Skip to content

[WIP] Initial Dropbear Port/Build.

Timothy Finnegan requested to merge tfinnegan937/cookbook:dropbear_port into master

I wanted to get dropbear building, and I succeeded at that much. I had to disable a bunch of optional features, and stub a few functions.

None of the programs actually work. They aren't panicing, but they exit with various "Unexpected error" messages. I think this is as far as I want to go with this right now, so I'll leave it in the wip directory, merge what I have, and then either myself or somebody else can go forward and finish the port.

I suspect it's because we don't implement the following functions:

setegid

seteuid

setrlimit

getrlimit

I made no other functional changes to the code other than to disable the optional features in the recipe, so I suspect once these functions are implemented, dropbear will work as intended.

Running dropbear itself fails because no keys are present:

user:~# /sbin/dropbear
relibc getrlimit(4, 0x7ffffffffe60): not implemented
relibc setrlimit(4, 0x7ffffffffe60): not implemented
[127] Sep 22 23:01:30 Failed loading /etc/dropbear/dropbear_rsa_host_key
[127] Sep 22 23:01:30 Failed loading /etc/dropbear/dropbear_ecdsa_host_key
[127] Sep 22 23:01:30 Failed loading /etc/dropbear/dropbear_ed25519_host_key
[127] Sep 22 23:01:30 Early exit: No hostkeys available. 'dropbear -R' may be useful or run dropbearkey.

And running it with -R results in a failure to listen on port 22:

user:~# /sbin/dropbear -p 10.2.0.15:22 -R
relibc getrlimit(4, 0x7ffffffffe50): not implemented
relibc setrlimit(4, 0x7ffffffffe50): not implemented
[153] Sep 22 23:06:25 Failed listening on '22': Error listening: Success
[153] Sep 22 23:06:25 Early exit: No listening ports available.
user:~#

Attempting to generate keys also fails:

user:~# mkdir /home/user/.ssh
user:~# dropbearkey -t rsa -f ~/.ssh/id_dropbear
Generating 2048 bit rsa key, this may take a while...
Failed moving key file to /home/user/.ssh/id_dropbear: Function not implemented
Exited: Failed to generate key.

And connecting to a remote device currently fails:

user:~# dbclient 192.168.0.54 -p 22 -l tfinnegan
relibc getrlimit(4, 0x7ffffffffe30): not implemented
relibc setrlimit(4, 0x7ffffffffe30): not implemented

dbclient: Connection to tfinnegan@192.168.0.54:22 exited: Connect failed: unexpected failure

user:~# ping 192.168.0.54
From 192.168.0.54 icmp_seq=0 time=554051.44ms
From 192.168.0.54 icmp_seq=1 time=0.551ms
From 192.168.0.54 icmp_seq=2 time=-140733180ms
From 192.168.0.54 icmp_seq=3 time=-140733180ms

So, whoever takes up the mantle on this should be aware of these problems.

Merge request reports