Hi list,<br>
<br>
I have compiled dropbear , dbclient and scp with MULTI=1 and STATIC=1
to use with my busybox1.01. I would ideally like to have access to
dropbear server from any ssh client with just password authentication
and no keys. I modified options.h to do so by<br>
<br>
#define ENABLE_SVR_PASSWORD_AUTH<br>
/*#define ENABLE_SVR_PAM_AUTH*/<br>
/*disable keys*/<br>
/*#define ENABLE_SVR_PUBKEY_AUTH*/<br>
<br>
#define ENABLE_CLI_PASSWORD_AUTH<br>
/*#define ENABLE_CLI_PUBKEY_AUTH*/<br>
<br>
also enable #define DEBUG_TRACE (doesn't work on my busybox any way)<br>
<br>
if i run the server daemon from /etc/init.d/rcS with no arguments and
no rss,dsa keys in /etc/dropbear/ then it just refuses all the
connection from any client. <br>
if i run the server daemon with rss and dsa keys then it is letting me
connect to it but is not accepting the password. I have run ssh -vv and
i am attaching the log here. <br>
<br>
Any help will be appreciate. I will also be looking at including dropbear in next release of busybox later on.<br>
<br>
<br>
Thanks<br>
<br>
Rushi<br>
<br>
<br>
OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004<br>
debug1: Reading configuration data /etc/ssh/ssh_config<br>
debug1: Applying options for *<br>
debug2: ssh_connect: needpriv 0<br>
debug1: Connecting to <a href="http://192.168.107.22">192.168.107.22</a> [<a href="http://192.168.107.22">192.168.107.22</a>] port 22.<br>
debug1: Connection established.<br>
debug1: permanently_set_uid: 0/0<br>
debug1: identity file /root/.ssh/identity type -1<br>
debug1: identity file /root/.ssh/id_rsa type -1<br>
debug1: identity file /root/.ssh/id_dsa type -1<br>
debug1: Remote protocol version 2.0, remote software version dropbear_0.46<br>
debug1: no match: dropbear_0.46<br>
debug1: Enabling compatibility mode for protocol 2.0<br>
debug1: Local version string SSH-2.0-OpenSSH_3.9p1<br>
debug2: fd 3 setting O_NONBLOCK<br>
debug1: SSH2_MSG_KEXINIT sent<br>
debug1: SSH2_MSG_KEXINIT received<br>
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1<br>
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss<br>
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,<a href="mailto:rijndael-cbc@lysator.liu.se">rijndael-cbc@lysator.liu.se</a>,aes128-ctr,aes192-ctr,aes256-ctr<br>
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,<a href="mailto:rijndael-cbc@lysator.liu.se">rijndael-cbc@lysator.liu.se</a>,aes128-ctr,aes192-ctr,aes256-ctr<br>
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,<a href="mailto:hmac-ripemd160@openssh.com">hmac-ripemd160@openssh.com</a>,hmac-sha1-96,hmac-md5-96<br>
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,<a href="mailto:hmac-ripemd160@openssh.com">hmac-ripemd160@openssh.com</a>,hmac-sha1-96,hmac-md5-96<br>
debug2: kex_parse_kexinit: none,zlib<br>
debug2: kex_parse_kexinit: none,zlib<br>
debug2: kex_parse_kexinit:<br>
debug2: kex_parse_kexinit:<br>
debug2: kex_parse_kexinit: first_kex_follows 0<br>
debug2: kex_parse_kexinit: reserved 0<br>
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1<br>
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss<br>
debug2: kex_parse_kexinit: aes128-cbc,blowfish-cbc,twofish-cbc,3des-cbc<br>
debug2: kex_parse_kexinit: aes128-cbc,blowfish-cbc,twofish-cbc,3des-cbc<br>
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5<br>
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5<br>
debug2: kex_parse_kexinit: none<br>
debug2: kex_parse_kexinit: none<br>
debug2: kex_parse_kexinit:<br>
debug2: kex_parse_kexinit:<br>
debug2: kex_parse_kexinit: first_kex_follows 0<br>
debug2: kex_parse_kexinit: reserved 0<br>
debug2: mac_init: found hmac-md5<br>
debug1: kex: server->client aes128-cbc hmac-md5 none<br>
debug2: mac_init: found hmac-md5<br>
debug1: kex: client->server aes128-cbc hmac-md5 none<br>
debug2: dh_gen_key: priv key bits set: 117/256<br>
debug2: bits set: 504/1024<br>
debug1: sending SSH2_MSG_KEXDH_INIT<br>
debug1: expecting SSH2_MSG_KEXDH_REPLY<br>
debug2: no key of type 0 for host <a href="http://192.168.107.22">192.168.107.22</a><br>
debug2: no key of type 2 for host <a href="http://192.168.107.22">192.168.107.22</a><br>
The authenticity of host '<a href="http://192.168.107.22">192.168.107.22</a> (<a href="http://192.168.107.22">192.168.107.22</a>)' can't be established.<br>
RSA key fingerprint is dc:19:53:0b:ba:ea:22:1b:54:68:c1:60:9e:63:a6:ce.<br>
Are you sure you want to continue connecting (yes/no)? yes<br>
Warning: Permanently added '<a href="http://192.168.107.22">192.168.107.22</a>' (RSA) to the list of known hosts.<br>
debug2: bits set: 531/1024<br>
debug1: ssh_rsa_verify: signature correct<br>
debug2: kex_derive_keys<br>
debug2: set_newkeys: mode 1<br>
debug1: SSH2_MSG_NEWKEYS sent<br>
debug1: expecting SSH2_MSG_NEWKEYS<br>
debug2: set_newkeys: mode 0<br>
debug1: SSH2_MSG_NEWKEYS received<br>
debug1: SSH2_MSG_SERVICE_REQUEST sent<br>
debug2: service_accept: ssh-userauth<br>
debug1: SSH2_MSG_SERVICE_ACCEPT received<br>
debug2: key: /root/.ssh/identity ((nil))<br>
debug2: key: /root/.ssh/id_rsa ((nil))<br>
debug2: key: /root/.ssh/id_dsa ((nil))<br>
debug1: Authentications that can continue: publickey,password<br>
debug1: Next authentication method: publickey<br>
debug1: Trying private key: /root/.ssh/identity<br>
debug1: Trying private key: /root/.ssh/id_rsa<br>
debug1: Trying private key: /root/.ssh/id_dsa<br>
debug2: we did not send a packet, disable method<br>
debug1: Next authentication method: password<br>
<a href="mailto:root@192.168.107.22">root@192.168.107.22</a>'s password:<br>
debug2: we sent a password packet, wait for reply<br>
debug1: Authentications that can continue: publickey,password<br>
Permission denied, please try again.<br>
<br>
<br>
<br>
<br>
<br>
<br>