nomis52.net
View Simon Newton's profile on LinkedIn

Building DropBear (SSH Server)

This isn't working yet - it's having issues authenticating clients

Dropbear is a small SSH server, if you're going to put your router "out in the wild" then it's a good idea to install it. You shouldn't be using telnet anyway.

Grab the latest dropbear package from here. Extract the sources and move into the new directory.

$ cd $PROJ_ROOT/src $ wget http://matt.ucc.asn.au/dropbear/releases/dropbear-0.44.tar.bz2 $ tar -jxf dropbear-0.44.tar.bz2 $ mv dropbear-0.44.tar.bz2 $PROJ_ROOT/archives $ cd dropbear-0.44

As decribed in the INSTALL file (you did read it didn't you?) you need to set the LDFLAGS variable to point to libz.a. You might want to make sure that libz.a exists, if it doesn't you more thank likely didn't select it when building the toolchain.

$ export LDFLAGS=$PROJ_ROOT/buildroot/build_mipsel/staging_dir/lib/libz.a

Now run ./configure with the usual cross compile arguments (output omitted):

$ ./configure --build=`config.guess` --host=mipsel-linux --prefix=$PROJ_ROOT/rootfs

Now for an important bit. Dropbear needs a source of random data, normally this comes from /dev/random. When a process tries to read /dev/random, it blocks until enough data is available. For some reason, /dev/random on my router doesn't generate any data (calls to read /dev/random block for a very long time). The solution is to change the dropbear options.h file to use /dev/urandom as a source. Edit options.h and change the line:

#define DROPBEAR_RANDOM_DEV "/dev/random"

to

#define DROPBEAR_RANDOM_DEV "/dev/urandom"

At this point you now have a number of options depending on what your trying to do. I'll assume that you want to build and install dropbear on the root filesystem.

$ make PROGRAMS=dropbear $ sudo make "PROGRAMS=dropbear" install

This should get dropbear installed on the root filesystem. You now need to generate keys for the router. This can be done using dropbearkey. Do not attempt to run this on the router, I tried and left it running overnight, it still wasn't done by morning :) .

You have two options, either recompile dropbear for your host architecture, or use a precompiled package. Dropbear is included in Debain so you can apt-get it.

Once you have dropbear installed for the host run:

$ mkdir $PROJ_ROOT/rootfs/etc/dropbear $ dropbearkey -t rsa -f $PROJ_ROOT/rootfs/etc/dropbear/dropbear_rsa_host_key

Random Notes

If you're having trouble authenticating, check if busybox was compiled with shadow password support.

If you want to compile statically (so that all required libraries are compiled into a single executable), run make with the option STATIC=1 .

Next: Building Netgear Sources