<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000099">
<font face="Helvetica, Arial, sans-serif">Latest Debian Packages are
here:<br>
<br>
gpg --keyserver subkeys.pgp.net --recv-keys 92B84A1E <br>
gpg -a --export 92B84A1E | apt-key add -<br>
<br>
& add to /etc/apt/sources.list:<br>
<br>
deb <a class="moz-txt-link-freetext" href="http://cdn.content-network.net/mirror/apt.balocco.name">http://cdn.content-network.net/mirror/apt.balocco.name</a> wheezy
main php ssh www<br>
deb-src <a class="moz-txt-link-freetext" href="http://cdn.content-network.net/mirror/apt.balocco.name">http://cdn.content-network.net/mirror/apt.balocco.name</a>
wheezy main php ssh www<br>
<br>
If you use Fail2Ban with Dropbear instructions here to run
Fail2Ban as a non root user:<br>
<br>
<a href="https://coderwall.com/p/haj28a">https://coderwall.com/p/haj28a</a><br>
<br>
My comment on that page to fix the Dropbear filter will only apply
to the official debs - the fix is included in the above packages.<br>
<br>
Also change /etc/fail2ban/jail.local logpath & filter settings
for dropbear:<br>
<br>
[dropbear]<br>
<br>
enabled = true<br>
port = 2222<br>
filter = dropbear<br>
logpath = /var/log/auth.log<br>
maxretry = 3<br>
<br>
Stuart.<br>
<br>
</font>
<div class="moz-cite-prefix">On 10/06/2013 08:49 PM, Catalin Patulea
wrote:<br>
</div>
<blockquote
cite="mid:CAE2LqHK4EDu09Guw5cht_-m9DMQ1NL1t=xEhxG9aWRU3u0S1hw@mail.gmail.com"
type="cite">
<pre wrap="">Are there any mirrors of Dropbear releases? OpenWRT used to use
<a class="moz-txt-link-freetext" href="http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/">http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/</a>
but it seems that mirror is now defunct.
On Fri, Oct 4, 2013 at 10:38 AM, Matt Johnston <a class="moz-txt-link-rfc2396E" href="mailto:matt@ucc.asn.au"><matt@ucc.asn.au></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi all,
Dropbear 2013.59 has been released. It fixes a number of
bugs, including two security issues affecting prior
releases.
- The Dropbear server could be made to consume large amounts
of memory because decompressed packet sizes weren't checked.
Depending on the OS and hardware this might be a denial of
service.
- Valid users could be identified due to timing variations.
As usual you can download it from
<a class="moz-txt-link-freetext" href="https://matt.ucc.asn.au/dropbear/dropbear.html">https://matt.ucc.asn.au/dropbear/dropbear.html</a>
Cheers,
Matt
2013.59 - Friday 4 October 2013
- Fix crash from -J command
Thanks to Lluís Batlle i Rossell and Arnaud Mouiche for patches
- Avoid reading too much from /proc/net/rt_cache since that causes
system slowness.
- Improve EOF handling for half-closed connections
Thanks to Catalin Patulea
- Send a banner message to report PAM error messages intended for the user
Patch from Martin Donnelly
- Limit the size of decompressed payloads, avoids memory exhaustion denial
of service
Thanks to Logan Lamb for reporting and investigating it
- Avoid disclosing existence of valid users through inconsistent delays
Thanks to Logan Lamb for reporting
- Update config.guess and config.sub for newer architectures
- Avoid segfault in server for locked accounts
- "make install" now installs manpages
dropbearkey.8 has been renamed to dropbearkey.1
manpage added for dropbearconvert
- Get rid of one second delay when running non-interactive commands
Releases are signed by PGP key <a class="moz-txt-link-abbreviated" href="mailto:matt@ucc.asn.au">matt@ucc.asn.au</a> 4C647FBC
D11E 5F8D 2C38 523F 57F1 2166 8CF9 F8B0 4C64 7FBC
</pre>
</blockquote>
</blockquote>
<br>
</body>
</html>