I did a 30/30/30 before and after the flashing. I flashed the image using the ddwrt 'firmware upgrade' web interface, via LAN, and selected 'reset to default' there.
After each reboot of the router, I have to clear the ssh key from my laptop's .shh/known_hosts, as it apparently has changed on the router.
Here's the output of the requested commands, ask me if you need more info:
Code:
root@caiman:~# dropbearconvert dropbear_rsa_key openssh /tmp/root/.ssh/ssh_host_rsa_key /tmp/root/.ssh/rsa
Key is a DSS key
Segmentation fault
root@caiman:~# nvram get sshd_rsa_host_key
root@caiman:~# dropbearmulti -h
Dropbear multi-purpose version 0.52
Make a symlink pointing at this binary with one of the following names:
'dropbear' - the Dropbear server
'dbclient' or 'ssh' - the Dropbear client
'dropbearkey' - the key generator
'dropbearconvert' - the key converter
'scp' - secure copy
Joined: 07 Jun 2006 Posts: 1488 Location: the Netherlands
Posted: Mon Dec 12, 2011 20:16 Post subject:
ErMeglio wrote:
Please try:
Code:
cd /tmp/root/.ssh
dropbearconvert dropbear openssh ssh_host_rsa_key rsa
BTW, you didn't reset settings or clear nvram or do a 30/30/30 before/after upgrading, did you?
Thanks.
Heh, no I didn't (never had any problems). Then I found this thread and thought I might reply. I will try this when I get home and let you know. Thanks for your reply! _________________ Firmware: DD-WRT v24-sp2 (latest available) mega
WRT320N
Joined: 07 Jun 2006 Posts: 1488 Location: the Netherlands
Posted: Tue Dec 13, 2011 6:17 Post subject:
ErMeglio wrote:
Wow, that's weird, let's try again with a shorter string to do the same thing now, let me think about it...ok, got it, launch these three commands:
Code:
cd /tmp/root/.ssh
cp ssh_host_rsa_key orsa
dropbearconvert d o orsa rsa
this should be short enough for it to like the commands
Okay, I almost thought I might be stupid hehe, but also doesn't work. Get the same exited error... I think the command doesn't like my rsa key, for some reason. Guess I'll have to reset to factory results and enter all my settings again... _________________ Firmware: DD-WRT v24-sp2 (latest available) mega
WRT320N
Okay, I almost thought I might be stupid hehe, but also doesn't work. Get the same exited error... I think the command doesn't like my rsa key, for some reason. Guess I'll have to reset to factory results and enter all my settings again...
Don't worry, it's something about it not liking long strings you send. But I must be missing something about the real cause of this, not you, because these are not long at all lol!
We'll see if someone has a better idea, I'm out of them right now
Joined: 08 Jun 2006 Posts: 247 Location: Prince Edward Island - Canada
Posted: Tue Dec 13, 2011 12:41 Post subject:
The string too long error is caused by the format and size of the rsa file in /tmp/root/.ssh. If you look it will be about 972 bytes and if you 'cat' the file you'll see it is in openssh format (ascii file with -----begin....etc.)
If you remove the file and then delete the nvram variable:
nvram unset sshd_rsa_host_key
nvram commit
then ssh will work but it will re-generate the rsa key each time the router reboots.
I am running a RT-N13UB1 Asus router. Telnet into box confirm that this happens:
Code:
dropbearkey -t rsa -s 1024 -f rsa
Will output 1024 bit rsa secret key to 'rsa'
Generating key, this may take a while...
root@DD-WRT:~# dropbearconvert dropbear openssh rsa rsa.o
Key is a DSS key
Segmentation fault
root@DD-WRT:~#
If I erase the nvram like so:
nvram unset sshd_rsa_host_key
nvram unset sshd_dss_host_key
dropbear works on next reboot (i.e. I can ssh to box), but of course the key changes on every boot, which is not good.
How hard can it be to find one little segfault in the key gen?
It's interesting to note, that although I created a rsa key, the convert thought it was a dss key. A clue there, but I don't have source or diffs in front of me.
I can confirm that it is working on 16994, dropbear has binary rsa/dss keys, but SSH works correctly.
There were changes made in SVN at 17894, which caused the problem. There were multiple small changes, but if I get the time, I'll see if I can figure it out. Not sure why they don't just back the changes out until they are working.
Posted: Thu Dec 15, 2011 20:09 Post subject: Re: dropbearconvert segfaults on 18000 too
rickyrockrat wrote:
How hard can it be to find one little segfault in the key gen?
I tried generating OpenSSH keys with puttyGen, send them in the tmp folder and try to use dropbearconvert to convert them to dropbear's format. Key was, again, taken as dss and a segmentation fault occurred. The problem should definitively reside in the converter.
I tried sending old bin dropbearmulti in a 18000 and it works.
The included one seems badly compiled, it says to be 0.52 instead of sub-apps which still give 2011.54.