorithms,
you could send that to me (off-list if you want).

The relevant revision for that changelog note is
https://secure.ucc.asn.au/hg/dropbear/rev/016b86f03e21
you could try reverting that to confirm.

> Confusingly, the changelog calls it "local_options.h". Additionally, I found
> that the "localoptions.h" file must be placed in the build tree, not the
> source tree, when doing out-of-tree builds. This makes a lot of sense, but
> took me some time to figure out :-)

Ah, I'll fix the docs.

Thanks,
Matt



More information about the Dropbear mailing list