Since Dropbear is built into the F/W, you can't actually replace it in the sense that you cannot remove it and put something else in its place. But you can certainly install the OpenSSH server as an alternative method while still leaving the built-in Dropbear server active to be your fallback just in case the OpenSSH server fails to run for some reason (e.g. USB-attached disk where Entware is installed does not get mounted during a reboot).Has anyone replaced the built in Dropbear SSH with OpenSSH?
I would like to do this because of this bug that still has not b een addressed.
Wondering if someone has working instructions because if you mess something up you are basically 'locked out' and have to factory default.
/usr/sbin/dropbear -p IP:PORT -s -j -k -K 15
I was considering it given dropbear doesn't support sftp/scp, but the resource footprint of OpenSSH vs Dropbear is significantly larger so decided against.Has anyone replaced the built in Dropbear SSH with OpenSSH?
I would like to do this because of this bug that still has not b een addressed.
Wondering if someone has working instructions because if you mess something up you are basically 'locked out' and have to factory default.
It does if you install the standalone Entware packageI was considering it given dropbear doesn't support sftp...
openssh-sftp-server
aptitude install dropbear-bin
mkdir -p ~/tmp ; cd ~/tmp
cp /etc/ssh/ssh_host_{ecdsa,ed25519,rsa}_key ./
# conver openssh keys to PEM (dropbearconvert can only read keys in PEM format)
ssh-keygen -p -f ssh_host_ecdsa_key -m pem
ssh-keygen -p -f ssh_host_ed25519_key -m pem
ssh-keygen -p -f ssh_host_rsa_key -m pem
# conver PEM openssh keys to dropbear format
dropbearconvert openssh dropbear ssh_host_ecdsa_key dropbear_ecdsa_host_key
dropbearconvert openssh dropbear ssh_host_ed25519_key dropbear_ed25519_host_key
dropbearconvert openssh dropbear ssh_host_rsa_key dropbear_rsa_host_key
scp dropbear_*_key admin@<ASUS_IP>:/jffs/.ssh
Hi Matteo,my two cents:
Code:aptitude install dropbear-bin mkdir -p ~/tmp ; cd ~/tmp cp /etc/ssh/ssh_host_{ecdsa,ed25519,rsa}_key ./ # conver openssh keys to PEM (dropbearconvert can only read keys in PEM format) ssh-keygen -p -f ssh_host_ecdsa_key -m pem ssh-keygen -p -f ssh_host_ed25519_key -m pem ssh-keygen -p -f ssh_host_rsa_key -m pem # conver PEM openssh keys to dropbear format dropbearconvert openssh dropbear ssh_host_ecdsa_key dropbear_ecdsa_host_key dropbearconvert openssh dropbear ssh_host_ed25519_key dropbear_ed25519_host_key dropbearconvert openssh dropbear ssh_host_rsa_key dropbear_rsa_host_key scp dropbear_*_key admin@<ASUS_IP>:/jffs/.ssh
pwd
/root/.ssh
ls -l
authorized_keys # empty
known_hosts # contains: raspberry-pi ssh-ed25519 long...ssh...key
ssh-copy-id raspberry-pi
-sh: ssh-copy-id: not found
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!