Replacing dropbear
Home Up Partitions Replacing dropbear

 

Replacing "dropbear" with "openssh"

Note: Optional, all of the tasks shown elsewhere on this site can be carried out just as easily with the default dropbear shell as with openssh.

This is mainly just a personal preference but in the early stages of learning the system I found that the sftp facility in openssh was invaluable, especially when using the "Nautilus" file manager in Linux. With openssh-sftp installed you can browse the whole filesystem from your PC.

One important drawback with replacing dropbear is that openssh will have a different ID to dropbear meaning that switching between internal and external boot will cause security warnings.

First install "openssh":

root@zebidee:~# ipkg install openssh
Nothing to be done
An error ocurred, return value: 4.
Collected errors:
Cannot find package openssh.
Check the spelling or perhaps run 'ipkg update'
root@zebidee:~# ipkg update
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/Packages.gz
Inflating http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/Packages.gz
Updated list of available packages in /var/lib/ipkg/cross
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
native/3.10-beta/Packages.gz
Inflating http://ipkg.nslu2-linux.org/feeds/slugos-bag/
native/3.10-beta/Packages.gz
Updated list of available packages in /var/lib/ipkg/native
root@zebidee:~# ipkg install openssh
Installing openssh (4.0p1-r10) to root...
Nothing to be done
An error ocurred, return value: 1.
Collected errors:
ERROR: The following packages conflict with openssh:
dropbear
root@zebidee:~# ipkg install openssh -force-depends
Installing openssh (4.0p1-r10) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/openssh_4.0p1-r10_armeb.ipk
Installing openssh-scp (4.0p1-r10) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/openssh-scp_4.0p1-r10_armeb.ipk
Installing libcrypto0.9.7 (0.9.7g-r1) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/libcrypto0.9.7_0.9.7g-r1_armeb.ipk
Installing openssh-ssh (4.0p1-r10) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/openssh-ssh_4.0p1-r10_armeb.ipk
Installing openssh-sshd (4.0p1-r10) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/openssh-sshd_4.0p1-r10_armeb.ipk
Configuring libcrypto0.9.7
Configuring openssh
Configuring openssh-scp
update-alternatives: Linking //usr/bin/scp to scp.openssh
Configuring openssh-ssh
update-alternatives: Linking //usr/bin/ssh to ssh.openssh
Configuring openssh-sshd
Adding system startup for /etc/init.d/sshd ...
/etc/rc2.d/S09sshd -> ../init.d/sshd
/etc/rc3.d/S09sshd -> ../init.d/sshd
/etc/rc4.d/S09sshd -> ../init.d/sshd
/etc/rc5.d/S09sshd -> ../init.d/sshd
/etc/rc0.d/K09sshd -> ../init.d/sshd
/etc/rc1.d/K09sshd -> ../init.d/sshd
/etc/rc6.d/K09sshd -> ../init.d/sshd

Some notes here:

  1. My first attempt to install openssh failed as I didn't have the "feeds" loaded. "ipkg update" fixes this but the files are temporary and are lost after a reboot.
  2. My second attempt failed due to conflict with "dropbear". I can't uninstall "dropbear" yet as I'm using it to communicate with the slug.
  3. My third attempt (Highlighted in yellow) uses the "-force-depends" override. Avoid using overrides if you can help it as they turn off the safeguards that normally prevent you installing conflicting packages.

Now I reboot (though closing and reopening the connection might have been sufficient?). At this point openssh will run and generate a new identity. This will make putty complain that the host has changed. This is correct and means you've succeeded.

Now we can get rid of dropbear and install the ftp part of openssh:

root@zebidee:~# ipkg remove dropbear
Removing package dropbear from root...
Stopping Dropbear SSH server: no /usr/sbin/dropbear found; none killed.
dropbear.
update-alternatives: Linking //usr/bin/ssh to ssh.openssh
update-alternatives: Linking //usr/bin/scp to scp.openssh
 Removing any system startup links for dropbear ...
  /etc/rc0.d/K10dropbear
  /etc/rc1.d/K10dropbear
  /etc/rc2.d/S10dropbear
  /etc/rc3.d/S10dropbear
  /etc/rc4.d/S10dropbear
  /etc/rc5.d/S10dropbear
  /etc/rc6.d/K10dropbear
root@zebidee:~# root@zebidee:~# ipkg update
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/Packages.gz
Inflating http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/Packages.gz
Updated list of available packages in /var/lib/ipkg/cross
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
native/3.10-beta/Packages.gz
Inflating http://ipkg.nslu2-linux.org/feeds/slugos-bag/
native/3.10-beta/Packages.gz
Updated list of available packages in /var/lib/ipkg/native
root@zebidee:~# ipkg install openssh-sftp
Installing openssh-sftp (4.0p1-r10) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/slugos-bag/
cross/3.10-beta/openssh-sftp_4.0p1-r10_armeb.ipk
Configuring openssh-sftp
root@zebidee:~# 

As an alternative you might consider moving one of dropbear or openssh to a different port.