Possible SSH problems with builds 17967 and 17990

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4  Next
Author Message
chillser
DD-WRT Novice


Joined: 12 Nov 2011
Posts: 7

PostPosted: Sun Dec 11, 2011 16:53    Post subject: Reply with quote
Hi, i'm a non-expert trying to contribute to this topic.

I have an E4200 and flashed the 17990 big BS build today. ftp://dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/2011/12-09-11-r17990/broadcom_K26/dd-wrt.v24-17990_NEWD-2_K2.6_big-nv60k.bin

Before I was running the 17598 big BS build.

I did a 30/30/30 before and after the flashing. I flashed the image using the ddwrt 'firmware upgrade' web interface, via LAN, and selected 'reset to default' there.

After each reboot of the router, I have to clear the ssh key from my laptop's .shh/known_hosts, as it apparently has changed on the router.

Here's the output of the requested commands, ask me if you need more info:

Code:

root@caiman:~# dropbearconvert dropbear_rsa_key openssh /tmp/root/.ssh/ssh_host_rsa_key /tmp/root/.ssh/rsa
Key is a DSS key
Segmentation fault
root@caiman:~# nvram get sshd_rsa_host_key

root@caiman:~# dropbearmulti -h
Dropbear multi-purpose version 0.52
Make a symlink pointing at this binary with one of the following names:
'dropbear' - the Dropbear server
'dbclient' or 'ssh' - the Dropbear client
'dropbearkey' - the key generator
'dropbearconvert' - the key converter
'scp' - secure copy
Sponsor
cyberde
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 1488
Location: the Netherlands

PostPosted: Mon Dec 12, 2011 18:36    Post subject: Reply with quote
Running BS build 12/12/11 (SVN revision: 18000) and SSH still isn't working here either.

Here's the requested info of my WRT320N

Code:
root@RTRSOUBURG:~# dropbearconvert dropbear_rsa_key openssh /tmp/root/.ssh/ssh_h
ost_rsa_key /tmp/root/.ssh/rsa
Exited: String too long

root@RTRSOUBURG:~# nvram get sshd_rsa_host_key
-----BEGIN RSA PRIVATE KEY-----
<snip>
-----END RSA PRIVATE KEY-----

root@RTRSOUBURG:~# dropbearmulti -h
Dropbear multi-purpose version 0.52
<snip>


As stated here the temporary fix in http://www.dd-wrt.com/phpBB2/viewtopic.php?p=653515#653515 works.

_________________
Firmware: DD-WRT v24-sp2 (latest available) mega
WRT320N

Donater
ErMeglio
DD-WRT User


Joined: 11 Jul 2006
Posts: 104

PostPosted: Mon Dec 12, 2011 19:34    Post subject: Reply with quote
cyberde wrote:
Running BS build 12/12/11 (SVN revision: 18000) and SSH still isn't working here either.

Here's the requested info of my WRT320N

Code:
root@RTRSOUBURG:~# dropbearconvert dropbear_rsa_key openssh /tmp/root/.ssh/ssh_h
ost_rsa_key /tmp/root/.ssh/rsa
Exited: String too long


Please try:
Code:
cd /tmp/root/.ssh
dropbearconvert dropbear openssh ssh_host_rsa_key rsa

BTW, you didn't reset settings or clear nvram or do a 30/30/30 before/after upgrading, did you?
Thanks.
cyberde
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 1488
Location: the Netherlands

PostPosted: Mon Dec 12, 2011 20:16    Post subject: Reply with quote
ErMeglio wrote:

Please try:
Code:
cd /tmp/root/.ssh
dropbearconvert dropbear openssh ssh_host_rsa_key rsa

BTW, you didn't reset settings or clear nvram or do a 30/30/30 before/after upgrading, did you?
Thanks.

Heh, no I didn't (never had any problems). Then I found this thread and thought I might reply. I will try this when I get home and let you know. Thanks for your reply!

_________________
Firmware: DD-WRT v24-sp2 (latest available) mega
WRT320N

Donater
cyberde
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 1488
Location: the Netherlands

PostPosted: Mon Dec 12, 2011 21:59    Post subject: Reply with quote
I get the error: Exited: String too long... Guess that one doesn't work...
_________________
Firmware: DD-WRT v24-sp2 (latest available) mega
WRT320N

Donater
ErMeglio
DD-WRT User


Joined: 11 Jul 2006
Posts: 104

PostPosted: Mon Dec 12, 2011 22:37    Post subject: Reply with quote
cyberde wrote:
I get the error: Exited: String too long... Guess that one doesn't work...

Wow, that's weird, let's try again with a shorter string to do the same thing now, let me think about it...ok, got it, launch these three commands:
Code:

cd /tmp/root/.ssh
cp ssh_host_rsa_key orsa
dropbearconvert d o orsa rsa

this should be short enough for it to like the commands Wink
lawleo
DD-WRT Novice


Joined: 17 Sep 2011
Posts: 25

PostPosted: Tue Dec 13, 2011 4:10    Post subject: Reply with quote
I got the same problem after upgrade to 17990..... my work arround is... using the ssh in optware Laughing
_________________
Belkin N600 Play Max HD F7D4301v1
cyberde
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 1488
Location: the Netherlands

PostPosted: Tue Dec 13, 2011 6:17    Post subject: Reply with quote
ErMeglio wrote:

Wow, that's weird, let's try again with a shorter string to do the same thing now, let me think about it...ok, got it, launch these three commands:
Code:

cd /tmp/root/.ssh
cp ssh_host_rsa_key orsa
dropbearconvert d o orsa rsa

this should be short enough for it to like the commands Wink


Okay, I almost thought I might be stupid hehe, but also doesn't work. Get the same exited error... I think the command doesn't like my rsa key, for some reason. Guess I'll have to reset to factory results and enter all my settings again...

_________________
Firmware: DD-WRT v24-sp2 (latest available) mega
WRT320N

Donater
ErMeglio
DD-WRT User


Joined: 11 Jul 2006
Posts: 104

PostPosted: Tue Dec 13, 2011 7:17    Post subject: Reply with quote
cyberde wrote:

Okay, I almost thought I might be stupid hehe, but also doesn't work. Get the same exited error... I think the command doesn't like my rsa key, for some reason. Guess I'll have to reset to factory results and enter all my settings again...

Don't worry, it's something about it not liking long strings you send. But I must be missing something about the real cause of this, not you, because these are not long at all lol!
We'll see if someone has a better idea, I'm out of them right now Confused
dc
DD-WRT User


Joined: 08 Jun 2006
Posts: 247
Location: Prince Edward Island - Canada

PostPosted: Tue Dec 13, 2011 12:41    Post subject: Reply with quote
The string too long error is caused by the format and size of the rsa file in /tmp/root/.ssh. If you look it will be about 972 bytes and if you 'cat' the file you'll see it is in openssh format (ascii file with -----begin....etc.)

If you remove the file and then delete the nvram variable:

nvram unset sshd_rsa_host_key
nvram commit

then ssh will work but it will re-generate the rsa key each time the router reboots.

The same problem exists in 18000 as well.
rickyrockrat
DD-WRT Novice


Joined: 14 Dec 2011
Posts: 4

PostPosted: Thu Dec 15, 2011 6:55    Post subject: dropbearconvert segfaults on 80007 too Reply with quote
Trac is here:
http://svn.dd-wrt.com/ticket/2283

DD-WRT from here:
ftp://dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/2011/12-14-11-r18007/Asus-RTN13UB1/Asus-RTN13UB1-webflash.bin


I am running a RT-N13UB1 Asus router. Telnet into box confirm that this happens:
Code:

dropbearkey -t rsa -s 1024 -f rsa
Will output 1024 bit rsa secret key to 'rsa'
Generating key, this may take a while...
root@DD-WRT:~# dropbearconvert dropbear openssh rsa rsa.o
Key is a DSS key
Segmentation fault
root@DD-WRT:~#


If I erase the nvram like so:
nvram unset sshd_rsa_host_key
nvram unset sshd_dss_host_key

dropbear works on next reboot (i.e. I can ssh to box), but of course the key changes on every boot, which is not good.

How hard can it be to find one little segfault in the key gen?

It's interesting to note, that although I created a rsa key, the convert thought it was a dss key. A clue there, but I don't have source or diffs in front of me.

I can confirm that it is working on 16994, dropbear has binary rsa/dss keys, but SSH works correctly.

There were changes made in SVN at 17894, which caused the problem. There were multiple small changes, but if I get the time, I'll see if I can figure it out. Not sure why they don't just back the changes out until they are working.

The last good dropbear was at SVN 17312.
ErMeglio
DD-WRT User


Joined: 11 Jul 2006
Posts: 104

PostPosted: Thu Dec 15, 2011 20:09    Post subject: Re: dropbearconvert segfaults on 18000 too Reply with quote
rickyrockrat wrote:
How hard can it be to find one little segfault in the key gen?

I tried generating OpenSSH keys with puttyGen, send them in the tmp folder and try to use dropbearconvert to convert them to dropbear's format. Key was, again, taken as dss and a segmentation fault occurred. The problem should definitively reside in the converter.

I tried sending old bin dropbearmulti in a 18000 and it works.
The included one seems badly compiled, it says to be 0.52 instead of sub-apps which still give 2011.54.
Dark_Shadow
DD-WRT Guru


Joined: 31 Aug 2009
Posts: 2436
Location: Third Rock from the Sun

PostPosted: Wed Dec 21, 2011 0:36    Post subject: Reply with quote
So am I correct in assuming that if you hard reset before and after this is not an issue?
_________________
Peacock Thread-FAQ -- dd-wrt Wiki

Testing Multiple Routers -- Bootloader Collection Project -- My Wiki
Taomyn
DD-WRT User


Joined: 23 Oct 2011
Posts: 50

PostPosted: Wed Dec 21, 2011 8:05    Post subject: Reply with quote
Dark_Shadow wrote:
So am I correct in assuming that if you hard reset before and after this is not an issue?


Has never fixed it for me on my E4200
Dark_Shadow
DD-WRT Guru


Joined: 31 Aug 2009
Posts: 2436
Location: Third Rock from the Sun

PostPosted: Wed Dec 21, 2011 12:37    Post subject: Reply with quote
Taomyn wrote:
Dark_Shadow wrote:
So am I correct in assuming that if you hard reset before and after this is not an issue?


Has never fixed it for me on my E4200
Strange that all the routers I have for testing, I can not get this issue to show.
_________________
Peacock Thread-FAQ -- dd-wrt Wiki

Testing Multiple Routers -- Bootloader Collection Project -- My Wiki
Goto page Previous  1, 2, 3, 4  Next Display posts from previous:    Page 2 of 4
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum